2 replies to this topic

[Gienah Corvus]

Two or three weeks ago, I read an article on MSNBC.COM about somewhat disturbing online games cashing in on the flu scare. Natrually I clicked on the link in the MSNBC article (thinking the site had been vetted) and found the Pandemic II game, on a website that was named monkeygames or something like that. I was bored of the Pandemic II flash game after a couple of runs (after killing off the entire population of earth), and clicked on the icon for another game that looked promising... ...and immediately found myself redirected to a site that promtly set off my internal virus/malware alarm bells. I closed the (multiple) browser windows as well as I could, and ran my antivirus and adware programs, but I started getting strange no toolbar web pages and recurring popups (despite the blocker being engaged) from "Gamevance Ads." Ad-Aware and Symantec both reported hostile software and removed them.. I stopped checking my bank and stock accounts from this laptop. Yesterday evening I had a popup that looked like this: INSERT INTO 202_clicks_spy SET click_id='116777', user_id = '1', aff_campaign_id = '25', ppc_account_id = '8', click_cpc = '0.01100', click_payout = '1.80', click_filtered = '0', click_alp = '0', click_time = '1242259629' The table '202_clicks_spy' is full gamevance ads My mental Information Technology threat level jumped from yellow to red, and today I checked the control panel, and discovered an installed program, "gamevance." When I uninstalled it, it the uninstall window looked non-standard so I was concerned about clicking "yes," or rebooting as it said was required. I disconnected my LAN cable and rebooted. Everything looked fine. I reconnected the network cable and updated my Symantec definition files. I navigated to microsoft.com, and initiated their online malicious software removal tool. I've had good success using it on the one or two occasions when Symantec couldn't locate a problem. Once it was started, I decided to update the definition files for Ad-Aware. Despite my minor concerns of a severe slowdown or a conflict, I clicked the "update" icon... ...and almost immediately saw the dreaded microsoft blue screen of death. Before I had a chance to read the dire message displayed in white letters on a blue background, my laptop had begun a reboot sequence. Everything appeared to boot normally, until shortly after my windows login. My laptop turned off. Not shutdown, but "click" and off. Now I'm really concerned, I pressed the power button, watched the startup sequence, and waited at the login screen. After about a minute, "click," and shutdown again. I noticed it seemed very hot. Even hotter than when I double box on eve. I went downstairs to get a beer, and told my wife that I "have a problem witn my laptop." On returning, it had cooled, and booted normally. It seems that it was shutting down do to high temperature, although I've never had that problem before. The microsoft tool is now at 35% completion, and all virus and anti-adware tools are updated (my normal settings auto update virus definitions weekly, scan daily, autoprotect is on). With this epic post, I want to pass on two nuggets. First, don't trust a questionable site just because it's linked in a site you do trust (I normally don't surf those free game sites). And second, if your system is acting funny, don't wait a week to get serious about finding the problem. And lastly if anyone has the ability to drop a house on the owners of the company that runs the Gamvance site/spam/infection, do me a favor and drop a house on them, or toss a bucket of water on them.

[Bamar]

The true lesson in all this? Use OSX or Linux

[Larg Kellein]

Good lessons, but I'm curious about your update and scan schedule. Personally, I have both AV and anti-malware applications check for definition updates daily, but run deep scans only weekly.