Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Page 1 of 2 1 2 >
Topic Options
#349981 - 25/01/2012 22:09 General Crawler badness
tanstaafl.
carpal tunnel

Registered: 08/07/1999
Posts: 5546
Loc: Ajijic, Mexico
Somewhere, somehow, I got a Firefox plug-in called "General Crawler". It is not something I asked for or wanted, but I got stuck with it. It comes from this company.

They have done some sort of trickery so that it cannot be uninstalled. Actually, that is not quite accurate, it can be uninstalled, but if you dig deep enough to find the directory where it resides, you will see it magically re-appear any time you re-start Firefox.

Some research showed me how to truly get rid of it, involving digging pretty deep into the C:\[username]\appdata\... files and a few other places, plus some edits to the system registry. It is gone now, and I am grateful for that.

If you Google for "How to uninstall "General Crawler" Firefox plugin" you will see that this is a fairly new and widespread problem.

Is there anything I can do in the area of revenge against general-crawler.com/? These bastards have no right to stay in business.

tanstaafl.
_________________________
"There Ain't No Such Thing As A Free Lunch"

Top
#349984 - 26/01/2012 01:47 Re: General Crawler badness [Re: tanstaafl.]
larry818
old hand

Registered: 01/10/2002
Posts: 1039
Loc: Fullerton, Calif.
I've wondered the same thing. Flash (Steve Jobs was right) recently installed the "Anti-Virus 2012" virus on my 'puter. These guys have a web page and accept credit card payments, it should be easy to hunt them down and rough them up.

At least I wanna be paid for the day it took me to clean up my machine. And now I no longer have flash installed...

Top
#349993 - 26/01/2012 13:14 Re: General Crawler badness [Re: larry818]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
Originally Posted By: larry818
I've wondered the same thing. Flash (Steve Jobs was right) recently installed the "Anti-Virus 2012" virus on my 'puter. These guys have a web page and accept credit card payments, it should be easy to hunt them down and rough them up.

I'd be very curious to know how you could tell that Flash was the exact culprit of that virus. I've seen that very virus and plenty like it.

It's awful malware like this that makes me so pissed off at congress right now. How about instead of passing crap like SOPA/PIPA, we pretend for one second that they give a crap about people instead of just corporations, and pass something that might at least start to help protect people against malware. I understand that copyright protection is important, but real people are affected by malware every day. As much as I like getting paid hourly to clean viruses off of peoples' computers, I'd like them not to get suckered into giving thieves their credit card info. Ugh.
_________________________
Matt

Top
#349997 - 26/01/2012 15:07 Re: General Crawler badness [Re: Dignan]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Flash remains pretty high on the list of software that allows a machine to be compromised. Including an unpatched flaw in the latest 11 version, known about publicly since early December:

http://secunia.com/advisories/product/38260/?task=advisories

All it takes is browsing the web, and one flash embed somewhere. Not shady sites either. Typically people sneak the code into an ad banner that could be seen on a ton of sites including high profile ones. Even if the ad network scans their content carefully for known exploits, unreported ones may still be abused before announced. Could also be lurking in actual video players or legitimate content, but mostly it comes from ad banners.

For people that must still use Flash on the desktop, I generally recommend uninstalling all versions, then use Google Chrome. It at least adds some more protection around the plugin that other browsers aren't.

Top
#350002 - 26/01/2012 17:41 Re: General Crawler badness [Re: drakino]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
Tom, I didn't say that I doubted Flash could let infections onto the computer. I was asking how he seemed so certain that Flash was the exact culprit of this instance. It's usually very difficult to figure out when a virus made its way in.

That said, I agree with your conclusion. I recommend Chrome to all my clients, and one of the reasons is that I'm more certain that they'll be running the most recent versions of their browser, Flash, and Acrobat (which I try to get them to uninstall as well).
_________________________
Matt

Top
#350005 - 26/01/2012 17:56 Re: General Crawler badness [Re: Dignan]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
I know, I was just throwing that info out there for the general thread. The quicker people realize Flash is evil and needs to be uninstalled, the quicker this Flash malware can also die.

Top
#350006 - 26/01/2012 18:53 Re: General Crawler badness [Re: drakino]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
Originally Posted By: drakino
I know, I was just throwing that info out there for the general thread. The quicker people realize Flash is evil and needs to be uninstalled, the quicker this Flash malware can also die.

