Topic

I won't be clicking on any more links in forum posts--virus warning

<Edited to spare the sensitivities of the gentle Glitchen><snip>Much as I want to, I won't be clicking on any more links in posts. Why? <snip> I've had my computer for about 8 years. I have been a responsible owner and never, EVER had a problem, running anti-virus software regularly. <snip> Recently, I have been the victim of repeated malware attacks. <snip> My system goes south right after I click on a link in a Forum post. The latest is an audible file: "Congratulations, you are today's winner." <snip> Sad as I am It may mean I have to stop playing. But it's getting to the point where my computer isn't going to be usable. So what options do I have?

UPDATE:
About two seeks ago I lost Internet access. I then found a wonderful computer shop in my local community. They removed the rootkit virus -- they told me it really was a nasty bugger--embedded itself deep in the bowels of my OS and in reaction to my running anti virus and malware programs to get rid of it, barred my access to the internet. Evil. They confirmed that it is quite possible to pick up something really really nasty via an ad on a web page. You don't even have to mouse over the ad. Simply going to the page is enough. Apparently there are whole countries whose GNP depends on malware and viruses, which are constantly being created, updated and modified to thwart all the anti virus and malware software out there. They're getting cleverer and more sophisticated by the day. And you are likely not going to be warned you are infected. Your only clue will be that your system runs increasingly slowly. OR in my case, I picked up a rootkit that actually wants you to know it's there so it can mock you. Great. Criminals with a sense of humor.

They installed MSE (they like it, too, TomC!) and something called Sandboxie, which permits safe web browsing by quarantining your browsing and e-mail experience in a "sandbox" walled off from the rest of your computer. After your browsing session, everything is deleted without ever coming in contact with the rest of your computer. They warned that installing Sandboxie is complex to get it to run right (I'd actually tried it a couple of years ago on my own, but it basically prevented me from doing anything. Now that it's installed correctly, I will still be able to download stuff but I'll be prompted to restore the files to my actual computer so they won't be deleted when my browser or e-mail session is over.) It's a great relief to not have to worry any more. Sandboxie approaches computer protection from a different angle. Instead of trying to act as a hockey goalie, preventing every goal, it' simply walls off the goal so access is not possible. Like with vermin--store everything in sealed containers rather than trying to kill all the pests.

But I do want to raise the issue of safe browsing--it's what I was trying to convey in my original post but was too upset at the time to make clear. What I meant was that my wonderful Glitch experience had lulled me into a a false sense of safety and security. It's nice an fun here (yeah, I know, periodically there are flame wars in Forums about weird stuff, but mostly folks are lovely and it's just serene good times. Tip: just don't read the weird forum posts. But I digress.) and it feels safe. And it is, here. But all you folks pasting in links to cool pix of Glitch stuff, or other random, outside of Glitch links, please think about where you are taking the Glitch community members to via those links. Not all are reputable sites. Not all are safe. Of course, ultimately it's my responsibility to protect myself and not click on dubious links. But this is a community and I think all members of the community have a shared responsibility to respect the culture of our community. And this culture supports and encourages shared civility, care, and safety. Which means my first thought when seeing a link in a forum post will not be, "danger, warning, warning!" It is most likely going to be more like "oh neat, something cool and imaginative!" So please, consider where you are encouraging your fellow Glitchen to go when you upload a link.

Posted 10 months ago by Axa Subscriber! | Permalink

Replies

Previous 1 2
  • It sounds like you went to some site with one of those annoying audio advertisements, but that might not necessarily be a virus. Most sites linked are generally safe, and I haven't had any problems with links on Glitch. If you don't mind sharing, which site's link do you feel has caused a virus on your computer?
    Posted 10 months ago by TomC Subscriber! | Permalink
  • Wow, so sorry to hear about that! 

    I have yet to stumble on something like that.

    And like TomC said, what sorta links?
    Posted 10 months ago by Rook Subscriber! | Permalink
  • Wow, that's weird! I've never seen that stuff before.

    Perhaps you have some malicious "security" program installed on your computer? Or something that may have been put in from some other site.

    Like the posters above, I have no problems with Glitch links...
    Posted 10 months ago by SeerQueen Subscriber! | Permalink
  • Edit: part removed on rereading OP.

    Maybe I misunderstood - do you mean that a user posted a link in the forums that took you to another site that attacked your computer?

    The problem you mention, "The latest is an audible file: "Congratulations, you are today's winner." sounds like a pop-up that has managed to get around your blocker.

