LISTSERV - BLIND-HAMS Archives - LISTSERV.ICORS.ORG

BLIND-HAMS Archives

For blind ham radio operators

BLIND-HAMS@LISTSERV.ICORS.ORG

	LISTSERV Archives
	BLIND-HAMS Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Warning Trojan Horse From DVS Download
From:	Jordan Gallacher <[log in to unmask]>
Reply To:	For blind ham radio operators <[log in to unmask]>
Date:	Thu, 19 Mar 2015 19:53:53 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (95 lines)

Sendspace is a bit strange.  There generally are two or three download
links, and if the correct one is found, things are great, but if the wrong
one is clicked, you can be in for a nasty surprise.  I have not had too many
issues with the Movie Vault the last few times I have used it fortunately.
Jordan

-----Original Message-----
From: For blind ham radio operators [mailto:[log in to unmask]]
On Behalf Of Harvey Heagy
Sent: Thursday, March 19, 2015 5:50 PM
To: [log in to unmask]
Subject: Re: Warning Trojan Horse From DVS Download

Thanks Phil for this warning information.  The last time I tried to access
the movie vault on Blind Mice Megamall it wanted either a $25.00 or a $10.00
contribution in order to access the vault.  When I declined, it wouldn't let
me access the vault at all.  Even though you say this is different than
Blind Mice Megamall, I'd let them know what happened to you.
Harvey

-----Original Message-----
From: For blind ham radio operators [mailto:[log in to unmask]]
On Behalf Of Phil Scovell
Sent: Thursday, March 19, 2015 3:00 PM
To: [log in to unmask]
Subject: Warning Trojan Horse From DVS Download

Recently I took a break from reading NLS books to listening to DVS movies
downloaded for free from Blind Mice.  I started with all the Star Trek
movies, some of which I hadn't even watched, and the ones I had seen, I
downloaded anyway because it had been years since I had read the books or
seen the movies.  When I downloaded Star Trek The Wrath of Khan, I noticed
as I cursored down through the filenames in a folder on my hard drive, it
was an executable .EXE file.  I just figured it was larger so it was
archived perhaps or there was another file inside the archive.  I opened the

file and got an advertisement which asked me to download a uni deals program

for quick shopping plus a program called something like Search Protect.  I
got 4 or 5 screen saying, are you sure you don't want to download our
program, press enter to continue, or enter to agree, enter to accept, and
enter to continue.  I discovered, it made no difference I was saying no all
this time because one screen had no choice but yes.  I tried bypassing it by

going back a screen, but when I said no again, it downloaded the program
Search Protect anyway.  Then it allowed me to download the movie Wrath of
Khan.  As soon as I tried opening the MP3 movie file, a Trojan horse warning

popped up in AVG and said 6 files had just been infected.  Do you want AVG
to quarantine the threat, delete the virus, or do you want AVG to handle it
in its own way.  I told it to remove the infection, not the files of course,

and it did so; deleting them from the files.  I ran AVG full scan after this

happened because I have a pair of 500 gig drives, the second for backup. 
Nothing was found.  I ran Mal Bytes freeware and it found nothing else.  Of
course, I have AVG set up for full drive scan in the middle of the night but

it never hurts to do it when something like this happens.  I've scanned for
the .EXE file hidden elsewhere but couldn't find it after deleting the
original star trek the Wrath of Khan,EXE file from my hard drive.  Next time

I'm on blind mice mega mall, I'll look to see how that file is posted to see

if it is listed as an MP3, as all the rest are, or if it's filename is .EXE
instead.  Well, let me check that right now.  Very interesting.  I went
through everything but canceled the download at the last prompt.  Keep in
mind, this isn't blind mice mega mall because when you pick your movie to
download from blind mice, it connects to sendspace.com so you are no longer
on blind mice but sendspace to conduct the download.  The download is listed

on sendspace as an .MP3 file and when you select download, it still shows as

an .MP3 before you select save.  Even after selecting save, as you well
know, windows  prompts you again for a file folder to tell windows where you

want to save the file on your hard drive.  So, either something already on
my hard drive was already there and waiting to be launched or something gets

changed, or did get changed at least that one time, to an .EXE file on my
harddrive.  I know this isn't ham radio related but it could have been so I
figured I'd share the information just to be safe.  This is not a third or
fourth removed virus scare either; this just happened yesterday and last
night.  I added an additional freeware AVG firewall to the one that was
already with AVG just to be safer yet.  Boy, I haven't gotten a virus for
years so it certainly was unexpected.  I also did a full search on this
program for shopping they were calling UniDeals but that, and Search
Protect, were gone so AVG definitely found them and deleted them.  With an
open system such as the mega file services for uploading and downloading
huge files, no telling who might upload something infectious and even doing
it unknowingly.

Phil.
K0NX

ATOM RSS1 RSS2

LISTSERV.ICORS.ORG