Author |
Message |
wingman
Master Baiter
Joined: 31 Oct 2007
Posts: 156
Location: State of Confusion, USA
|
Posted:
Tue Nov 06, 2007 10:39 pm |
|
Some site I looked at yesterday has messed up my McAfee. It tells me the sigfile is old, but when I attempt to update, there is no update available. Also, McAfee Site Advisor is not functioning. It claims there is a communication problem. I try to contact McAfee, but I can't get anyone. I obviously am not doing something right.
Can anyone help? |
Last edited by wingman on Tue Nov 06, 2007 10:51 pm; edited 1 time in total |
|
|
|
kleindoofy
*** BANNED ***
Joined: 24 Oct 2004
Posts: 6248
Location: Europe
|
Posted:
Tue Nov 06, 2007 10:45 pm |
|
Moved here. (From Main Scambaiting to General Chat) |
|
|
|
|
Pastor Frank
Baiting Guru
Joined: 31 Jan 2007
Posts: 12237
|
Posted:
Tue Nov 06, 2007 10:54 pm |
|
I hate to sound facetious but I would recommend dumping McAfee. I used it for several years and had had nothing but problems with it. A total reinstall was the usual recommendation from their customer "support".
If you do choose to dump them, good luck getting all of their software off your computer. It took me over a month to hunt down all the hidden bits that they placed on my HD.
I switched to AVG (Paid version with firewall) a little over a year ago and have never looked back.
Hopefully someone can come along and give advice to your specific problem, but I just wanted to share what worked for me.
Edit: I would also suggest doing a few adware/spyware scans. What OS and browser are you running? Also, did you download anything from the "suspected" site or execute an .exe file in some other way? Just viewing a site usually will not download a nasty, especially if you are running Firefox. If you are using IE, there is a possibility that some bad JS may have run and dropped something on your system.
What makes you sure that the visited site crashed your AV?
Well, ill let you give some more detail and I am sure we can figure it out.
Welcome BTW. |
_________________ "Father Juan are sure that you are man of God,because your behaviors showed you as unbeliever" -Mary R
Last edited by Pastor Frank on Tue Nov 06, 2007 11:07 pm; edited 1 time in total |
|
|
|
wingman
Master Baiter
Joined: 31 Oct 2007
Posts: 156
Location: State of Confusion, USA
|
Posted:
Tue Nov 06, 2007 11:02 pm |
|
Thanks for your reply. I've never had any problems with McAfee before, I'm surprised now, frankly.
I'm using IE6 and Windoze xp. |
|
|
|
|
mindgames
Not quite a Newb
Joined: 20 Jun 2007
Posts: 54
Location: United States
|
Posted:
Tue Nov 06, 2007 11:03 pm |
|
I don't think we deal with that on this site, unfortunately. We just play mind games with the guys who play off a "get rich quick" syndrome and scam people over e-mail, and other anti-scam sites handle the phishing/malware scams.
I'm not a security specialist, but I do chase around malicious sites on occasion (a little more than scammers, but I'm not getting a lot of their mail anymore, so go figure). Send me a private message with a link to the site and I'll check it out (don't post it here, or someone might accidentally click the link). I load malicious pages in experimental environments all the time, and can probably tell you personally if it's malicious.
You can submit malicious pages at mirt (link below) or do a lookup/whois inquiry on the IP address to figure out who is hosting it, then send an abuse report to the ISP. Here is the link:
http://www.castlecops.com/mirt
Also, if the site looked like a Halloween theme'd page (or, depending on when you saw it, a "psycho kitty cat ecard"), then it's most likely a worm/trojan, specifically the storm worm, which is what I believe was used to attack our site. Another way to tell is if the link is an IP address (example: http://xxx.xxx.xxx.xxx/ , where xxx is any number from 0 to 255, different for each position), Finally, most of these links come from spam.
