Please share far and wide!

Search This Blog

Monday, November 10, 2014

Great quotations, better than Einstein And Way Better Than Bill Gates!

Marilyn Hatfield retweeted
 ·  5 Aug 2013
Minimum intervention is the policy we adopt to avoid the work of repairing damage caused by unthinking intervention.
0 replies 20 retweets 1 favorite
Posted by Stock at 8:33 AM 0 comments

Saturday, November 8, 2014

Virus Laden Troll Links at ENENEWS, Trojan Nuke Troll

FINALLY!

The trolls at ENE have really helped again.   Read this nightmare, but don't worry, there is a happy ending.

A few weeks ago, a troll had placed a link supposedly to a research paper, on ENENEWS.    Indeed, the paper was there, but apparently a pretty sophisticated payload consisting of virus "Smart Guard" and others viral forms also infected my main computer.   I was only running AVG which is a free virus scanner at the time.      This was a pretty nasty virus.    It would change the security settings on my browser, so even to view a PDF you were forced to reconfigure your security settings, which were incidentally toggled to the "custom range" in which it would be easy for someone to open up way to much security in an effort to get the download or view the file they want.    Once your security settings were "loosened" then the virus would use that opening to inject even more nasty stuff.   Ya, they got me.

BEWARE OF TROLLS BEARING GIFTS and LINKS



The virus also prevented the installation of virus removal software like Malware Bytes, and prevented a drive imaging program from making a backup copy of the OS drive.    I am sure it was preventing other things from running also, but those were so of my main tools to protect data and extract the nastys.

So this post is about informing people of some basic computer tools that really work, and are relatively low cost compared to spending days fixing a computer or limping along with decreased functionality, aka  poorly name "workarounds".

Another surprising aspect of this latest infection is that it deleted all my restore points!    These are the Restore Points builts into Windows 7.      It is amazing that Windows 7 would allow anything other than "full control" over your computer from an admin account to delete restore points.

1) Restore Points is used by Windows to revert to a previous time, when you weren't having problems.   You lose no data either, just the system files are Restored.   This is a powerful and simple tool that anyone can use, and you should know about it.       Well its powerful unless your nuke industry virus providers found a way to delete your restore points!   LOL, ouch.

The virus also partly took over Outlook 2010 and created a folder within Outlook that said "Infected Items"  in which there was one email bolded within there.   That was surprising and of course I did not click it.    Hmmm, maybe Bill Gates ought to spend a little on hardening our basic communications systems rather than filling the world with vaccines.

The virus also created millions of files in my Operating System drive in a user "Temp" file which bloated the hard drive with hundreds of gigabytes of junk data, literally millions of files.    This made the hard drive highly fragmented and HUGE.    The massive size made it impossible to a "Drive Image" which is a form of backup.

Finally, the virus seemed to want to do two things that I know of.    It would try to send packets of information out (to Russia).       I had installed ESET NOD32 Antivirus 6 (this program was unable to remove the viruses in their entirety, FYI) and ESET was able to prevent these outgoing packets, sometimes 2 or 3 in 5 seconds, thousands a day.     I tagged the intended IP address and it appeared to be a location in Russia, although these type of things can be faked, especially by those capable of deploying and creating such a broadbased and capable virus.

And the last effect was created primarily from taking over a legitimate windows process, the process that windows uses to show thumbnail display of images in your computer, this process would replicate itself over and over again, with varying waves of taking up some or all your computer processing power.    This would bring the computer to a crawl.     But sometimes the computer would work OK also.    Also with this, the viruses would rev up and rev down the DVD drive (in Stuxnet fashion), just making an annoying background noise.    Stuxnet is a high level virus purportedly developed within the military/intelligence/nuclear community (may I say Cartel) meant to rev up and rev down centrifuges for nuclear fuels to destroy them.     Certainly running your drives fast up and down, and running processors at top speed is not going to be good for them.  

OK sounds pretty horrible right?    Indeed, I have seen persistent malware / viruses before, but not as far reaching as this.     None that tried to use my computer as a zombie transmitter.

Neither ESET nor Malwarebytes nor AVG was able to extract this beast, although they did seem to be able to knock off a few of the Medusa heads, but then the heads would them grow back in a fashion.
-------------------------------------------------------------------------------------------------------------------

In a future post I am going to introduce people to some important tools that are easy enough for everyone to use.  

Acronis True Image - Can completely restore your computer, even if all of the Windows restore points have been destroyed.
  1. Malwarebytes -- a free and purchasable software program that is more capable than most
  2. TOR - a way to surf the internet with nearly complete anonymity (caveats apply)
  3. Backup my PC
OK The Outcome?    It is always "annoying" to have to revert to an earlier "Drive Image" and find you have some unintended consequences, so you don't do so unless you have a real problem, if you have decent work arounds, you probably do those rather than "Ghost back" (an old school term for recreating your computer drive using a drive image, back in the day when Norton's 'Ghost' program was all the rage)

So faced with a "real problem" I Ghosted back my computer to June 2013 state, when it was pretty new.      Whallah!     Tons of problems that had built up over 1.5 years all went away, and the computer is clean and fast.     Everything loads fast, windows opens fast, and it is a joy to use.