    As TomC and Rook mention, the more info you can provide about the link you followed will help.
    Posted 10 months ago by The Cat Face Subscriber! | Permalink
  • It appears to be picture links. And, like clockworks. it is right after I click the link, I get an alert, or my system begins to act really really weird.
    Posted 10 months ago by Axa Subscriber! | Permalink
  • Can you say which thread it is in?
    Posted 10 months ago by The Cat Face Subscriber! | Permalink
  • The chance of getting a virus from just visiting a web page is remote.  The chance of getting a virus from a link you don't even traverse is non-existent.

    Stopping playing because you think you got a virus from some link in these forums is just silly.
    Posted 10 months ago by Janitch Subscriber! | Permalink
  • Seriously? Of course I can get a virus from a web page I visit. Actually, there are rootkit viruses embedded in ads on web pages. That's what I think I got. Please don't patronize me. I've done my research and I've been dealing with this for over a month now. I am pretty darned fed up with dealing with computer problems which is why I finally posted. 
    Posted 10 months ago by Axa Subscriber! | Permalink
  • Axa do you have any idea which thread the link was in? If you could let us know the devs can investigate.
    Posted 10 months ago by The Cat Face Subscriber! | Permalink
  • If you actually want help, then you need to be more specific: what link causes problems with what browser and what OS.  If you're just venting, then I apologize for getting sucked in.
    Posted 10 months ago by Janitch Subscriber! | Permalink
  • Yeah, I wish I could remember. A month ago is going to be tough. Most recently it was likely the see your Glitch here (where ever that was) and something on the one of the floors in Jethimand Tower where someone spelled out "Glitch" in a really cool way. See? I don't really want to remember where. Whatever it was was really cool and I loved it--so consistent with what is so cool about this community. That's why I'm posting in a general way. I loved the links--it was so cool what someone showed me. It was creative and neat and in keeping with the spirit of Glitch. And that is why I am distraught. I don't want to think that some one that creative and really cool could also be either that malignant or that clueless. 
    Posted 10 months ago by Axa Subscriber! | Permalink
  • This is like what you have to go through if you are trying to fire someone in a corporation. You have to document everything. Why would I do that? I'm simply playing a game. 
    Posted 10 months ago by Axa Subscriber! | Permalink
  • And I didn't say I was going to stop playing. I said I'd stop clicking links in posts. 
    Posted 10 months ago by Axa Subscriber! | Permalink
  • A previous game I played, ended up making only a select number of sites as 'authorized'/'trusted' for posting or the mods would edit out the links.  I've often thought that the freedom folks have here in posting links from any random site was a bit too loose.  Hope you can remember which site in particular caused it (so that it will actually help the rest of us avoid it)...I know that many of the picture/video sites such as youtube, flickr, imgur, etc, are probably fine...but there have been more and more that aren't the standard posting sites, and I've been wondering how long it would take until we saw a thread like this.

    And yes, you can have malware loaded onto your computer from an untrusted site.
    Posted 10 months ago by ~Pink Flamingo~ Subscriber! | Permalink
  • Thank you Beach Bum. I really appreciate a little validation since I have a tendency to be sort of insecure. Welp, now that I am (sadly) more wary, I won't be clicking on any random links any more. I agree that the known sites are pretty much trustworthy. The issue seems to be centered on sites that I accessed thru those links you get that make them smaller   ( e.g., what Twitter uses so a link won't eat up all your character allotment), or sites I'd never heard of. As far as I can tell, so issues with Flickr, or YouTube. That's all I can say with certainty. 
    Posted 10 months ago by Axa Subscriber! | Permalink
  • What I meant to say was "NO issues with Flickr or YouTube." Damn you, bad typing skills. 
    Posted 10 months ago by Axa Subscriber! | Permalink
  • Yes, those, shortened URLs creep me out as well, since they can take you just about anywhere (and they obfuscate the original site URL)...I've been clicking on them here at times, but will be more cautious in the future (and will count myself as blessed for not loading any malware yet).
    Posted 10 months ago by ~Pink Flamingo~ Subscriber! | Permalink
  • bit.ly and tinyurls can be used to launch attacks easily enough; since they dont look like anything but a link.  it took you 6 years of computing to learn not to click everything you see?

    if you dont know the person posting the link, then do not click. 

