Virus(es). Sh**.

[Connemara]

Was just surfing Rotten Tomatoes on my desktop and something went terribly awry. Two DOS windows popped up and then my anti-spyware program showed 5 or 6 critical threats. Saw something about a trojan, something about W32 (thus I assume it's a .Blaster or something) before I got a BSOD. Restarted, wasn't able to fire up antivirus before another BSOD restarted me.

Not sure what to do, I've never had something this bad. Any advice?

 

[Connemara]

Looks like I'm OK now. But it's quiet...almost too quiet. P.S. It happened while I was browsing torrentz.com. **** that site.

 

[Spilotro]

Do you get popups that advertise antivirus software?

 

[BubblyMasquerade]

download the noscript plugin for firefox...

 

[BDC2823]

Originally Posted by Spilotro

Do you get popups that advertise antivirus software?

I got this on my computer and decided it was time to reformat the damn thing. It truly is a pain. Hopefully you get it all cleared up Conne.

 

[kwilkinson]

Your computer got fucked up while you were illegally downloading stuff. Karma much?

 

[Connemara]

Originally Posted by kwilkinson

Your computer got fucked up while you were illegally downloading stuff. Karma much?
Wasn't downloading anything. Thanks for the NoScript reminder, forgot about that. I've had it on my laptop for a year or so and just put it on to the desktop.

 

[kwilkinson]

Originally Posted by Connemara

Wasn't downloading anything.

You just read torrenting sites for fun?

 

[Spilotro]

Originally Posted by BDC2823

I got this on my computer and decided it was time to reformat the damn thing. It truly is a pain. Hopefully you get it all cleared up Conne.

There's a cleaner for this little cyberbastard, which I wonder if Conne may have:

http://malwarebytes.org/


Download their free anti-malware program, and run it. If your computer begins to freeze or freak out as you open or run the setup file, rename it (about anything works, just maintain the .exe designation). This virus (Virtumod, Virtumonde, Vundo) actually knows how to protect itself. If you have it, your Windows security software is probably already compromised, and giving false readings.

 

[Connemara]

Originally Posted by kwilkinson

You just read torrenting sites for fun?
How dumb are you? Browsing does not equal downloading. According to a virus scan, it was a trojan downloader that got me.

 

[Berticus]

Even if I used Windows, I'd have a much more secure setup. All information coming in would be cleaned before it reaches the computer I'm working on. I'd do this by adding a second computer with Linux between the connection and the computer I'm working on. That second computer would have the firewall and antivirus to filter everything. On a personal level, I'd have different accounts with different levels of security clearances, a password changer for all accounts, anti-rootkit, a good hosts file, and each account would be secured. If I did have an antivirus, it wouldn't be scanning incoming traffic. It would only be there to scan files already on the computer. I'd also have the hard drive encrypted, and the encryption key would either have to be typed out every time or stored on a usb drive (so it'd sort of act like a key to your computer). Oh, with the encryption thing, I would stenograph the volume and OS. Of course, Windows also wouldn't be my first choice... Either way, similar principles apply. ---Edit--- By the way, it's called a drive-by download. They're scripts, typically hidden in ads, which forces your browser to download certain files. You don't actually need to click on anything, it just happens when the page loads.

 

[kwilkinson]

Originally Posted by Connemara

How dumb are you? Browsing does not equal downloading.

According to a virus scan, it was a trojan downloader that got me.

So what were you doing? Just seeing what was out there? But not planning to download anything?

Dumb ****. I said it was karma that while you were looking for stuff to steal or have already stolen your computer got messed up. It's not that hard to understand.

 

[Connemara]

Originally Posted by Berticus

Even if I used Windows, I'd have a much more secure setup. All information coming in would be cleaned before it reaches the computer I'm working on. I'd do this by adding a second computer with Linux between the connection and the computer I'm working on. That second computer would have the firewall and antivirus to filter everything. On a personal level, I'd have different accounts with different levels of security clearances, a password changer for all accounts, anti-rootkit, a good hosts file, and each account would be secured. If I did have an antivirus, it wouldn't be scanning incoming traffic. It would only be there to scan files already on the computer. I'd also have the hard drive encrypted, and the encryption key would either have to be typed out every time or stored on a usb drive (so it'd sort of act like a key to your computer). Oh, with the encryption thing, I would stenograph the volume and OS. Of course, Windows also wouldn't be my first choice... Either way, similar principles apply.

 

[Berticus]

Hey, even the free information from SANS and all sorts of CERTs are good. Forgot to mention, with Linux, you also get some NSA software (SELinux). I don't think there's anything to that level for Windows users.

 

[unjung]

Originally Posted by Spilotro

There's a cleaner for this little cyberbastard, which I wonder if Conne may have:

http://malwarebytes.org/


Download their free anti-malware program, and run it. If your computer begins to freeze or freak out as you open or run the setup file, rename it (about abything works, just maintain the .exe designation). This virus (Virtumod, Virtumonde, Vundo) actually knows how to protect itself. If you have it, your Windows security software is probably already compromised, and giving false readings.

+1. There seems to be a new sort of malware out there that embeds itself as a rootkit, so deeply that apparently most corporate sysadmins just wipe infected boxes rather than try to remove the malware. However, the program linked above is pretty damn effective. There are a few other similar tools that have emerged recently for fighting a piece of malware called Antivirus 2009, and they're pretty good.