tag:blogger.com,1999:blog-323117222166894889.post6200475418309362262..comments2023-10-31T10:06:36.202-04:00Comments on Diary of a Right Wing Pussycat: New Information on WOMANHONORTHYSELF.COM 2/23/2012Kidhttp://www.blogger.com/profile/05287399775879832602noreply@blogger.comBlogger22125tag:blogger.com,1999:blog-323117222166894889.post-76120323757131181912012-02-29T19:35:10.086-05:002012-02-29T19:35:10.086-05:00Fishaddict, if it goes that far, it is probably ph...Fishaddict, if it goes that far, it is probably phishing for credit card data and/or bank data. You contact them and fill out a standard shopping cart thing and they head off and buy stuff. Certainly a reasonable thing for the suckas to do.<br><br>Well, the last time I got one of these things that I decided to deal with, it took quite a bit of effort.<br>Disconnect from the Inet, kill multiple running processes that continually start each other back up. Run the spybot type of stuff repeatedly. Took a couple hours. From then on, I decided I'd always have option A available ;-)<br><br>Anyway, there's a lot going on in that venue, big business. How about he Clean My PC people? If people have bad habits or poor/none security software, they'll pick up the stuff that just got cleaned and have to continually repeat the process. I don't know what they charge or if they steer customers towards keeping their PC's clean but it sure has to be profitable.<br><br>I often wonder how the anti-virus people were ready to go the nanosecond the first PC's were sold if you get my drift. It is an entire industry.<br><br>Always the money.<br><br>Thanks again for your information.Kidhttp://www.blogger.com/profile/05287399775879832602noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-58030936972708895402012-02-29T13:55:30.551-05:002012-02-29T13:55:30.551-05:00Kid, you are correct and it is real. I keep a mach...Kid, you are correct and it is real. I keep a machine in my dmz as a decoy and can say that this trojan is intrusive and debilitating but it is more akin to a phishing attack than anything. It deploys a popup saying it is scanning and found something. It can be whatever flavour of virus is popular at the time. It will say that you can contact the security group and buy a product to remove and prevent future occurances. This is false. It is, in my mind, a form of predatory advertising preying on people who really don't know any better. I get quite a few calls from folks wanting stuff like this removed and should they buy the product and sometimes they are so devious that I tear my hair out trying to figure out the issue.fishaddicthttp://www.blogger.com/profile/06282716749772533595noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-40676307008256032802012-02-28T18:16:37.439-05:002012-02-28T18:16:37.439-05:00Fishaddict, Thanks for the tip, but I don't h...Fishaddict, Thanks for the tip, but I don't have those registry entries nor the exe. I wiped them out by going to an image backup that was made prior to being infected.<br><br>I checked just now anyway.<br><br>Thank you very much for taking the time to comment that.<br><br>When it was on my system, it was very real. It even made Windows System Restore unusable.<br><br>I decided to go to image backup as that only took 30 minutes. It probably would have taken longer to run Win defender or whatever it took, and I didn't want to wonder if I missed some little chunk of it that would steal passwords, or whatever. The backup made it a 'never happened'.<br><br>Thanks again.Kidhttp://www.blogger.com/profile/05287399775879832602noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-14387915924535371942012-02-28T11:02:11.021-05:002012-02-28T11:02:11.021-05:00It is a fake. To remove open your machine via safe...It is a fake. To remove open your machine via safe mode with networking, right click the shortcut on your desktop and note where the .exe is. It is probably in the c:Users//AppData/Roaming. It will be called isecurity.exe. remove it and the shortcut. Then start->run->regedit click the following paths and remove the file at the end.<br><br>HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Internet Security"<br>HLEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "ISECURITY.EXE"<br><br>That will remove the fake alerts and security scans. This is documented scareware so do not pay a cent to get it removed by anyone. Both Norton and McAfee will charge $120 to get rid of it and trying to install or run adaware some other anti virus, spyware, malware will be cut off.<br><br>I do not know how to get it off a website yet but can look into it. Again it is scareware so don't pay to get it removed unless you have a contract with one of the anti virus companies already then it should be quick and free(they usually sell removal services by the year). As a caveat it is not recomended that you monkey around in the registry but in this case I have removed this a couple times successfully just to test and it does work. You can look up Remove fake Internet Security tool in google for more information.fishaddicthttp://www.blogger.com/profile/06282716749772533595noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-83637768450190490822012-02-24T19:31:55.389-05:002012-02-24T19:31:55.389-05:00Woman, if you're subscribed to this thread... ...Woman, if you're subscribed to this thread... I just went to your site, and my security software again tells me JS/Iframe.BQ.trojan is detected and it terminates the connection.<br><br>Just fyi. This can happen to any of us. I'm suspecting it is some type of content that you downloaded and posted on your site. But that's all I've got sine I can't look at your site. Good luck with this.