http://forums.spywareinfo.com/index.php?showtopic=6056
Um... ok...
I really don't believe that it's true. But, if it is, I say that we install .50 cal machine guns at all PC service stores.
Printable View
http://forums.spywareinfo.com/index.php?showtopic=6056
Um... ok...
I really don't believe that it's true. But, if it is, I say that we install .50 cal machine guns at all PC service stores.
Not for nothin but this is a piss poor post. Call me moody or cranky but why not add some useful information rather than a link to a message board.
I just read the whole thread hoping against hope.... (5 pages I might add), that someone would do something right..... No-one seems to want to even though a few amongst them want them to post specifics... ok... there was one... a linux kernel start dump that was immediately refuted as normal.....
Methinks it's a lot like the "TCP flaw that will bring down every router on the internet and bypass them and get every machine on the internet", (or theories to that effect), that went around a few months ago..... It withered on the vine as this one will since there is even less critical thought being put into this.....
As one person mentioned..... Where are the vendors and heavy hitters on this? People in the thread claim to have been "battling" it for over a year..... Yet no-one else has seen it.... :rolleyes:
Hmm,
239.255.255.250 port 1900 is the simple service discovery protocol (SSDP), using multicast to locate a gateway. It is "normal".
This will fire off when you are not connected to the internet, and even ZoneAlarm free edition will detect and report on this activity.
As far as I know this happens in WinME and WinXP?
maybe a free firewall would be more effective than a .50cal, and turn off UPNP, whilst you are at it?
;)
Johhno... Just back from the pub? How was the wine? ;)
Yeah, I don't know if you read the whole thing but it comes across as a serious comedy of errors.
There seems to be no "method" to the investigative "madness" just a frenzy of "let's change this and that and see what happens". There's one chap, (pilloxx or something), that seems to have a clue as to how things work and how to proceed and the rest seem to be lost sheep that are determined to avoid his questions and method.
As an "issue" this fits perfectly in the "fire and _forget_" category at this point.....
It is the worst one on the net because it hit HIM..
This Malware is not the first and is not the Last to use various vectors to keep the users machine F****d.
It has obviously written itself to the BIOS (not just the cmos mem) - needs to clear the CMOS then Flash the BIOS
Next a Low level Format of the HDD, then partition and format.
And finaly stay the F**k away from Warez Sites
I have only had to go to this level once in the last year ..
Did a search on the Trojan his AV claimed to have detected.. only found a couple of forums mentioning it but no real info from the AV co's
but that didn't suprise me..
Cheers
Undies.... Funny.... I started a response, went back to look at something... saw there was 5 pages and stopped my initial response until I read the whole diatribe.....
My initial response started:-
"Firstly, if Undertaker had written this I might wish to take it seriously...."
Having read the whole 5 pages I'm not convinced that there is a high level threat in the wild that is "unstoppable". There may be something out there that, with a certain combination of circumstances, requires such drastic measures as you had to take but I don't believe for a second there is a serious threat from an active source that has only been noticed by three or four people, randomly, across the whole internet.....
I'll follow your lead where this stuff is concerned.....
Hi Tiger~..................I think that damn trojan got into my house and drank all my wine and beer :drink:Quote:
Johhno... Just back from the pub? How was the wine?
Undies could be right about it having infected/flashed the BIOS, but the question remains: why so few reports (anecdotal at that?).
It sounds like a combination of circumstances coupled with a good dose of mass hysteria, urban legend, and ignorance to me.
I picked on 239.255.255.250 port 1900 because that has been around for a long time AFAIK it is a windows thing, and will not take you anywhere?
just my thoughts...........I agree about the thread though, this is how urban legends start is it not?
Cheers
[off-topic] Nihil: HOLY ****! Where you been man? Damn, I haven't seen your misunderstandable language in so damn long. You gotta come back to AO more often and lay the drink down, no? :D [/off-topic]
Oh, and btw to the original poster of this thread: I agree with horseman. Why post a link to a thread at another forum and give no feedback..?