Moderators, let me know if any of my action inappropriate, as I'm not entirely sure. If it were me, I'd want some sort of feedback, and I personally chase these around independently anyway, so I'd really like to check it out. |
Last edited by mindgames on Tue Nov 06, 2007 11:05 pm; edited 1 time in total |
|
|
|
mindgames
Not quite a Newb
Joined: 20 Jun 2007
Posts: 54
Location: United States
|
Posted:
Tue Nov 06, 2007 11:05 pm |
|
Oh, by the way, I have an enterprise version of McAfee, among a few others. It can be pretty bad when it comes to threats at times, but the access control isn't too bad, unless you rely on the scanner. |
|
|
|
|
Tobias
Not quite a Newb
Joined: 01 Mar 2006
Posts: 60
Location: At the Nevernude convention, attending the seminar on chafing
|
Posted:
Tue Nov 06, 2007 11:11 pm |
|
For really tough viruses, I've always used what was formerly Ewido Anti-Spyware; it's now AVG Anti-Spyware. I had some friends who had viruses on their computer that withstood both McAfee and Norton. After I hit it with Ewido and removed (get this) 12,000 infected files, it was perfectly clean.
Just use the 30 day trial. Good luck! |
_________________ Me still to similar government a pie of honey - Lena Something-or-Other |
|
|
|
Pastor Frank
Baiting Guru
Joined: 31 Jan 2007
Posts: 12237
|
Posted:
Tue Nov 06, 2007 11:15 pm |
|
My first step would be to install Firefox and NoScript. (Both Free)
Dump Mcafee and get AVG (Free) and do a scan.
Download Adware SE and SpyBot S&D and run a scan with both. (Both are free)
And go from there.
I can PM all 4 links if needed, but just type them onto the Google and they will lead you there.
I have some more fancy detection tools on the second page here...
http://bravodelta.servemp3.com/viewtopic.php?t=117865
They are a bit more technical, So your mileage may vary depending on how computer savvy you are. |
_________________ "Father Juan are sure that you are man of God,because your behaviors showed you as unbeliever" -Mary R |
|
|
|
mindgames
Not quite a Newb
Joined: 20 Jun 2007
Posts: 54
Location: United States
|
Posted:
Tue Nov 06, 2007 11:18 pm |
|
I'm not sure about how good the different anti-viruses are. I had some failures on the part of McAfee, but everything else failed too. Eventually AVG picked up the ball.
Second, if it's spyware/adware (super-slow computer and/or pop-ups everywhere), SpyBot S&D and Ad-Aware Free Version are good at cleaning it out, and both are free. |
|
|
|
|
Pastor Frank
Baiting Guru
Joined: 31 Jan 2007
Posts: 12237
|
Posted:
Tue Nov 06, 2007 11:22 pm |
|
^^^There are 2 of the links I mentioned.
Here are the other 2.
http://www.mozilla.com/en-US/firefox/
http://noscript.net/
Edit: Waits for the first person to post "... or get a Mac" |
_________________ "Father Juan are sure that you are man of God,because your behaviors showed you as unbeliever" -Mary R |
|
|
|
kleindoofy
*** BANNED ***
Joined: 24 Oct 2004
Posts: 6248
Location: Europe
|
Posted:
Tue Nov 06, 2007 11:25 pm |
|
wingman wrote: |
... nasty virus? I got while scambaiting. ... Some site I looked at yesterday ... |
Huh? Were you baiting a pr0n spammer? |
|
|
|
|
Pastor Frank
Baiting Guru
Joined: 31 Jan 2007
Posts: 12237
|
Posted:
Tue Nov 06, 2007 11:27 pm |
|
^^^
I didn't want to be the first ask... |
_________________ "Father Juan are sure that you are man of God,because your behaviors showed you as unbeliever" -Mary R |
|
|
|
Breddan Butter
Retired Moderator
Joined: 09 Dec 2003
Posts: 4170
Location: Soligorsk, Belarus
|
Posted:
Tue Nov 06, 2007 11:31 pm |
|
Quote: |
"I need help with nasty virus? I got while scambaiting". |
What a strange topic title.
