Monday, June 20, 2011

Marketing Monday: the OTHER kind of viral :)

It's only taken me 3 days and about 50 or 60 cycles of rebooting, scanning, rebooting, scanning. Ultimately, I had to go in through the Windows 7 "DOS Shell" (it's no longer DOS underlying Microsoft's Windoze and it's not an actual shell interface, but let's call it that for simplicity's sake, shall we? :-) I manually deleted the faux Flash installer EXE files and voila, scanned without finding newly-bred malware.

This thing was truly malicious in how it rebred itself upon reboots after deleting all of the suspect files the previous time. Left unchecked, the EXE files reproduce tenfold each time you reboot so you can just imagine--or can, at least if you do the math

I'm fairly sure that the OBJECT tag code generated from an Amazon widget was the Trojan's origin, having piggy-backed itself to the call to the Shockwave Flash (SWF) file, but the bugger attached itself to my system by impersonating an Adobe Flash updater. That's why I had to go in through the "shell" and delete all of the alleged Flash updater EXE's to finally kill it. In addition, I had to delete the Adobe DLM Extension from my otherwise current Firefox browser and I updated the Acrobat Reader that I had to make sure it didn't reinfiltrate through that Adobe product the next time I opened a PDF file. This is apparently another way this "karangany" Trojan penetrates normally-defended computers.

To protect yourself, please be sure your web browser and all of its extensions, plug-ins and related programs having anything to do with Adobe are up-to-date and/or deleted and then reinstalled. Don't trust your own search of your hard disk; use a solid Anti-Virus program like the webroot subscription service or Kaspersky program. Both webroot and Kaspersky conduct sales not only in the USA but also in Europe (and possibly the Middle East).

In any case, it's now 1630 hrs on Monday and I've gotten no Monday Marketing post done, My apologies. Might still get something together tonight but I'll have better luck incorporating it into a fabulous Tuesday Tip!

No comments: