The other evening I was surfing Railpicturs.net and called up a video of the Ringling Bros. Circus train on the FEC....in addition to the video I seemed to have picked up a trespasser on the right of way....a piece of Malware that entered through the Java connection and appears to have identified itself as 'Microsoft Antimalware'.
Upon entering my desktop system it put up a screen stating that there was Malware on the system and only the product that began and displayed a 'scan dialogue' on the screen could cure it.
I immediately shut the box down and began running the known anit-virus, anti-malware products that reside on my box...they identified and removed a number of items, however, there was one item that it would not remove....it was identified as
TrojanDownloader:Java/OpenConnection.gc
The box is now at a professional comupter service to have this rectified.
I have been experiencing a number of unrequested advertising pages from RailPictures.net when attempting to call up the full size pictures of my choosing.
I don't know if anyone else is experiencing similar things.
Never too old to have a happy childhood!
You'd better forward a copy of this message to the staff there-they may not know about it yet and would like to find out. Maybe they can research things better and find out where the offending ads are coming from.
I always get pop-up advertising from that site, so I stopped going there.
http://www.youtube.com/user/pavabo
http://www.flickr.com/photos/paulvbox
I believe I have, but since my anti-virus software identified, isolated, and suppressed it, it wasn't enough of a problem for me to take the trouble to write down the details of the name, etc. It wasn't much worse than suppressing the pop-ups, anyway.
Same thing has happened to me on some of the pages at the otherwise very useful www.multimodalways.com website - I recognize the pattern of that bogus malware warning screen and cure, etc. Too bad somebody can't "terminate with extreme prejudice" the originators of these problems - permanently !
- Paul North.
Soo 6604 I always get pop-up advertising from that site, so I stopped going there.
Plus you had people entering model trains (HO, O, N, etc) in the loco and rolling stock roster. Quite annoying when you're looking for 1:1 info.
Dan
CNW 6000 Soo 6604: I always get pop-up advertising from that site, so I stopped going there. +1 Plus you had people entering model trains (HO, O, N, etc) in the loco and rolling stock roster. Quite annoying when you're looking for 1:1 info.
Soo 6604: I always get pop-up advertising from that site, so I stopped going there.
FWIW: Sometimes these malware programs are coded such that even clicking on the "X" to close the applet window will cause the unwanted program to launch. DO NOT "X" OUT OF THE PROGRAM!
Your best bet when you get a malware program is to do "Control-Alt-Delete", and from the task manager restart the entire PC. If the malware is preventing access to the task manager, then use the power button to turn off the PC (yes, even with programs running); although it is not good to do this on a regular basis, it is a far better alternative than risking giving the malware an opportunity to self-install.
If, after holding the power button in for 5 seconds the PC does not stud down, then go drastic and pull the plug. REPEAT: DO NOT "X" OUT OF A MALWARE APPLET!!!!
I agree with Zardoz. It happened to me about a year ago and I ended up having to have everything erased, including the operating system. I was told by the technician to always just shut down immediately when these things pop up. Hitting the X-box or taking some other action actually launches it in a lot of cases.
Tom
Pittsburgh, PA
zardoz CNW 6000: Soo 6604: I always get pop-up advertising from that site, so I stopped going there. +1 Plus you had people entering model trains (HO, O, N, etc) in the loco and rolling stock roster. Quite annoying when you're looking for 1:1 info. +2 FWIW: Sometimes these malware programs are coded such that even clicking on the "X" to close the applet window will cause the unwanted program to launch. DO NOT "X" OUT OF THE PROGRAM! Your best bet when you get a malware program is to do "Control-Alt-Delete", and from the task manager restart the entire PC. If the malware is preventing access to the task manager, then use the power button to turn off the PC (yes, even with programs running); although it is not good to do this on a regular basis, it is a far better alternative than risking giving the malware an opportunity to self-install. If, after holding the power button in for 5 seconds the PC does not stud down, then go drastic and pull the plug. REPEAT: DO NOT "X" OUT OF A MALWARE APPLET!!!!
CNW 6000: Soo 6604: I always get pop-up advertising from that site, so I stopped going there. +1 Plus you had people entering model trains (HO, O, N, etc) in the loco and rolling stock roster. Quite annoying when you're looking for 1:1 info.
I just want to echo that this is absolutely 100% perfect advice. I infected a computer once, not that long ago, by actually clicking on the "X."