What the hell has scambaiting got to do with you getting a virus?
Why didn't you entitle your thread "I got a virus"
Keep it simple and you may even get simple and straightforward responses. |
_________________ Можно заплатить кредитной карточкой ?
Пошёл на хуй, мудак !!!
(x4)
My IP address is 217.21.39.255. (86.57.134.49 on Sundays) Please don't come knocking on my door. |
|
|
|
mindgames
Not quite a Newb
Joined: 20 Jun 2007
Posts: 54
Location: United States
|
Posted:
Tue Nov 06, 2007 11:38 pm |
|
In response to what Pastor Frank says, don't worry too much about removing McAfee yet, unless it interferes with the other ones. Just worry about cleaning off the crapware (if any). If you uninstall McAfee, you'll have to wait a while for it to finish (time better spent running a scan with something else), then you'll have to restart the computer. Plus, you might have to deal with the residue from McAfee's framework service.
Edit: McAfee can have very poor customer service. It doesn't mean you're doing anything wrong.
You say you're running Internet Explorer 6? Seriously, use Firefox instead. Internet Explorer, especially version 6 (more so if you have ActiveX enabled) is just asking for trouble. Firefox (especially if it has NoScript) is far more secure. Always use protection when surfing.
kleindoofy, it doesn't necessarily have to be p0rn. Signing up for the shuttle got me a whole bunch of viral e-mail, usually with links to a (non-p0rn) site that has a well-done exploit. The Storm Worm, which is what I think was responsible for the DoS, usually operates that way, and by my experience, it can be very good at disabling anti-virus software, if it runs first. |
|
|
|
|
wingman
Master Baiter
Joined: 31 Oct 2007
Posts: 156
Location: State of Confusion, USA
|
Posted:
Tue Nov 06, 2007 11:40 pm |
|
I'm pretty sure I got it while checking out a PayPal phishing site.
Off to try the scan suggested. |
|
|
|
|
Pastor Frank
Baiting Guru
Joined: 31 Jan 2007
Posts: 12237
|
Posted:
Tue Nov 06, 2007 11:43 pm |
|
^^^If one is dumb enough to open the attachment. |
_________________ "Father Juan are sure that you are man of God,because your behaviors showed you as unbeliever" -Mary R |
|
|
|
kleindoofy
*** BANNED ***
Joined: 24 Oct 2004
Posts: 6248
Location: Europe
|
Posted:
Tue Nov 06, 2007 11:44 pm |
|
^^^^
Pastor Frank wrote: |
^^^
I didn't want to be the first ask... |
Ditto. |
|
|
|
|
Breddan Butter
Retired Moderator
Joined: 09 Dec 2003
Posts: 4170
Location: Soligorsk, Belarus
|
Posted:
Tue Nov 06, 2007 11:47 pm |
|
wingman wrote: |
I'm pretty sure I got it while checking out a PayPal phishing site |
So . . . . . . . . back to my previous post . . . . . . why the " . . . . I got while scambaiting" suggestion?
What has scambaiting got to do with your problem? |
_________________ Можно заплатить кредитной карточкой ?
Пошёл на хуй, мудак !!!
(x4)
My IP address is 217.21.39.255. (86.57.134.49 on Sundays) Please don't come knocking on my door. |
|
|
|
Pastor Frank
Baiting Guru
Joined: 31 Jan 2007
Posts: 12237
|
Posted:
Tue Nov 06, 2007 11:52 pm |
|
Or try this.
kleindoofy wrote: |
Wrap, crush, and tape |
|
_________________ "Father Juan are sure that you are man of God,because your behaviors showed you as unbeliever" -Mary R |
|
|
|
mindgames
Not quite a Newb
Joined: 20 Jun 2007
Posts: 54
Location: United States
|
Posted:
Tue Nov 06, 2007 11:54 pm |
|
You could say the same thing about scammers' victims' stupidity for sending Western Union money orders, but it doesn't help the matter much. Many computer users don't think anything about their anti-virus suddenly ceasing to function, or don't want to say anything out of embarrassment, or some combination of the 2. I don't think it's really very nice to call someone dumb when they come looking for help, however off topic it may be. If I had a virus (and weren't running experiments on them) or got scammed, then I certainly wouldn't want to get called that when I asked for help. No offense, that's just my personal view. Feel free to take it or leave it.
