LISTSERV - BLIND-HAMS Archives - LISTSERV.ICORS.ORG

BLIND-HAMS Archives

For blind ham radio operators

BLIND-HAMS@LISTSERV.ICORS.ORG

	LISTSERV Archives
	BLIND-HAMS Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Warning Trojan Horse From DVS Download
From:	Harvey Heagy <[log in to unmask]>
Reply To:	For blind ham radio operators <[log in to unmask]>
Date:	Thu, 19 Mar 2015 17:49:46 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (82 lines)

Thanks Phil for this warning information.  The last time I tried to access
the movie vault on Blind Mice Megamall it wanted either a $25.00 or a $10.00
contribution in order to access the vault.  When I declined, it wouldn't let
me access the vault at all.  Even though you say this is different than
Blind Mice Megamall, I'd let them know what happened to you.
Harvey

-----Original Message-----
From: For blind ham radio operators [mailto:[log in to unmask]]
On Behalf Of Phil Scovell
Sent: Thursday, March 19, 2015 3:00 PM
To: [log in to unmask]
Subject: Warning Trojan Horse From DVS Download

Recently I took a break from reading NLS books to listening to DVS movies 
downloaded for free from Blind Mice.  I started with all the Star Trek 
movies, some of which I hadn't even watched, and the ones I had seen, I 
downloaded anyway because it had been years since I had read the books or 
seen the movies.  When I downloaded Star Trek The Wrath of Khan, I noticed 
as I cursored down through the filenames in a folder on my hard drive, it 
was an executable .EXE file.  I just figured it was larger so it was 
archived perhaps or there was another file inside the archive.  I opened the

file and got an advertisement which asked me to download a uni deals program

for quick shopping plus a program called something like Search Protect.  I 
got 4 or 5 screen saying, are you sure you don't want to download our 
program, press enter to continue, or enter to agree, enter to accept, and 
enter to continue.  I discovered, it made no difference I was saying no all 
this time because one screen had no choice but yes.  I tried bypassing it by

going back a screen, but when I said no again, it downloaded the program 
Search Protect anyway.  Then it allowed me to download the movie Wrath of 
Khan.  As soon as I tried opening the MP3 movie file, a Trojan horse warning

popped up in AVG and said 6 files had just been infected.  Do you want AVG 
to quarantine the threat, delete the virus, or do you want AVG to handle it 
in its own way.  I told it to remove the infection, not the files of course,

and it did so; deleting them from the files.  I ran AVG full scan after this

happened because I have a pair of 500 gig drives, the second for backup. 
Nothing was found.  I ran Mal Bytes freeware and it found nothing else.  Of 
course, I have AVG set up for full drive scan in the middle of the night but

it never hurts to do it when something like this happens.  I've scanned for 
the .EXE file hidden elsewhere but couldn't find it after deleting the 
original star trek the Wrath of Khan,EXE file from my hard drive.  Next time

I'm on blind mice mega mall, I'll look to see how that file is posted to see

if it is listed as an MP3, as all the rest are, or if it's filename is .EXE 
instead.  Well, let me check that right now.  Very interesting.  I went 
through everything but canceled the download at the last prompt.  Keep in 
mind, this isn't blind mice mega mall because when you pick your movie to 
download from blind mice, it connects to sendspace.com so you are no longer 
on blind mice but sendspace to conduct the download.  The download is listed

on sendspace as an .MP3 file and when you select download, it still shows as

an .MP3 before you select save.  Even after selecting save, as you well 
know, windows  prompts you again for a file folder to tell windows where you

want to save the file on your hard drive.  So, either something already on 
my hard drive was already there and waiting to be launched or something gets

changed, or did get changed at least that one time, to an .EXE file on my 
harddrive.  I know this isn't ham radio related but it could have been so I 
figured I'd share the information just to be safe.  This is not a third or 
fourth removed virus scare either; this just happened yesterday and last 
night.  I added an additional freeware AVG firewall to the one that was 
already with AVG just to be safer yet.  Boy, I haven't gotten a virus for 
years so it certainly was unexpected.  I also did a full search on this 
program for shopping they were calling UniDeals but that, and Search 
Protect, were gone so AVG definitely found them and deleted them.  With an 
open system such as the mega file services for uploading and downloading 
huge files, no telling who might upload something infectious and even doing 
it unknowingly.

Phil.
K0NX

ATOM RSS1 RSS2

LISTSERV.ICORS.ORG