<br><br>Your hosting people should be able to find this thing if you give them the name and/or if they visit the site with a windows computer I would certainly think.Kidhttp://www.blogger.com/profile/05287399775879832602noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-13329182851791070182012-02-24T19:25:39.153-05:002012-02-24T19:25:39.153-05:00Carol-CS, Most welcome.Carol-CS, Most welcome.Kidhttp://www.blogger.com/profile/05287399775879832602noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-51054199925956691222012-02-24T19:25:10.897-05:002012-02-24T19:25:10.897-05:00RM, We can't have that !RM, We can't have that !Kidhttp://www.blogger.com/profile/05287399775879832602noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-18408477748496028892012-02-24T15:58:21.255-05:002012-02-24T15:58:21.255-05:00Thank you for the warning-Carol-CSThank you for the warning-<br>Carol-CSchristian soldierhttp://www.blogger.com/profile/04781627688988991192noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-10375245938653129802012-02-24T07:32:57.844-05:002012-02-24T07:32:57.844-05:00Thanks for the warning, Kid. My hubby would be so ...Thanks for the warning, Kid. My hubby would be so pissed if I picked up a nasty computer disease while blogging.republicanmotherhttp://www.blogger.com/profile/07771957484079419477noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-1450361915203620762012-02-23T23:16:26.559-05:002012-02-23T23:16:26.559-05:00They Say, No. A trojan is a trojan.They Say, No. A trojan is a trojan.Kidhttp://www.blogger.com/profile/05287399775879832602noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-60895546761279807392012-02-23T22:24:53.376-05:002012-02-23T22:24:53.376-05:00Could it be a false positive?I don't want to g...Could it be a false positive?<br>I don't want to go there to see if mine will show anything as I am not a IT Tech.They Say/We Sayhttp://www.blogger.com/profile/02294584351677488365noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-81995179526410261362012-02-23T18:41:00.846-05:002012-02-23T18:41:00.846-05:00They Say/Christopher, It is indeed a problem. my ...They Say/Christopher, It is indeed a problem. <br><br>my security software Immediately Detected the threat - JS/Iframe.BQ.trojan<br><br>and terminated the connection.Kidhttp://www.blogger.com/profile/05287399775879832602noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-75805298841772053792012-02-23T18:33:10.267-05:002012-02-23T18:33:10.267-05:00Woman, IMPORTANT. I'm afraid the threat on yo...Woman, IMPORTANT. I'm afraid the threat on your site is Real.<br><br>I turned up my security settings and when I accessed your site, my security software Immediately Detected the threat - JS/Iframe.BQ.trojan<br><br>and terminated the connection.Kidhttp://www.blogger.com/profile/05287399775879832602noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-49463675801714991982012-02-23T16:28:24.889-05:002012-02-23T16:28:24.889-05:00This comment has been removed by the author.This comment has been removed by the author.Kidhttp://www.blogger.com/profile/05287399775879832602noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-977158414805569522012-02-23T09:12:27.577-05:002012-02-23T09:12:27.577-05:00Hey friend...no problem at this end..I even contac...Hey friend...no problem at this end..I even contacted my domain owner..I don't use the Blogspot site as u know anyway...but it didn't come from WHT~!..soory it happened but plz don't warn pple about my site because it is fine~!..have an awesome day buddy~!:)WomanHonorThyselfhttp://www.blogger.com/profile/17211851365273181636noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-30568804027616178662012-02-23T01:53:57.880-05:002012-02-23T01:53:57.880-05:00Kid,,,I will take your alert at face value being I...Kid,,,<br><br>I will take your alert at face value being I trust you but certainly hope it is incorrect in the end.<br><br>I am sorry to hear of your PC problem to be sure and thank you for the heads-up on this as well.<br><br>I emailed WHT/Angel for more info regarding this and await a response.Christopher - Conservative Perspectivehttp://www.blogger.com/profile/14102651466203156040noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-33626819322951635152012-02-23T00:35:56.054-05:002012-02-23T00:35:56.054-05:00I emailed Angel and said she was not aware.I told ...I emailed Angel and said she was not aware.<br>I told her to have Blogger check it out.They Say/We Sayhttp://www.blogger.com/profile/02294584351677488365noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-41461269591548839062012-02-23T00:26:21.702-05:002012-02-23T00:26:21.702-05:00This comment has been removed by the author.This comment has been removed by the author.They Say/We Sayhttp://www.blogger.com/profile/02294584351677488365noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-52278764283809033102012-02-22T23:02:25.499-05:002012-02-22T23:02:25.499-05:00@Opus. A smart thing to do. As Apple gets more ma...@Opus. A smart thing to do. As Apple gets more market share though, they will start to attract attention from the vermin. Chances are they'll deal with it better than MSFT though.<br><br>@Fuzzy, Well, since my image backup restore worked well (it seems to so far), it wasn't very painful at all. Took about a half hour to reload the PC and restore it. If one doesn't have that capability, this will be a nightmare for them.<br><br>@DeanO, Yep. I'd like to hurt these people. Punk retards. They seem outside the law, as usually they operate in Iran or some other lawless hellhole.<br><br>@All - Sarcastically said "Great Job Windows Firewall and Windows Defender!" Sarcasm off.Kidhttp://www.blogger.com/profile/05287399775879832602noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-13769337513119729882012-02-22T22:23:13.943-05:002012-02-22T22:23:13.943-05:00I hate Virus and Trojan Malware!!! Thanks for the ...I hate Virus and Trojan Malware!!! Thanks for the heads up!DeanOhttp://www.blogger.com/profile/06746462226550561252noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-4490099616369948812012-02-22T22:09:04.476-05:002012-02-22T22:09:04.476-05:00Thanks so much for the heads up, Kid! how awful fo...Thanks so much for the heads up, Kid! how awful for you, too :(Fuzzy Slippershttp://www.blogger.com/profile/13021615731454709413noreply@blogger.comtag:blogger.com,1999:blog-323117222166894889.post-52181498465427296482012-02-22T21:50:11.617-05:002012-02-22T21:50:11.617-05:00So sorry to hear that your computer was attacked. ...So sorry to hear that your computer was attacked. That happened to me a few years ago on a blog called "The Steady Drip". <br><br>After that I switched to a Mac.Opus #6http://www.blogger.com/profile/02063785617333740178noreply@blogger.com