Getting a virus off a PayPal phishing site doesn't make much sense. e-mail attachments maybe, and I'd suspect a keylogger if that same e-mail had an attachment, but I couldn't really say unless I personally got the e-mail, or at least knew which site it was. |
Last edited by mindgames on Tue Nov 06, 2007 11:58 pm; edited 1 time in total |
|
|
|
wingman
Master Baiter
Joined: 31 Oct 2007
Posts: 156
Location: State of Confusion, USA
|
Posted:
Tue Nov 06, 2007 11:57 pm |
|
I don't open attachments unless I know the person in RL. I haven't opened any attachments in weeks.
I suspect an Active X or something similar snuck in. |
|
|
|
|
Otterfan
Baiting Guru
Joined: 14 Mar 2007
Posts: 2481
Location: UK -- land of otters and non-otters
|
Posted:
Wed Nov 07, 2007 12:02 am |
|
^^ Right! That explains the "I got while scambaiting." part of your title!
You were busy scam-baiting, totally distracted, and an Active X control sneaked in there while you weren't looking. Of course! |
_________________ PARVA QVOQVE PARS ESSENTIAE LVTRAE SVPERARI NON POTEST
"I have to sale something now to be able to drink water." -- Alice Idris on safari in Cotonou
"why did you waste my time like this why." -- US Army Captain William D Swenson
<--TS certified.
|
|
|
|
wingman
Master Baiter
Joined: 31 Oct 2007
Posts: 156
Location: State of Confusion, USA
|
Posted:
Wed Nov 07, 2007 12:05 am |
|
Jesus H Christ. Sorry I asked.
I never had any problems before I started playing around with these scammers, and OBVIOUSLY I wasn't sufficiently protected. I'm trying to fix it, and all you ^$%$# want to do is give me a hard time about how I posed the GD question.... |
|
|
|
|
Nanny Ogg
Baiting Guru
Joined: 19 Mar 2007
Posts: 2628
|
Posted:
Wed Nov 07, 2007 12:16 am |
|
I usually use AVG free ( grisoft ) but try Avast
Its also free and the one good thing about it is that the first time you use Avast it will go through the screening before windows boots up.
Some viruses are nasty in that they get in and disable your security then stop you getting onto any site that may help get rid of them.
I also have firewall ( PC tools ) and Spybot S D on my main pc |
|
|
|
|
mindgames
Not quite a Newb
Joined: 20 Jun 2007
Posts: 54
Location: United States
|
Posted:
Wed Nov 07, 2007 12:16 am |
|
^---<<re-emphasizes my point about calling someone dumb when they ask for help>>
wingman, I sent you a private message asking for some more details. Though I think the many scanners pointed to earlier have a decent shot at fixing the problem. I can't tell what it is unless I can look at it.
I think the title was just from a confused Windows user who isn't sure why their anti-virus stopped working, and rightfully suspects foul-play online. However, wingman, malware is rarely connected to 419 scamming. Identity theft maybe, but most of the scammers we deal with are just stupid guys sending out mass e-mails with horrible grammar convincing some fraction, however small, to send them money to "get rich", not the ones who write viruses or create phishing sites. Some create fake sites of their own (not the same as phishing) to help them trick users, or otherwise get information, but I've never seen any that distributed viruses.
I hope nobody is offended by anything I said. |
|
|
|
|
|