But can't it also get in through javascript? I'd run something like noscript, but the idea seems like it makes the web a pain to use...
_________________________
Matt

Top
#350009 - 26/01/2012 19:58 Re: General Crawler badness [Re: Dignan]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
In general, Javascript is not a security risk from a malware (installing crap onto a system) standpoint. Some browsers in the past did have some Javascript holes that were exploited, but I haven't heard of much in this regard recently. The more common Javascript problems are caused by cross site scripting exploits, leading to potential information hijacking.

Top
#350010 - 26/01/2012 20:45 Re: General Crawler badness [Re: drakino]
larry818
old hand

Registered: 01/10/2002
Posts: 1039
Loc: Fullerton, Calif.
There were a couple of clues... AVG identified the virus as it installed (but didn't bother to stop it), so I know the web page.

There's nothing in the web site code that would have caused this besides a flash banner.

The "Anti-Virus 2012" virus uses flash as it's transport, which I read up on after I got it.

I also found out that none of the AV programs can stop this kind of attack, so away with flash.

Also, if I'm not gonna be protected, I should also not pay, so away with AVG and in with MSE, which is free, faster, less pestery, and rated higher than AVG in viruses it can catch.

Top
#350012 - 26/01/2012 21:42 Re: General Crawler badness [Re: larry818]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
Originally Posted By: larry818
I also found out that none of the AV programs can stop this kind of attack, so away with flash.

I've always wondered about this. I've been seeing these viruses for years now, and I refuse to believe that these viruses cannot be caught. I don't see why, if there are virus removal programs that can take them off, that there are none which can block them in the first place. MSE should certainly be looking out for this kind of stuff. It's by FAR the most prevalent virus I see (by a margin of about 50:1).

That's why I've been recommending MSE to all my clients. If none of the commercial antiviruses are going to catch the most common viruses I come across, I figure my client might as well use something that's not going to get in their way. MSE and Chrome go on most of my clients' computers.

Also, and this might be a little more controversial, but lately I've been putting AdBlock on my clients' Chrome installs. If Flash banner ads are going to get my customers infected, I'm sorry but I'm going to block them. Is this a bad train of thought on my part?
_________________________
Matt

Top
#350014 - 27/01/2012 00:17 Re: General Crawler badness [Re: Dignan]
larry818
old hand

Registered: 01/10/2002
Posts: 1039
Loc: Fullerton, Calif.
Not at all...

Top
#350018 - 27/01/2012 06:16 Re: General Crawler badness [Re: larry818]
BartDG
carpal tunnel

Registered: 20/05/2001
Posts: 2616
Loc: Bruges, Belgium
So MSE is better than eg. NOD32, yet it's free? What makes MSE better then? Does it use a different approach?
_________________________
Riocar 80gig S/N : 010101580 red
Riocar 80gig (010102106) - backup

Top
#350020 - 27/01/2012 12:52 Re: General Crawler badness [Re: BartDG]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
Originally Posted By: Archeon
So MSE is better than eg. NOD32, yet it's free? What makes MSE better then? Does it use a different approach?

I'm not sure it's better, myself, but it is free, so that's a good incentive for people who might not use any antivirus at all.

It also seems to stay out of the way more than any others I've seen, including Eset's
_________________________
Matt

Top
#350021 - 27/01/2012 13:00 Re: General Crawler badness [Re: BartDG]
larry818
old hand

Registered: 01/10/2002
Posts: 1039
Loc: Fullerton, Calif.
http://www.thundercloud.net/infoave/images/2011/av-1.png

I had to turn off AVG's "Resident shield" and one other component as it unacceptably slowed the 'puter down. Also, on my mom's 'puter, AVG totally ignored a virus she got, it turns out AVG didn't even know about it, and the virus had been around a couple of years already. This was about a year ago.

MSE has a setting to "monitor file and program activity" which I had to set to "incoming files only" for a similar reason.

I am considering giving Avast a try.