Realizing how stupid I was (and paying to get the computer cleaned), I told the whole family these instructions. Wherver the malware was coming from, it tried to attack two other computers in the house. I both cases, by powering down immediately, we kept the malware from launching.
I run a program called MalWare Bytes which is free (google it) and pretty easy to use. I also keep a backup copy of that program on a flash drive as some of the mw I've seen disables anything on the system when it arrives.
I have had good experiences with shutting down, restarting and running in "safe mode" and running the MalWare Bytes from there. It's caught infections that were launched and removed their tracking cookies too...but I'm comfortable taking that (and registry editing too) steps.
Has anyone contacted the owner of that site?
+1
What?
Mechanical Department "No no that's fine shove that 20 pound set all around the yard... those shoes aren't hell and a half to change..."
The Missabe Road: Safety First
I also have MalWareBytes loaded on my machine and ran it...it removed some stuff but not the 'real offender',
The computer tech that is working on the machine said he had not yet heard of the problem I was relating and he has worked on this box before with great success.
CNW 6000 I run a program called MalWare Bytes which is free (google it) and pretty easy to use. I also keep a backup copy of that program on a flash drive as some of the mw I've seen disables anything on the system when it arrives. I have had good experiences with shutting down, restarting and running in "safe mode" and running the MalWare Bytes from there. It's caught infections that were launched and removed their tracking cookies too...but I'm comfortable taking that (and registry editing too) steps. Has anyone contacted the owner of that site?
I also have MalWareBytes. It was loaded on my computer by a tech support agent at Microsoft while he was troubleshooting a windows problem by remote control. The problem was not a virus, but I decided that if Microsoft uses the program it must be pretty effective.
Dave
Lackawanna Route of the Phoebe Snow
coborn35What?
I was looking for some prototype photos of particular locomotives (SDCAT & a special CNW Dash 9 - 8730) for modeling purposes and ended up finding lots of pictures of Athearn, Bachmann & Kato locomotives. After 15 locomotives I clicked on were all models and with the amount of pop-ups & flash ads I stopped using the site. LocoPhotos or Flickr are what I use now.
Whenever I have encountered that dreaded self-initiating malware detection pop-up that immediately begins to list all the bad bogeymen on my hard drive, I just back-screen out and it goes away.
One time I found that I had a Trojan or virus called Spyaxe, and I couldn't get rid of it with Norton or anything else. Not knowing better, I decided I had nothing to lose by trying a system restore to a previous set-point. By that I mean I had never used it before, and didn't really know what I was about to ask the computer to do (this was years ago...). When the computer restarted a few minutes later, it was free of the SpyAxe.
Ever since that time, whenever I encounter a bug of any kind, something that makes me go "Hmmm..." because the computer seems to have modified its behaviour in an unwanted or prohibitive way, I just do a system restore. Takes about five minutes all up, and it has always cured my woes. Did it just five days ago.
And I agree, railpictures.net is an annoying site for that reason. It has a lot of fantastic imagery, though.
MalwareBytes has a good reputation, and I used Superantispyware until just recently when I purchased a new PC. AVG freeware and SuperAntiSpyware both worked very well.
Crandell
CNW 6000 coborn35: What? I was looking for some prototype photos of particular locomotives (SDCAT & a special CNW Dash 9 - 8730) for modeling purposes and ended up finding lots of pictures of Athearn, Bachmann & Kato locomotives. After 15 locomotives I clicked on were all models and with the amount of pop-ups & flash ads I stopped using the site. LocoPhotos or Flickr are what I use now.
coborn35: What?
No way. I doubt that is true. I have never EVER seen a model photo on railpictures.net. They would never allow one. Maybe your thinking of rrpicturearchives.net.
But they do have fake snow....
It's been fun. But it isn't much fun anymore. Signing off for now.
The opinions expressed here represent my own and not those of my employer, any other railroad, company, or person.t fun any
Some pretty accurate and interesting advice here. I enjoy reading a lot of different sites, and in the past I have developed some pretty 'ugly' issues, as well as some vicious infections to my machines (boxes?) some that have been fatal and some that were extracted- expensively!.
