Just spent the last hour getting rid of a weird virus that redirected me to random sites

can anybody explain what this was? it was very weird

Viruses are made by people who just want to piss others off.
There is no real explanation to it, unless you want to get technical.

Sounds like Stumbleupon.

The amount if times I've had to clean up the computers at work that do this because someone installed some "awesome coupon program" >_<

There's a bunch of malware like that.

Yup got a nasty virus called the vundoo virus on a laptop of mine that kept directing me to a website for "Free anti-virus" scanning. Never really got it removed since it imbedded itself in the window folder amongst the system stuff. As said there are people there that are just jackasses that make stuff to screw with other people's lives. They do it cause they get bored and have nothing better to do with their lives which is kind of sad or pathetic.

More likely than the sad/pathetic thing is that they can steal card details and take your money. Money is a better motivater than boredom.

Very few viruses were designed to piss you off. Most have some method of making money, either by stealing your information (such as bank account information), by having you visit ad sites that they are affiliated with and therefore obtain money, having you join a botnet that they can then sell on the black market, or some other method.


If already have a policy in place blocking IE or setting IE settings for "Launching Applications and Unsafe Files" to Block, then in Firefox you can use https://addons.mozilla.org/en-US/firefox/addon/public-fox/ to block .exe, .msi, .jar, .bat, .zip, and .reg downloads

This is of course assuming you are the sysadmin (or can get the approval of your boss)

For example, at my work, I can't explicitly block IE due to it being necessary for a program used, so instead for the user trying to launch IE I created a page on our web server that is the following:

                                                        
                        Goodbye.                
        

and it is an enforced home page.

This automatically kills IE when it is launched (they don't even get to see the Goodbye message). If they were clever it would be easy to bypass, but it's more than enough to foil their inappropriate use of IE while still allowing IE to be called by the other applications and display content within iframes no issue.

If I may ask, what AntiVirus application and web browser were/are you running? Yes, I know, every AV app. & browser have weaknesses, none are perfect. Just curious.


Heh, one of my SILs crashed her entire workplace's systems by giving permissions to & playing a browser flash game loaded with nasties. She managed to remain anonymous from the very angry IT people out looking for blood as it was a multi-user workstation. And no, she nevah evah did it again.

Problem right now is the particular comp is an old pos that I can't get in to safe mode due to corrupted unrelated files... We don't have an instal disk kicking around so I can't fix it and when I'm at work I don't have time to take care of it another way... (busy doing my actual job... the it guy failed to remove it yay)

At this point I've simply thrown excessive protection and limits up on firefox and deleted the IE icon (lol ya that worked they dont use IE anymore

The program thats left is just a site that randomly redirects to the place it had coupons for and that seems to be all it does from what I've researched as it was something intentionally installed...

At this point I just don't care and just don't let it redirect me... Like I said no time/ tired of fixing it

Thanks for the tip though... I'm sure when I get some free time again at work and get it removed I'l have to consider doing that.

Thing isnt even detected by spybot/malwarebytes/avg anymore >_<... honestly I'm secretly hoping it just blows up so i can just format it or convince the boss to get a new comp... its go so much crap built up over the years...

microsoft security essentials

Told you I'd get bored and fix it... I think I finally have the whole thing removed, it was hiding pretty well, none of the standard software could detect it (malewarebytes etc)

My solution to keep people off IE is a little less eloquent I just told it to use a proxy and set that to 0.0.0.0 so now it just won't connect to the internet ^_^

Bleh I'm an idiot and forgot MSN uses that too... hmm I'm not too sure how to even accomplish your method... I don't do too much networking stuff (and ours is just set up like a home network since it's only a couple computers)

Using my not considerable knowledge about computer software, sounds like you were pressing "I'm Feeling Lucky" on http://www.youtube.com/user/QuoteClip#p/u/62/NhQ0DibXdHU.

Avast! is better... it has internet security.

Avast! isn't free and from what my dad has told me(who as far as I'm concerned is the Greek god of the computer) there isn't really much difference between any of the antivirus programs.

No, it's free. And there are some big differences between some antivirus programs.

Let's not turn this into a "which antivirus is better" war guys.

OP, I had a virus like that on my old computer once. It was very annoying. No idea where it came from. :brokencomputer:

My father used to work as a computer repairman/assistant/why-won't-it-work-man, and he often saw people having serious computer issues, like viruses, but they never wanted to tell why. "Oh no, I've not been to any of those sites"... but still, computer is loaded with suspicious torrents, web browser is full of porm sites and no anti-virus. Customer, of course, knows nothing about it. "It must have been Billy-The-Conveniently-Absent, he uses the computer more than I do!"

Viruses don't just jump on your computer. There is always a rational explanation - to everything. Common sense is the best anti-virus they say, and it's right. I haven't had a single virus in my life thanks to smart use. No clicking popups, no opening suspicious e-mails, stick to popular sites if there are plenty to choose from. Download only certified items you know other people are using.

Of course there is the possibility of hijack, website security breach and the like but 99 out of 100 it's because of user stupidity. But good stupidity mind you, as it means easy money to the experts!

Reformat is the best antivirus program anyway.

Install Apache Web server on one of the computers and then make my file the index.html file in the www folder. Set it as the home page for IE on all the computers. Then, for Firefox, use Public Fox to restrict what crap they can download


Nope. It's called http://en.wikipedia.org/wiki/Dns_poisoning


While Avast! does provide much better protection (I use it solely for the script and web shield) it does have a higher false positive rate than MSE. Personally I think for actually being a proactive AV (MSE is merely reactive offering only basic real-time scanning) it is worth it, but I can see how others may not.


Avast! 4 Home is free for home use, and different AVs are most definitely not equal, most aren't even in the same ballpark as any given other one.


You may be correct for plain old viruses, but for other malware, such as worms, you can get infected very easily following common sense as it uses security holes to infect you with no user interaction, same for cross-site-scripting. Common sense isn't enough any more in the modern Internet


You seriously underestimate malicious ads, cross-site-scripting, driveby downloads, and unpatched security holes.

Back when this site was hacked, if a malicious script was added that would silently execute code on your computer, would you have been able to recover? Probably not if you have no AV. It's happening all the time, and to big-name sites like http://www.pcworld.com/businesscenter/article/240609/mysqlcom_hacked_to_serve_malware.html and cause tens of thousands of people to get infected before it is found out. It's no longer 99 out of 100 the fault of the user, unless you expand user stupidity to include "people who think they are secure with just common sense".


:nod: Nothing like restoring a hard drive image and be back up and running to a 100% clean PC in under 30 minutes.

That's my philosophy!

Didn't know that. I was thinking the exact opposite. I've never scanned a file and found a virus in it before with Avast!. Avast! has only really blocked a few websites for me. Malewarebytes did find malware in a file before, but Avast! did not.

"I moderate a forum and occasionally have to check links" is a much better excuse :shifty:.


For a single computer one can set the home page to "file://foo/whatever/page.html". Obviously, that's easier for a user to get around -they can simply delete the file- but if you hide it a little it'd still be difficult to figure out. And really, the kind of people who could are the kind of people who wouldn't want to use IE in the first place .

Ha, tell me about it... I've visited some very "interesting" websites through links from here. Fortunately I do my own PC maintenance.

IE won't execute the javascript if it is a local file, unless you lower the security settings (no way would I suggest that)

Ah. That could be a problem. Goes to show how little I've used/know about IE :hehe:.