    I've been on (and off) line for 30 years; in all the time I have learned that it does not even take human interaction to screw up a computer - they are just fine by themselves in doing tiny bits of damage to information in RAM, on floppies, on hard disks, being transmitted over modems, LANs or through the air itself.  YMMV, offer only good with coupon, do not feed the tigers, shrinkage may occur, cold water wash tumble dry low, whens tea?

    send sandwiches.
    Posted 10 months ago by ☣ elf ☣ Subscriber! | Permalink
  • Oh, please. I've been using computers for over 30 years myself. I simply loath the holier-than-thou attitude of some folks who  love to blame the victim for the nasty things that happen. Of COURSE it's my fault. Of COURSE I feel stupid. I COURSE I should know better. The point is, this is a lovely place and the folks (for the most part) are really nice who play this game. The point is, I am issuing a warning not just to folks like me who stupidly (do you really need to rub it in that I was stupid? Really?) It's a warning to all the nice folks who are using random websites to host their pix who don't realize that nasty things lurk in the ads on those random websites. The point is, that lotsa folks are uploading links to really nifty pix that, based on my experience, probably shouldn't be clicked on. 
    Posted 10 months ago by Axa Subscriber! | Permalink
  • I hope they never set up 'walled garden' rules for forum posts here.

    I have my own chunk of space on a server and don't ever put 'shared' images anywhere else.  When I have to start using photobucket or what-not (which drags the viewer into adspace, nothankyouverymuch) I'll just not link anymore.
    Posted 10 months ago by Polo Reede Subscriber! | Permalink
  • Your computer still works right?
    Posted 10 months ago by AwesomeCardinal2000 Subscriber! | Permalink
  • it's compromised. I have a rootkit virus that will probably be with me until I get a new computer since removing them is so problematic. I use Malware Bits and Iolo System Mechanic. I'm coping.
    Posted 10 months ago by Axa Subscriber! | Permalink
  • I have no-script added onto my browser to prevent java and page scripts from loading and launching software onto my computer. I don't know if you already have that - but I recommend adding it. As well as ad blocker, though I know many say not to use it since it hurts various sites by removing a source of their ad revenue. But I've been burned too often by the ads that launch viruses so I feel for you.  
    Posted 10 months ago by Wyrd One Subscriber! | Permalink
  • Thanks for the tip, Wyrd. I appreciate it.
    Posted 10 months ago by Axa Subscriber! | Permalink
  • Its that hard to remove a virus? 

    Really..
    Posted 10 months ago by ☣ elf ☣ Subscriber! | Permalink
  • The "audio congratulations you're a winner" isnt a virus---- Its an advertisement on certain websites--- paid advertising, it wont do any harm to you're computer unless you click on it (Though if you do click on it, the website it directs you to could be malicious.)
    Posted 10 months ago by blackwidow Subscriber! | Permalink
  • Yes, it's that hard to remove malware. And the "Congratulations, you won!" message keeps playing on my computer even when no browsers are open. When I pasted phrase that into my browser, actually I learned that it is a known virus. The world is a dangerous place and there are malicious folks out there. The Glitch community is a great place. I was lulled into a false sense of security. (It's Glitch. Everyone is nice. My defenses  were down. I clicked on random links, something I never do. Sigh.)
    Posted 10 months ago by Axa Subscriber! | Permalink
  • Avast or MSE? 
    Posted 10 months ago by Rook Subscriber! | Permalink
  • its not too bad to remove malware you just need to know your process's on your computer and find the fake ones and delete the files.
    Posted 10 months ago by blackwidow Subscriber! | Permalink
  • I recommend avast.
    Posted 10 months ago by Innie✿, Obviously Subscriber! | Permalink
  • Really? I am the original stupid user. I have no clue how to do this stuff. I know just enough to be dangerous. SO glad it's easy for you. Now I'm getting notices that IE can't download some random file. I don't have IE open ( Would really, really love to figure out how to delete IE...)
    Posted 10 months ago by Axa Subscriber! | Permalink
  • Go to Control panel > add remove programs >remove IE
    Posted 10 months ago by blackwidow Subscriber! | Permalink
  • okay, downloading avast now. Thanks.
    Posted 10 months ago by Axa Subscriber! | Permalink
  • Yeah. Tried that. Won't let me.
    Posted 10 months ago by Axa Subscriber! | Permalink
  • Or if you're having too many problems, and dont have that much on your computer you really need reboot your computer to its original state--- Should be under a menu if you press F11 when your starting up you're computer---  Though--- If you have alot of stuff on there its understandable-- but another option for that is an external harddrive to save all your files that are very importat :)
    Posted 10 months ago by blackwidow Subscriber! | Permalink
  • And if that's not working to remove IE, in your search under start search IE, right click then click "Open file location" delete The entire file.
    Posted 10 months ago by blackwidow Subscriber! | Permalink
  • If you are a Windows user, Microsoft Security Essentials is highly recommended over any of the other programs. It's an official scanner from Microsoft and it won't consume a ton of your computer's resources, unlike some of these other programs which could really set off your computer's fans.

    If you do decide to use MSE, run a Full Scan (which may take a few hours, but it is well worth it).
    Posted 10 months ago by TomC Subscriber! | Permalink
  • I've worked in support before on multiple levels-- there are some things out there that are just so invasive and annoying to get rid of that it's easier and faster to offload all important files, verify their integrity, wipe the system and put everything back on.

