Comments for PonderEthereal » PonderEthereal - Asperger’s Syndrome, Reviews, Spirituality, Parenting http://www.ponderethereal.com Putting the Odd in Goddess - Asperger's Syndrome, reviews, spirituality, parenting and life Thu, 11 Mar 2010 23:00:51 +0000 http://wordpress.org/?v=2.6.3 Comment on How to Remove Antivirus Soft Malware by Cassandra http://www.ponderethereal.com/how-tos/how-to-remove-antivirus-soft-malware#comment-50141 Cassandra Tue, 02 Mar 2010 22:11:51 +0000 http://www.ponderethereal.com/?p=4971#comment-50141 Ah. Who knows. It appears that Antivirus Soft has been around for a while. The removal instructions I found didn't address a few of it's most annoying removal avoidance techniques so it appears to be frequently updated - so I would imagine that how it gets onto a computer also has changed. In my case, I went to a website (a specific roller derby website) and as the page loaded, it was downloaded and I started getting the popups from it almost immediately. I didn't click on anything on the page so it had to been in a script that runs when you load the page. FWIW, there was no streaming video on this page. Because I know the site and know it's not a malicious site, it had to have been in an ad somewhere on their page. That means, it was likely javascript. If javascript is the vehicle, that would account for it being associated with streaming video, which can be done (but not always the case) with javascript. I haven't gone back to the page to find out. ;p Ah. Who knows. It appears that Antivirus Soft has been around for a while. The removal instructions I found didn’t address a few of it’s most annoying removal avoidance techniques so it appears to be frequently updated - so I would imagine that how it gets onto a computer also has changed.

In my case, I went to a website (a specific roller derby website) and as the page loaded, it was downloaded and I started getting the popups from it almost immediately. I didn’t click on anything on the page so it had to been in a script that runs when you load the page. FWIW, there was no streaming video on this page. Because I know the site and know it’s not a malicious site, it had to have been in an ad somewhere on their page. That means, it was likely javascript. If javascript is the vehicle, that would account for it being associated with streaming video, which can be done (but not always the case) with javascript.

I haven’t gone back to the page to find out. ;p

]]> Comment on How to Remove Antivirus Soft Malware by Michael http://www.ponderethereal.com/how-tos/how-to-remove-antivirus-soft-malware#comment-50140 Michael Tue, 02 Mar 2010 14:29:10 +0000 http://www.ponderethereal.com/?p=4971#comment-50140 Just a stab in the dark recalling odd stuff happening just prior to the problem... (I'm still wondering how AV Soft got into my system.) I had a problem in Google Earth (which I just installed the day of the earthquake in Chile) that caused an error in ialmrnt5 driver. This happened just before the virus hit me. Now I am reading about an exploit that was identified back in 2006 (in version 6.14.10.4308 of the driver) that allowed a Denial of Service attack. Just wondering if this might be a new exploit in version .6.14.10.4421. I have also read that this thing may be getting in via streaming video (which I had tried to access some webcams the day of the tsunami warnings for Hawaii.) One thing I did notice also... I had been browsing the internet at the same time the error occurred. After restarting... my Firefox history for that day had vanished. Just a stab in the dark recalling odd stuff happening just prior to the problem… (I’m still wondering how AV Soft got into my system.)
I had a problem in Google Earth (which I just installed the day of the earthquake in Chile) that caused an error in ialmrnt5 driver. This happened just before the virus hit me.
Now I am reading about an exploit that was identified back in 2006 (in version 6.14.10.4308 of the driver) that allowed a Denial of Service attack. Just wondering if this might be a new exploit in version .6.14.10.4421. I have also read that this thing may be getting in via streaming video (which I had tried to access some webcams the day of the tsunami warnings for Hawaii.)
One thing I did notice also… I had been browsing the internet at the same time the error occurred. After restarting… my Firefox history for that day had vanished.

]]> Comment on How to Remove Antivirus Soft Malware by Cassandra http://www.ponderethereal.com/how-tos/how-to-remove-antivirus-soft-malware#comment-50138 Cassandra Mon, 01 Mar 2010 16:22:38 +0000 http://www.ponderethereal.com/?p=4971#comment-50138 I did read about Malwarebytes and tried it but in the midst of obviously having Antivirus Soft on my computer, Malwarebytes didn't find anything. FWIW, neither did Symantec or Lavasoft though. Unless it's something in a third party game, I don't think facebook allows enough latitude in the code a publisher can post to facebook to post something CAPABLE of infecting anyone with it. You certainly couldn't in a fan page or an ad. That said, there are some shady groups and fan pages on facebook for getting 'a dislike button' or to 'see whos spying on you' that include instructions to install plugins and such that could very well be infected. I did read about Malwarebytes and tried it but in the midst of obviously having Antivirus Soft on my computer, Malwarebytes didn’t find anything. FWIW, neither did Symantec or Lavasoft though.

Unless it’s something in a third party game, I don’t think facebook allows enough latitude in the code a publisher can post to facebook to post something CAPABLE of infecting anyone with it. You certainly couldn’t in a fan page or an ad.

That said, there are some shady groups and fan pages on facebook for getting ‘a dislike button’ or to ’see whos spying on you’ that include instructions to install plugins and such that could very well be infected.

]]>