Fortunately, I have a grandson that is pretty computer literate. His thoughts about dealing with malware problems have revolved around several free systems to attack malware problems. He's installed 'Malware Bytes', 'Ad Aware', 'Threatfire', Avast Free Virus protection'. The theory being that malware gremlins use diferent strategies to infect systems, and one system may get it, or might overlook the infector. Therefore by running several different protectors, your chances of stopping the malware are better. So far it has worked pretty well.
One thing to hold onto and protect is the Original Systems Installation Disk for your maching. If you wind up having to 'scrub' your hard drive to dump an infection, you can reinstall youtr original system. To buy a new disk for a Windows Operating System, can be devilishly expensive and possibly hard to find. That original operating system disk is worth its weight in gold.
Malwarebytes is a very good stand alone tool to remove spyware/mareware.
A common misconception is that you need to pay for computer protection.
However, there are quite a few good free software programs that you should consider for use.
This is what I use on my computers at home:
Firewall: Zone Alarm Free Firewall
http://www.zonealarm.com/security/en-us/anti-virus-spyware-free-download.htm
Anti-Virus: Microsoft Security Essentials http://www.microsoft.com/security_essentials
Registry Cleaner: CCleaner http://www.ccleaner.com
Malware: Malwarebytes http://www.malwarebytes.org
Another good free registry cleaner can be found at: http://www.eusing.com Eusing will not conflict with CCleaner.
I've run Win2K and XP for over ten years and have NEVER had a malware infection. Lucky, maybe. Cautious, definitely! Some tips not mentioned above:
- use a hardware firewall if you have a high speed internet connection. Software firewalls mainly belong on laptops and those systems forced to use dial up access. Test your firewall using GRC's Shields Up service.
- use Firefox as your primary web browser. The Noscript and Adblock add-ons are updated frequently and add great protection against evolving malware threats. Never, ever use IE6 or older for web surfing!!
- consider using a Linux distribution instead of Windoze, especially if your computer needs are basic - web surfing and email (recommend Ubuntu, Fedora, OpenSUSE). For sensitive applications like online banking, use the distro in 'live' mode which runs directly from CD and doesn't need to touch your hard drive. Computer geeks can install Linux dual boot or in a virtual environment.
- turn off Autorun! This Windows 'feature' deserves several threads alone on computer forums. The idea that Windows will try to run anything inserted into your DVD drive or USB port is insane.
Links to my Google Maps ---> Sunset Route overview, SoCal metro, Yuma sub, Gila sub, SR east of Tucson, BNSF Northern Transcon and Southern Transcon *** Why you should support Ukraine! ***
BaltACD I don't know if anyone else is experiencing similar things.
I picked up the same problem from that site in the last week of February.
MikeF90 - use Firefox as your primary web browser. The Noscript and Adblock add-ons are updated frequently and add great protection against evolving malware threats. Never, ever use IE6 or older for web surfing!!
Firefox does a good job of blocking the pop-ups on the railpictures website and I haven't bothered to unblock any of the pop-ups. There are also some good add-ons such as Adblocker and NoScript that will further improve security.
The latest version of Internet Explorer has a pop-up blocker as well, but don't have any experience with it.
A even more secure approach would be running Solaris on SPARC (or MacOS or Linux on PowerPC) as anything but Java malware would be incompatible with the processor.
One caution about Linux (or any other UNIX). Getting it set up properly does require a bit of knowledge of how the system works, although many flavors of Linux (e.g. Ubuntu) do have a very straightforward access to security settings. As you pointed out, the "Live CD's" have the advantage of not touching the hard drive.
- Erik
Mine contracted it's problem on Feb 26
Dakguy201 BaltACD: I don't know if anyone else is experiencing similar things. I picked up the same problem from that site in the last week of February.
BaltACD: I don't know if anyone else is experiencing similar things.
Add one to the list of ruined computer...$200.00 later still waiting for the reformat disc to arrive from the computer company so I can have the entire hard drive wiped clean and reformat it.
The blue screen virus arrived either from RailPictures, (my geek is pretty sure thats where it came from) or in a chain e-mail, all of which will now be deleted...from now on, if someone continuies to send me chain e-mail, I will simply block them from my machine.
Railpictures has twice infected my machine, once with a "pop up" virus and this time with the blue screen virus, as described in the opening post.
My computer geek told me the same thing, if you think it has happened to you, do not X out, eithr pull the plug, or the alt control delete routine.
If you get it, be prepared to lose all data on your machine.
23 17 46 11
Our community is FREE to join. To participate you must either login or register for an account.