[LCC] Possible virus on contesting.com and eHam websites
Dan Edward Dba East edwards
dan.n.edwards at sbcglobal.net
Mon Oct 3 10:22:34 EDT 2011
some 'flexers' call it 'internet exploder'....ha ha ha....chrome rocks...
--- On Sun, 10/2/11, Charles Morrison <cmorrison at lusfiber.net> wrote:
From: Charles Morrison <cmorrison at lusfiber.net>
Subject: Re: [LCC] Possible virus on contesting.com and eHam websites
To: LCC at louisianacontestclub.org
Date: Sunday, October 2, 2011, 9:15 PM
Dude,
First thing after cleaning a virus from a clients computer that I always
recommend is to stop using Internet Explorer. My choice is Chrome, but of
course there is always Firefox.
If Active X isn't supported (Chrome) then the automatic infections cant
occur. Only time I revert to IE is for Exchange Web Access or pages that
specifically require it.
Besides, Chrome is faster than both IE and Firefox.
Charlie
Ki5xp
-----Original Message-----
From: lcc-bounces at louisianacontestclub.org
[mailto:lcc-bounces at louisianacontestclub.org] On Behalf Of Don Hill AA5AU
Sent: Saturday, October 01, 2011 10:50 PM
To: Don Hill AA5AU
Subject: [LCC] Possible virus on contesting.com and eHam websites
Last Friday I got a nasty trojan on my work laptop viewing ham-related
websites. I didn't know which one because I had left the
room for something and when I returned my PC was going haywire with all
these false alerts saying my hard drive had died. Today I
got a mysterious dialog box when I went to contesting.com. Others have told
me they got the same thing when going to eHam.
It's called the Data Restore virus. A description of the virus plus a good
set of instructions for getting rid of it are located
here:
http://www.myantispyware.com/2011/09/29/how-to-remove-data-restore-virus/
>From what I understand, it could be related to running Internet Explorer 8
under Windows XP although other platforms may be
susceptible too. When visiting these sites, a dialog box comes up asking if
you want to run a program. Do NOT click the Allow
button or the X box to close it or the "What's the risk" link. Instead,
CLOSE IT ONLY USING THE CANCEL BUTTON.
A did a screenshot of the dialog box and put it on my website. To see what
it looks like, go here:
http://rttycontesting.com/contestingcom.jpg
I'm running MS Security Essentials and it did not immediately catch it. I
have heard that other virus programs did not catch it
either.
Sorry for the bandwidth, but I just hope to save others from the pain of
having to deal with getting rid of this crap on their
computer after visiting legitimate ham-related websites.
73, Don AA5AU
http://www.aa5au.com
http://www.rttycontesting.com
_______________________________________________
LCC mailing list
LCC at louisianacontestclub.org
http://mail.louisianacontestclub.org/mailman/listinfo/lcc_louisianacontestcl
ub.org
_______________________________________________
LCC mailing list
LCC at louisianacontestclub.org
http://mail.louisianacontestclub.org/mailman/listinfo/lcc_louisianacontestclub.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.louisianacontestclub.org/pipermail/lcc_louisianacontestclub.org/attachments/20111003/fdffd2f2/attachment-0001.html>
More information about the LCC
mailing list