The Mother Board
"Hey"

 
Post new topic   Reply to topic    The Mother Board Forum Index -> Virus/Spyware/Security
View previous topic :: View next topic  
Author Message
c327
Black Belt 4th Degree
Black Belt 4th Degree


Joined: 27 Feb 2004
Posts: 4034
Location: Saint Augustine Florida

PostPosted: Thu Jun 21, 2012 1:35 am    Post subject: "Hey" Reply with quote

Recently I talked to a few people who caught the "Hey" nasty via their email program, I was not included in that deal. I don't open anything that looks even the slightest suspicious.

My guess is that someone opened an infected email that went on to send itself to every person that was entered in their Address Book or list of Contacts. From there it just spread like wild fire.

I really am not sure if this was a virus or just spam and just what was it supposed to do besides mail itself to others? How deep a roots does this nasty plant itself in ones P.C.? Are passwords compromised?
_________________
“Respect cannot be learned, purchased or acquired - it can only be earned” "Pay It Forward"
Back to top
View user's profile Send private message
evasive
Mobo-fu Master
Mobo-fu Master


Joined: 06 May 2001
Posts: 36700
Location: Netherlands, Breda

PostPosted: Thu Jun 21, 2012 2:36 am    Post subject: Reply with quote

There's a few messages around the internet on this one, normally chaning your email password and using a decent and recent virusscanner will take care of it. It's already signaled in the wild as early as 2009 so more than likely someone was thinking they can run windows with _no_ virus scanner.
_________________
We hate rut, but we fear change.



System error, strike any user to continue...
Back to top
View user's profile Send private message Send e-mail Visit poster's website Yahoo Messenger MSN Messenger
c327
Black Belt 4th Degree
Black Belt 4th Degree


Joined: 27 Feb 2004
Posts: 4034
Location: Saint Augustine Florida

PostPosted: Thu Jun 21, 2012 12:03 pm    Post subject: Reply with quote

evasive wrote:
There's a few messages around the internet on this one, normally chaning your email password and using a decent and recent virusscanner will take care of it. It's already signaled in the wild as early as 2009 so more than likely someone was thinking they can run windows with _no_ virus scanner.


Is this a virus or Spam??

Can a person who gets this nasty consider their P.C. as being hacked?

What was this nasty supposed to accomplish any way besides aggravating people ???

I know at least 2 people real good that caught this and was redelivered via their email program with out them knowing about it. These two people are senior citizens and probably don't know too much about protecting their P.C's until something happens and by then most of their friends have been given it.
_________________
“Respect cannot be learned, purchased or acquired - it can only be earned” "Pay It Forward"
Back to top
View user's profile Send private message
Karlsweldt
Mobo-fu Master
Mobo-fu Master


Joined: 12 Nov 2003
Posts: 19017
Location: 07438

PostPosted: Fri Jun 22, 2012 5:16 am    Post subject: Reply with quote

Listed as an ASPTrojan.
Do the proper steps for removal, first disabling the 'restore' feature of the OS. Then cleansing with anti-malware and anti-virus program in 'safe' mode, where the nasty is less likely to be active and in stealth mode. Then after a few restarts to ensure it is gone, enable the 'restore' feature.
One line from that page reads as:
Quote:
NEVER accept unsolicited file attachments, even if they appear to be from someone you know.

Ridding a system of a Trojan or virus is not simple. There may be 'threads' generated by the primary invader in many files.. including the System Registry and other critical files! The longer it resides, the deeper it roots itself.
With Emails, avoid those "pass this on" plea. You will be giving your Email address to many unknown people.. and hackers!!!!!!!
_________________
F@H.. to solve mankind's maladies.. in our lifetimes!
Back to top
View user's profile Send private message
c327
Black Belt 4th Degree
Black Belt 4th Degree


Joined: 27 Feb 2004
Posts: 4034
Location: Saint Augustine Florida

PostPosted: Fri Jun 22, 2012 9:00 pm    Post subject: Reply with quote

I see this nasty has been in the wild for some time....

I was wondering that if a PC became infected with a deeply rooted nasty that required the user to reload the O.S. and prior to doing so backed up their important files they had stored on the infected PC and then reloaded the files etc. back on the newly reloaded O.S. if they were in fact possibly reloading the nasty at the same time????
_________________
“Respect cannot be learned, purchased or acquired - it can only be earned” "Pay It Forward"
Back to top
View user's profile Send private message
Karlsweldt
Mobo-fu Master
Mobo-fu Master


Joined: 12 Nov 2003
Posts: 19017
Location: 07438

PostPosted: Sat Jun 23, 2012 9:18 am    Post subject: Reply with quote

c327 wrote:
I see this nasty has been in the wild for some time....

I was wondering that if a PC became infected with a deeply rooted nasty that required the user to reload the O.S. and prior to doing so backed up their important files they had stored on the infected PC and then reloaded the files etc. back on the newly reloaded O.S. if they were in fact possibly reloading the nasty at the same time????


Very possible! A virus can become part of the transfer, and the only way to get rid of it when restoring files is to first scan the drive from a known-clean system via USB or other non-internal connection.
When it comes to the need to reinstall an OS, the safest way is to first delete any existing partitions on the drive, then shut down with none formed.. powering off for a few seconds. This ensures that no resident traces will be in system memory. And with no partitions on the drive, no means of a virus to reside.
The OS install disk can do this process. After a restart, then boot directly to the OS install disk and all should be OK.
A warning with "package" systems.. there likely is a hidden partition on the drive, may be about 20 gigs or so.. of system drivers and other data. Hopefully, this was copied off when the system was purchased. But try to save that partition, or you will need to search for specific drivers for that system! Hopefully, if there, it has not been infected. But do a scan of that resource to ensure it is clean.
_________________
F@H.. to solve mankind's maladies.. in our lifetimes!
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    The Mother Board Forum Index -> Virus/Spyware/Security All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2002 phpBB Group