    As far as shortened links go, this link might be helpful:
    http://security.thejoshmeister.com/2009/04/how-to-preview-shortened-urls-tinyurl.html

    (Oh, the irony.)
    Posted 10 months ago by Aoi Subscriber! | Permalink
  • @Aoi lol
    Posted 10 months ago by Janitch Subscriber! | Permalink
  • .
    Posted 10 months ago by natsumi Subscriber! | Permalink
  • You can't uninstall it, but in Win7 you can remove IE as a "feature". Control Panel > Programs (in Category view) > "Turn Windows Features on or off". You can actually turn off IE there, but I recommend against mucking about if you're not sure. 
    It also sounds like, as some others mentioned, you've had something ongoing -- it takes a while to get that deeply entrenched *throughout* your system, as opposed to just one mess to clear up. 
    I use Avast, and for a while didn't run any AV at all. Dial-up means it takes just as long for them to give you a virus as it does for you to get to your inbox, so it's comparably safe for the advanced user. :)
    Posted 10 months ago by Lady Cailia Subscriber! | Permalink
  • Axa

    If you would like to open a help case and give specific examples for me to look at and specific information, I would be glad to.I have not seen any evidence of that happening with links posted by players, so I'd be glad to see something you can pass on in a help case.
    Posted 10 months ago by kevbob Subscriber! | Permalink
  • Malware can be a pain, but buying a new computer just because you got some crap on there is a colossal waste of money.

    Find a friend in IT and buy him some beer to fix it for you.  If you don't have one of those friends, pay one of those "geek squad" places to do it, or worst case scenerio -  re-install your operating system (that you already own, don't let them sell you another one.) 

    Hell, if you let me remote into your machine I'm 95% sure I could take care of it from here :)

    If you want a list of my preferred tools for malware removal, let me know.
    Posted 10 months ago by Vicereine Linnæa Subscriber! | Permalink
  • was gonna mention Untiny which works for short urls, too.
    Posted 10 months ago by Rook Subscriber! | Permalink
  • Superantispyware, Malwarebytes, MSE, Avast (meh), should be OK.

    If you already have an antivirus thingy on your comp, then remove it, or if MSE can, let Microsoft Security Essentials do it.

    If you want Linneae to remotely help ya, you can use Join.me and give him mouse powers. 
    Posted 10 months ago by Rook Subscriber! | Permalink
  • Going to Best Buy/Geek Squad would be a huge mistake, they dont do anything but take your money.

    I found instructions on how to fix it in about 30 seconds of googling.  have someone fix your computer for you if you cant do it yourself - 3 decades of using comps. is plenty of time to learn what you are doing...isnt it?
    Posted 10 months ago by ☣ elf ☣ Subscriber! | Permalink
  • And hopefully it wasn't malicious on the part of a user. There have been some high profile cases of ad-companies or other companies getting hacked (*sql-injection.. learn to clean your streams* *grumble*) and otherwise legit sites ending up launching these click-jacking attacks. Not that common, but it has happened.

    All you out there, always keep on your security patches, and never run as root level user.

    On windows I am a fan of MSE. Really good product. And after IE6, I never thought I'd say that about something free from Microsoft.
    Posted 10 months ago by LokiPDX Subscriber! | Permalink
  • If you have the rootkit I suspect (I research malware for a living), I recommend you try the TDSS killer from Kaspersky.  Google both terms to find the page you need. 
    Posted 10 months ago by WalruZ Subscriber! | Permalink
  • You guys are wonderful. I appreciate all the suggestions. Avast seems to have found the root kit virus. I quarantined it Then I lost connection to the Internet. Sigh. I am going to bed. I will try again tomorrow. (posting this via my phone). I think it's time to call in professionals ( yeah even after this many years of using computers. How many years have you been driving your car? Do you do your own repairs? Yeah. Right. ) thanks again for the suggestions and support.
    Posted 10 months ago by Axa Subscriber! | Permalink
  • @Axa - Are you using Avast to run a boot-time scan?  That is what you want to do in the case of a suspected rootkit.  And once Avast reports having removed it, run the boot-time scan again. For some rootkits, you need to scan and remove multiple times.  So rinse and repeat until you get a clean scan.

    I also recommend then scanning with a second anti-virus program, such as Kaspersky, because no anti-virus program is perfect, and different ones can catch different things.

    If you find it too difficult or time-consuming to do this on your own, please do call in professionals. Deciding to just "live with" a rootkit virus is dangerous. They compromise your computer so that you can't trust anything to be what it seems.
    Posted 10 months ago by Splendora Subscriber! | Permalink
Previous 1 2