Top
#350022 - 27/01/2012 13:15 Re: General Crawler badness [Re: larry818]
BartDG
carpal tunnel

Registered: 20/05/2001
Posts: 2616
Loc: Bruges, Belgium
I've been using NOD32 much to my satisfaction for years now. For people who don't want to pay for anti-virus protection (like my dad eg.) I always recommend Avast. Even though AVG has always seemed to be the number one choice for free anti-virus, I've always wondered how it ever earned that reputation. In my experience it slows down the PC, doesn't find a lot of common viruses and now and then even turns nasty in a very bad way. I've never know Avast to fail. Maybe next time I'll try MSE.
_________________________
Riocar 80gig S/N : 010101580 red
Riocar 80gig (010102106) - backup

Top
#350023 - 27/01/2012 14:42 Re: General Crawler badness [Re: BartDG]
larry818
old hand

Registered: 01/10/2002
Posts: 1039
Loc: Fullerton, Calif.
I think it's 'cos AVG was best back when Norton flamed out. McAfee was never any good...

MSE is, from an annoyance and system performance point of view, the best I've ever tried.

It seems strange that I would like Microsoft anything...

Top
#350024 - 27/01/2012 16:57 Re: General Crawler badness [Re: larry818]
hybrid8
carpal tunnel

Registered: 12/11/2001
Posts: 7738
Loc: Toronto, CANADA
For the life of me I can't understand why people continue to run Windows.

My wife's company still only supports Windows XP and will not under any circumstances update any of the corporate machines to anything newer. She's stuck with IE8 and can no longer use GMail or any Google apps like Calendar.

The reason they're stuck on XP is because they run the company's communications/planning through some Lotus crapware which is either not available for newer Windows versions or they're too cheap to pay for the updated license.

At the same time I'm pretty sure they've been paying for McAffee which is just about as bad as most viruses out there. It's amazing how much money is being poured down the drain supporting this old crap and simply trying to keep what are essentially email/word-processing/spreadsheet/power-point machines running.

She works for a conservation authority which is not-for-profit, but really, it's the same story from friends working at Pepsico, including the anti-virus issues.

I always recommend stubborn friends install Avast. Anything else is far more trouble than it's worth.
_________________________
Bruno
Twisted Melon : Fine Mac OS Software

Top
#350025 - 27/01/2012 17:15 Re: General Crawler badness [Re: hybrid8]
tahir
pooh-bah

Registered: 27/02/2004
Posts: 1913
Loc: London
I've never had problems with AVG on various versions of Windows. Have just switched a PC to MSE based on this thread, looks very easy to set up for an MS product.

Top
#350026 - 27/01/2012 17:54 Re: General Crawler badness [Re: tahir]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
(Intel's) McAfee is just evil. I had to yank it off my corporate box because it would just cause a ton of installers to silently have issues. It was bad enough at one point that the local IT folks just gave out the password to stop the AV system for 15-30 minutes at a time.

Top
#350033 - 28/01/2012 06:51 Re: General Crawler badness [Re: hybrid8]
Roger
carpal tunnel

Registered: 18/01/2000
Posts: 5683
Loc: London, UK
Originally Posted By: hybrid8
For the life of me I can't understand why people continue to run Windows.


Because I like it. Leave that dead horse alone.
_________________________
-- roger

Top
#350034 - 28/01/2012 12:42 Re: General Crawler badness [Re: Roger]
frog51
pooh-bah

Registered: 09/08/2000
Posts: 2091
Loc: Edinburgh, Scotland
To respond to a few folks:

MSE is more effectively hooked into file accesses than NOD or Avast etc., so it should load the system much less than the others. It also updates efficiently. Corporate AV is still not improving as much as you'd hope - there are some builds which work, but generally they are a complete pig. Macafee are doing good work with their DLP solution, though, so maybe that's where all their good devs have gone...

I always recommend MSE and chrome for home users with AdBlock plus, AdAware and NoScript - this will help protect you.

Also make sure you aren't running java unless you need it (If you are a java dev you may need the full environment, but otherwise get it off)

Windows 7 is now a pretty secure OS (and even XP with SP3 isn't bad - it generally is not the problem when your PC is exploited. It's the browser, flash and java)
_________________________
Rory
MkIIa, blue lit buttons, memory upgrade, 1Tb in Subaru Forester STi
MkII, 240Gb in Mark Lord dock
MkII, 80Gb SSD in dock

Top
#350037 - 28/01/2012 20:20 Re: General Crawler badness [Re: frog51]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14491
Loc: Canada
What is "MSE" ?

Top
#350038 - 28/01/2012 20:43 Re: General Crawler badness [Re: mlord]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
Originally Posted By: mlord
What is "MSE"?

