Visiting Porn Site KILLS my computer...

[Raydeo]

Well I went and did it this time : Clicking on a link to an unknown porn site provided a very unpleasant surprise:

I was immediately "mouse-trapped" (unable to close out of the page). Unable to do a ctrl-alt-del and kill tasks. Had to power down the system, and on the boot discovered a blank screen(not "blue screen") with a functioning mouse, and that's all. Ctrl-Alt-Del showed nothing running ! Tried the following :

1) Using Win98 boot disc, I ran Scanreg/Restore and set system back to a previous registry setup.

2) Ran AVG anti-virus from DOS and found no infections

3) Reloaded Win98 twice.

4) Ran "sys c:" from the boot disc

Fortunately, I had a backup "clone" of my drive and booted to it and went exploring the infected drive. Found the file "himem sys" in the Temp folder ??? Ran the AV again to no avail. Ran Spybot and found no malware. Deleted existing "himem sys" and copied over a known good copy.

After all that, I just bit-the-bullet and copied all my data over from my backup drive and formatted the infected drive. My curiosity just won't let go : Is there something else that I could have done to rescue my infected drive???

Have since discovered that disabling scripting in IE may have prevented this???

All opinions appreciated. I know, "Stop going to those Porn Sites"!!


Regards, Raydeo

It's a Jungle out there, and it's not far from the Jungle to the Zoo.

[Eraserhead]

It might have been possible to reboot into Safe Mode and look for any malicious programs in Startup using msconfig.

For future use, there's a good Spyware blocker that will add in to your Registry at

http://www.spywareguide.com/blockfile.php

which should stop nasty websites from automatically installing their malicious cr*p on your system.

[meese]

Rebooting is not good if you just got nailed with a virus. It will usually add it self to the start list or run key in the registry. Once you restart your done.

[elmers]

Ya and don't be copying files on your backup cause you might screw that one up too.

[vass0922]

FYI - Run away from IE period

If you're gonna be off the mainstream sites avoid IE like the plague.

Use Opera or maybe even Mozilla

if you absolutely MUST use IE KILL activeX controls too
Be warned though this will also kill flash and shockwave... but using IE is a huge gamble on those sites.

[crouse]

Quote:

Originally posted by vass0922
FYI - Run away from IE period

If you're gonna be on off the mainstream sites avoid IE like the plague.

Use Opera or maybe even Mozilla

if you absolutely MUST use IE KILL activeX controls too
Be warned though this will also kill flash and shockwave... but using IE is a huge gamble on those sites.

I agree 100% ............. only thing better would be to ditch M$ and use FreeBsd or Linux or some other OS that isn't going to be vulnerable .

oh yeah........... and stay off the porn sites

[Raydeo]

Here's the latest info on my infection. My gut tells me that this was the culprit. I neglected to mention that prior to being mousetrapped on a site, my AVG detected a trojan that I don't remember the name of. In my haste(haze?) I just denied access and surfed on (Not one of my more brilliant moves). I then went to a site that mousetrapped me and had to power down to get out of it. This activated the Trojan...
For the Registry Tweakers out there, note the changes it makes to the Registry. In particular, "DisableRegistryTools"... : Very Clever . Perhaps this explains why running Scanreg/restore did no good ??? Here's Symantec's take on it:

http://securityresponse.symantec.com...offensive.html

This damn thing put "NO" on everything in the box...Did everything but wipe the drive and wash the windows...At least they gave it the proper name..!

This thing makes viruses,spyware, and homepage hijacking quite tame by comparison. I had heard of sites that were setup to essentially "destroy" your computer by just going to them, but had never before had that misfortune. At least it didn't wipe the harddrive...

Thanx again for your input,

[Selphie]

God hates pornoboys.

Love god. Hate porno.

[meese]

Lets save the preaching for church.

[elmers]

Opera rocks!