Forum hacked + upgraded
#1
Posted 13 May 2006 - 02:33 PM
We're not totally sure how the trojan would infect a PC, but if you were using any browser and accepted a file transfer on Windows at the time of the attack, it is highly recommended that you run an anti-virus scan and install any Microsoft Windows updates.
The forums have now been upgraded to the latest version of Invision Board. We're sorry for the delay in getting the site back online, but we thought it best to run a complete system backup earlier than scheduled.
#2
Posted 13 May 2006 - 02:59 PM
#3
Posted 13 May 2006 - 03:17 PM
Thanks for this - I was indeed one of those to suffer, although Norton picked it up and deleted it.
I was sent an email saying I'd received a card from some Hotmail address. I had accepted it (it was my birthday recently!) but saw that the file extension had a strange ending and deleted it - but not before Norton clobbered it.
I can no longer see Today's Posts though - is this a side effect?
Best.
#4
Posted 13 May 2006 - 03:20 PM
Hi,
Thanks for this - I was indeed one of those to suffer, although Norton picked it up and deleted it.
I was sent an email saying I'd received a card from some Hotmail address. I had accepted it (it was my birthday recently!) but saw that the file extension had a strange ending and deleted it - but not before Norton clobbered it.
I can no longer see Today's Posts though - is this a side effect?
Best.
Yes - an email was sent out as well earlier.
I just sent an email informing members of this.
Norton sounds as though it did it's job well.
Today's Posts just needs to be added again - it was lost when we did the upgrade.
#5
Posted 13 May 2006 - 03:29 PM
I was silly enough to open up the file and have been infected with a Trojan and spyware.
I'm in the process if removing them, but Norton cannot removed the files, so will try another anti-virus.
Thank you Dave for letting us know.
There's some real losers out there.
Cheers,
Ian
#6
Posted 13 May 2006 - 03:31 PM
Norton contained any damage.
#9
Posted 13 May 2006 - 03:53 PM
Luckily I was working on Carol's machine when this happened. LOL
#10
Posted 13 May 2006 - 03:54 PM
#11
Posted 13 May 2006 - 04:04 PM
Strange morning.
#12
Posted 13 May 2006 - 04:36 PM
LOL. I just got a "bitch slap" for that. LOLSo long as it was, Carol's and not yours - that's fine
http://movies.apple....ses_480x376.mov
Okay. Norton couldn't remove the files, but AVG did. However, there's three files that have to be removed manually and in 'safe mode'.
If anyone is having a problem, please try the following. In fact even if your anti-virus has removed the virus, this would still be worthwhile doing.
You will also need to restore your homepage.
Open up your browser, and do the following.
Tools -> Internet Options ->. In the 'Homepage' section, please type in your regular homepage, and click on 'ok'.
1). Removal of 'secure32' browser hijack.
Start -> Search -> For Files and Folder. Click on 'all files and folders', and type in 'secure32'. Once the search had found this file please delete it.
2). Removal of 0mcamcap.exe. (please note it's a zero not an oh).
Start -> Search -> For Files and Folder. Click on 'all files and folders', and type in '0mcamcap.exe'. Once the search had found this file please delete it.
3). Removal of paytime.exe.
Start -> Search -> For Files and Folder. Click on 'all files and folders', and type in 'patyime.exe'. Once the search had found this file please delete it.
That should be all you need to do.
Cheers,
Ian
#13
Posted 13 May 2006 - 04:45 PM
I'm a little worried, as when I clicked on the link a message from Norton said there was a trojan and something about a file being unrepairable.
I immediatly switched the power to my computer off, which I know your not supposed to do, but I wanted to prevent any more damage being done.
I then restarted the computer and ran a full Norton anti virus scan. I bought norton literally a couple of days ago, but nothing was picked up from the scan
I've also done a scan at symantec online, but nothing was picked up there either
Edited by jl151080, 13 May 2006 - 04:46 PM.
#14
Posted 13 May 2006 - 04:47 PM
#15
Posted 13 May 2006 - 05:00 PM
#16
Posted 13 May 2006 - 05:50 PM
One of these days, one of these "super hackers" is going to be executed on live TV worldwide. It'll send a message.
Hopefully, I'll get to be one of the trigger men. Anyone care to join me? I'll pay for your ammo and the pints afterwards.
Again, well done Admiral.
#17
Posted 13 May 2006 - 06:11 PM
One of these days, one of these "super hackers" is going to be executed on live TV worldwide. It'll send a message.
*edges quietly away*
#18
Posted 13 May 2006 - 06:15 PM
As for virus protection. I used to use Norton (had major problems w/ it), and then AVG (wasn't catching everything).
But now I used AVAST, which I would highly recommend: http://www.avast.com --- they have a free home edition.
#19
Posted 13 May 2006 - 07:43 PM
Thanks for the notice though.
#20
Posted 13 May 2006 - 08:18 PM
Is the little gun icon coming back, or are we stuck with a generic blue V in our Firefox tabs?
#21
Posted 13 May 2006 - 09:14 PM
Thanks a lot for sending the email to me, letting me know.
Without the email, I would have never realized the virus was sent, and if I got it, I'd be in a pile of **** right now.
Thanks again.
Hopefully those sons of b****es rot in hell.
#22
Posted 13 May 2006 - 09:21 PM
#23
Posted 13 May 2006 - 09:23 PM
Glad to see everything is pretty much back to normal.
#24
Posted 13 May 2006 - 09:25 PM
#25
Posted 13 May 2006 - 09:50 PM
#26
Posted 13 May 2006 - 09:55 PM
I've also done a scan at symantec online, but nothing was picked up there either
By default, Symantec Antivirus does not look for so-called expanded threats. There is an option that can be selected when preparing to run a scan of the hard drive. Also, by default, Symantec Antivirus only flags such expanded threats; but, the default behavior can be changed to delete such threats.
On note of caution: if the threat is running as a service or has somehow managed to acquire sufficiently high permissions, then the threat may not be deleted. For this reason, it's best to run such a scan for expanded threats in safe mode.
If I may be of service to anyone having trouble sorting out my description, please let me know and I will do my best to unmuddle my description.
Cheers!
#27
Posted 13 May 2006 - 10:08 PM
#28
Posted 13 May 2006 - 10:14 PM
Aw, my computer was infected by a Trojan worm as soon as I looged on CBn. But it has been - let's hope it was ! - removed by the Norton anti-virus. I firstly thought there was something wrong with CBn.
Try running a scan with AVG just to be safe.
#29
Posted 13 May 2006 - 10:49 PM
#30
Posted 13 May 2006 - 11:16 PM
Just a question: I'm using Norton. Can I download AVG without problem ?