Comments on: New York Times malware pop-up http://www.p2pnet.net/story/28439 p2pnet.net - reader powered Wed, 01 Feb 2012 15:11:09 -0300 http://wordpress.org/?v=2.8.4 hourly 1 By: Jeff http://www.p2pnet.net/story/28439/comment-page-1#comment-983736 Jeff Tue, 15 Sep 2009 19:42:05 +0000 http://www.p2pnet.net/?p=28439#comment-983736 If you're using Internet Explorer, there's one way to kill off these popups without triggering them to install whatever malware they include. That is to use CTRL+ALT+ DEL and shut down the browser with the Task Manager. But using IE in and of itself is a security risk. And the single most abused settings is the ability to launch programs or files in an iframe. No legitimate site should need to have this enabled, so it would be safer to disable it. Firefox with NoScript and a hosts file (MVPS, HP Guru or Bluetack's) will prevent such popups from occurring in the first place. I have that on my home PC, with the MVPS hosts file and SpywareBlaster, which sets a kill bit in IE. And in case something does get in, Malwarebytes. If you’re using Internet Explorer, there’s one way to kill off these popups without
triggering them to install whatever malware they include. That is to use CTRL+ALT+
DEL and shut down the browser with the Task Manager.

But using IE in and of itself is a security risk. And the single most abused settings is
the ability to launch programs or files in an iframe. No legitimate site should need to
have this enabled, so it would be safer to disable it.

Firefox with NoScript and a hosts file (MVPS, HP Guru or Bluetack’s) will prevent such
popups from occurring in the first place. I have that on my home PC, with the MVPS
hosts file and SpywareBlaster, which sets a kill bit in IE.

And in case something does get in, Malwarebytes.

]]> By: Devil's Advocate http://www.p2pnet.net/story/28439/comment-page-1#comment-983661 Devil's Advocate Mon, 14 Sep 2009 22:35:40 +0000 http://www.p2pnet.net/?p=28439#comment-983661 At this point in time, I can't see why people need to be told to use a proper firewall/security package! A good firewall will prompt you when an attempt to install/run a new program is being made, and allows you to abort the action before it begins. The best defense is still EDUCATION... Don't run something or allow an installation, if you don't know WTF it actually IS! At this point in time, I can’t see why people need to be told to use a proper firewall/security package!
A good firewall will prompt you when an attempt to install/run a new program is being made, and allows you to abort the action before it begins.

The best defense is still EDUCATION…
Don’t run something or allow an installation, if you don’t know WTF it actually IS!

]]> By: Dreddsnik http://www.p2pnet.net/story/28439/comment-page-1#comment-983645 Dreddsnik Mon, 14 Sep 2009 15:56:26 +0000 http://www.p2pnet.net/?p=28439#comment-983645 I was bombarded by machines infected in this way for much of august. The warning they were presented with was not the usual red or blue text box containing the warning, but a very real looking Microsoft warning. Just closing your browser is not enough. Any click of the mouse anywhere is treated as an 'ok' to install this fake AV/ASW tool. When you see such a warning your best bet is a 'hard shutdown' ( hold down the power button on your PC until the system powers off, followed by an immediate virus scan upon turning the system back on. Most of my clients know to watch for the old style red or blue box warning .. this fake Microsoft warning took a lot of folks by surprise, and kept me very busy for almost a solid month. I was bombarded by machines infected in this way for much of august.
The warning they were presented with was not the usual red or blue text box
containing the warning, but a very real looking Microsoft warning.

Just closing your browser is not enough. Any click of the mouse anywhere is treated as an
‘ok’ to install this fake AV/ASW tool.

When you see such a warning your best bet is a ‘hard shutdown’ ( hold down the power button on your PC
until the system powers off, followed by an immediate virus scan upon turning the system back on.

Most of my clients know to watch for the old style red or blue box warning .. this fake
Microsoft warning took a lot of folks by surprise, and kept me very busy for almost a solid month.

]]>