Thanks to the Nuclear Asshat Trolls who motivated me to take this simple step.      Now I have full functionality on using TOR, I also regained the ability to modify Nukepro blog from my main computer, which incidentally was lost exactly as I was exposing the coverups at WIPP.

So thank you Virus laden trolls of the nuke industry at ENENEWS.     Ya fixed it!   LOL

Be careful of trolls bearing gifts and links.    At least make sure you have some real virus and malware running.
=====================================
Apparently I wasn't the only one to get hit

obewanspeaks
November 8, 2014 at 2:53 pm · Reply
I lost 2 hard drives connected to the same computer within 24 hours of each other..what are the chances of that one?
Slim to none. :(
Evil walks tall these days..
===================================================
Another testimonial of the intentional damage caused by the nuke cartel

ISPC
November 8, 2014 at 8:01 pm · Reply
Yes. stock. My machine was infected from pigman's links. You may have noticed he bragged about his criminal asshosiates in the basement of the ciansa building cooking it up for us. The malware/trogans/viruses were extremely extensive on my machine. They completely took out IE. Firefox worked longer; but that lead to more misdirected links, and more trogans, malware, and virus info downloaded when pages were closed out. It/they destroyed the Startup File. It took out the Startup Repair. It took out the Restore Points. It shut down the Antiviral Software(Microsoft's was first to go). I do not believe all this damage was done by simply one link, and one virus, trogan, or malware. I think it was cumulative. It/they tracked usage prior to disabling, and forwarded this info. I think it is best to run Anti Malware like Spybot and Malwarebytes, and Antiviral Software Scans,(I like AVG) before shutting down. I did not format the hdd, and reinstall the OS. I defeated all their malware, trogans, and viruses manually. Now, I think it is best to be prepared to re-format and re-install the OS; given all the time it took to remove their "above the law" criminal ELEtist distractions. We must be doing something right here on ENEnews. No Nukes. Peace
---------------------------------------------------------
From the Good Doctor

There is a law that is backed up felony conviction potential, regarding site terms of service.
Violating that opens a troll up to felony fines and jail terms.
Details in this article;
SOPA Whistleblower; Aaron Swartz; Bringing Public Access To The Public Domain – Documentary Movie Synopsis And Commentary
http://agreenroad.blogspot.com/2014/11/whistleblower-aaron-schwarts-bringing.html

0000000000000000000000000000
HoTaters
November 9, 2014 at 12:05 am · Reply
My e-mail got hacked while the MBP was operating. So were two of my family's bank accounts. Coinkydink?


Report comment

HoTaters
November 9, 2014 at 12:05 am · Reply
And that was my private e-mail, not the one I post here.

VanneV
November 8, 2014 at 11:48 pm · Reply
My computer got more than 180 mal files when I linked to WesternKyMan's links at ATS. I'm having to scan everyday now, although I think I got rid of the mess from WKM's links. I go into control panel and look at the date a program got added and delete anything new that I can't identify. Also I restored Firefox to original defaults and got rid of junk that way. Also I look for any toolbar programs to delete and and any unwanted add-on .


Report comment

VanneV VanneV
November 8, 2014 at 11:52 pm · Reply
I scan with Malwarebytes and Malware, and Microsoft Security Essentials with full scans both.

Jebus
November 9, 2014 at 4:49 pm · Reply
Heads up peeps. I just killed a hidden cmd.exe process earlier today, with no applications running. Did a full root kit scan and an attempt was made to root my box. All the other boxes on my lan are clean.
I'm fairly savvy at this, but I killed the hidden command window before I could look at it.
It is interesting that this is the route chosen…
I see it as an opportunity to log some offenses.
Those of you who are tech savy know that this change of tactics is easily logged and easily analyzed.
It is a federal offense to maliciously tamper with a computer over the internet.
I'm off to scan some logs and enable some more tools…
===================================
Bungalow Phil
November 9, 2014 at 6:00 pm · Reply
stock,
Yes, indeed. The primary system I use is virtually handicapped past few weeks. It takes sometimes 30 seconds for a dialog box to respond to a command or simple keystroke. If you say it is troll linx I wouldn't know, but suggesting a robust detection and prevention program would be helpful. By the way my system says it is functioning normally.
Thanks


Report comment

stock stock
November 9, 2014 at 6:04 pm · Reply
Bungalow, If on windows, you can do ctrl=alt=del and then select task manager, this will show you what is running, and another tab shows you how much CPU is being used.
Thats a start.
Download Malwarebytes (the free version works fine) and run it, might take an hour even.
What other antivirus AV are you running?
---------------------
Check your internet....is the virus sending out packets from your computer?     This is the most disturbing.     


Posted by Stock at 9:17 AM 136 comments
Subscribe to: Posts (Atom)