Microsoft Security Essentials

It's Microsoft's own free antivirus. It will be part of Windows 8 by default, I believe, which will probably bring up a new round of anti-competitive issues, but frankly this particular instance wouldn't bother me.

Also, it's not originally a Microsoft product. I believe it was purchased as a product called Giant.
_________________________
Matt

Top
#350058 - 31/01/2012 20:16 Re: General Crawler badness [Re: mlord]
frog51
pooh-bah

Registered: 09/08/2000
Posts: 2091
Loc: Edinburgh, Scotland
Originally Posted By: mlord
What is "MSE" ?


Don't worry - it's a windows thing :-)

Seriously though, it is actually very good, so if you run Windows at home you should use this.
_________________________
Rory
MkIIa, blue lit buttons, memory upgrade, 1Tb in Subaru Forester STi
MkII, 240Gb in Mark Lord dock
MkII, 80Gb SSD in dock

Top
#350061 - 31/01/2012 21:13 Re: General Crawler badness [Re: frog51]
tanstaafl.
carpal tunnel

Registered: 08/07/1999
Posts: 5546
Loc: Ajijic, Mexico
Originally Posted By: frog51
Seriously though, it is actually very good, so if you run Windows at home you should use this.
NOW you tell me. Last week I just renewed my AVG license for another two years.

In my defense, I have been quite happy with AVG. I find it to be very non-intrusive, it seems to always do "the right thing", and the few times I have asked for their tech support the service was superb.

Of course, consider that I went to AVG from McAffee, so AVG would look very good by comparison.

tanstaafl.
_________________________
"There Ain't No Such Thing As A Free Lunch"

Top
#350064 - 01/02/2012 00:41 Re: General Crawler badness [Re: frog51]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14491
Loc: Canada
Originally Posted By: frog51
Originally Posted By: mlord
What is "MSE" ?


Don't worry - it's a windows thing :-)

Seriously though, it is actually very good, so if you run Windows at home you should use this.

Is it easy to get rid of, once ensconced?

Top
#350065 - 01/02/2012 02:14 Re: General Crawler badness [Re: tanstaafl.]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
Originally Posted By: mlord
Originally Posted By: frog51
Originally Posted By: mlord
What is "MSE" ?


Don't worry - it's a windows thing :-)

Seriously though, it is actually very good, so if you run Windows at home you should use this.

Is it easy to get rid of, once ensconced?

Yes.

Originally Posted By: tanstaafl.
Originally Posted By: frog51
Seriously though, it is actually very good, so if you run Windows at home you should use this.
NOW you tell me. Last week I just renewed my AVG license for another two years.

Well, I think we need to bring it up before your renewal next year, then. I'm certain we've had this discussion before, and you said then that you were using AVG.

I used to use AVG myself, but was very sad to see them start heading down the same path that made McAfee and Norton such awful programs: bloat. AVG now prides themselves on that screenshot of all the wonderful services they provide you.

I'm not saying it's negatively impacting AVG yet, but I think it's only a matter of time.
_________________________
Matt

Top
#350068 - 01/02/2012 12:22 Re: General Crawler badness [Re: Dignan]
larry818
old hand

Registered: 01/10/2002
Posts: 1039
Loc: Fullerton, Calif.
Originally Posted By: Dignan
I'm not saying it's negatively impacting AVG yet, but I think it's only a matter of time.


You can say it, it's time.

Top
#350069 - 01/02/2012 14:06 Re: General Crawler badness [Re: Dignan]
tanstaafl.
carpal tunnel

Registered: 08/07/1999
Posts: 5546
Loc: Ajijic, Mexico
Originally Posted By: Dignan
I used to use AVG myself, but was very sad to see them start heading down the same path that made McAfee and Norton such awful programs: bloat.
Good point. At least we can all rest easy knowing that Microsoft would never indulge in such a thing.

tanstaafl.
_________________________
"There Ain't No Such Thing As A Free Lunch"

Top
#350075 - 01/02/2012 18:44 Re: General Crawler badness [Re: tanstaafl.]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
Originally Posted By: tanstaafl.
Originally Posted By: Dignan
I used to use AVG myself, but was very sad to see them start heading down the same path that made McAfee and Norton such awful programs: bloat.
Good point. At least we can all rest easy knowing that Microsoft would never indulge in such a thing.

They could, but at that point I'll just move to the next guy smile
_________________________
Matt

Top
Page 1 of 2 1 2 >