Nasty Virus/Spyware

[CNA]

I was just recently hit with a very nasty trojan spyware and it just took me about 5 hours to clean my system up. There is also a very recent virus and spyware that my dad was hit with about a week ago and he's still trying to get rid of it, extremely malicious. When it comes to computers, my father is way out there intelligent, puts systems together, writes programs, etc., etc., and has one hell of a system. His computer room is pretty much just that ALL COMPUTER equipment. He's extremely computer literate and even he is having a hard time getting rid of this most recent bug that's out there. I know there are a few here that are also familiar with computers and programs such as Bazooka, Adware, Counter Spy, and the like. Unfortunately these programs are not picking up this most recent bug which will wreac some serious havoc on your system such as what my father is going through now. But there is a recent program that is free as a trial download that will pick up these malicious programs that Counter Spy, Bazooka, etc., will not pick up. Even after running on my system the newest version of Counter Spy, Bazooka, and Adware which did clean my system up but not all the way, this new anti spyware picked up over a 100 variances that these other programs missed. Quite phenomenal. Here's the link if anyone is interested in running a free diagnostic with this newest anti spyware which will detect worms, malware, trojans, etc., etc.

http://www.superantispyware.com/?tag=GOOGLE-SUPERANTISPYWARE

[Michael Stuart Kelly]

The very best anti-spyware program I have found is Prevx. It is paid, but you can get a free check. (I just did one and my computer is clean.) This saved my computer once when all else failed (and I did not even buy it).

Otherwise, I go the normal AVG, CrapCleaner and Spybot route while using Firefox. I keep everything updated (including Windows updates). That does the job pretty well.

For those who use Windows, I have read that using a limited account for most of your computer use (like a Guest User option) and only logging in as Admin when you need to do administrative work on Windows or other operating problems eliminates a great deal of spyware headaches—the vast majority of the little buggers simply do not install. They are automatic and normally do not include some kind of script or instructions to infect a computer when the Admin is not logged on, so they simply move on to greener pastures.

Michael

[Fran]

For myself, I'm sick and tired of having to keep running anti-spyware, anti-virus, anti-malware checks on my PC laptop. I've also had enough of concerns of this type. I don't want to have to worry about this kind of thing - losing hours or days of productive work (I work freelance as a writer), while trying to clean my system up.

I have started to ask myself why I am bothering, when I can save myself this relentless hassle and just get a Mac. Which is why my next laptop will be a MacBook Pro.

[Kat]

"Warning - visiting this web site may harm your computer!"

Google and other search engines are tagging search engine results that are known carriers of malware (malicious software). The worst carriers of these are usually programs that are supposedly designed to protect you from these. So before going to any anti-spyware, anti-virus, registry cleaner, pop-up stopper or other program.... google it to see if there is a warning that says, "warning - visiting this web site may harm your computer!" in the search results. This is no substitute for scanning, just a little bit of due diligence in everyday computing that doesn't require installation.

Oh how I miss my Mac....

Kat

Vundo (winfix virus) survivor

[CNA]

Thanks you guys for the replies as well as the link to another program. I have to laugh but this current virus was my fault. I'm pretty anal about keeping my system clean and haven't had a problem in quite a while. I have several programs from firewalls, norton, counterspy, etc, that run all the time in the background. here recently given the nature of my jobs and the confidentiality of it on some of my cases, I'm pretty anal about keeping the BS out and have been successful. But like a doofus I downloaded a program from a site that I've dealt with over the past several years and never had a problem with but downloaded something without running a scan on it first. and D'OH, a few days later started having problems until it completely took out many programs lastnight, including my work stuff. So NOT GOOD.

My dad told me which virus it was that he had but don't remember the name of it now. It's one of those D38-654.98 or whatever it was. Out of all the programs he ran including the counter spy, bazooka, including the one that Mike recommended these programs didn't pick it up BUT the superantispyware program did. He was able to quarantine it but it's heavily infected his system. The program then started to remove the virus and as it was being removed it was launching hidden files reinfecting his computer at the same time it was being removed. It's no doubt very very nasty. He's talked with quite a few people about this virus and with it being so new, there's no patches for it yet and unfortunately many of these people are having to reformat the hard drives. Serious pain in the butt. He has a go back program that he hasn't tried yet. But one good thing is as much as he uses his computer he backs it up frequently, if he ends up having to reformat it when nothing else works.

Again thank you for the replies and hope it helps someone.

Angie

[John Dailey]

~ FWIW, I understand that MAC has mucho lesser probs re virusi for one simple reason: it's not as much used as WINDOWS by most home-owners/small-buisnesses. WINDOWS is the big kid on that block...ergo, it's the most popular target by hackers/hacker-wannabes and out-and-out malicious virus-makers.

~ Should MAC outpopularize WINDOWS, watch the virus-makers shift their focus; indeed, some already have.

LLAP

J:D

Edited January 5, 2008 by John Dailey

[tjohnson]

There are many good linux distributions nowadays that are very user-friendly and no virus worries. I used Linspire (not free) for 3 years and now I use Debian (free but not as easy)

[John Dailey]

~ Many computer home-(and, I would venture, small buisness)-users, nowadays, are aware of LINUX (and its derivatives) and its apparent worth. May I argue that not many such (apart from bachelors) have the time to spend on a-n-y new learning-curve in computer-use...especially handling the something's-not-working-here situations.

~ May I also suggest that my prev arg re MAC outdoing WINDOWS 'popularly' (resulting getting into most hackers' sniper-scope) applies to LINUX as well as any other O-S which becomes T-H-E most 'popular' in use.

~ To iterate: WINDOWS is most prone to virusi b-e-c-a-u-s-e it's the most popular O-S used.

LLAP

J:D

Edited January 5, 2008 by John Dailey

[tjohnson]

~ Many computer home-(and, I would venture, small buisness)-users, nowadays, are aware of LINUX (and its derivatives) and its apparent worth. May I argue that not many such (apart from bachelors) have the time to spend on a-n-y new learning-curve in computer-use...especially handling the something's-not-working-here situations.

~ May I also suggest that my prev arg re MAC outdoing WINDOWS 'popularly' (resulting getting into most hackers' sniper-scope) applies to LINUX as well as any other O-S which becomes T-H-E most 'popular' in use.

~ To iterate: WINDOWS is most prone to virusi b-e-c-a-u-s-e it's the most popular O-S used.

LLAP

J:D

I think there is also an element of hating M$ and all it stands for. One advantage of open source software is that if there is a vulnerability it is reported and fixed VERY fast (sometimes in days) but in corporations the first line of action is to deny there is a problem and secretly try to fix it and if you are lucky they will have a patch in 6 months or so.

[Michael Stuart Kelly]

Here is an excellent list of free online emergency scans from Mashable:

10 Online Virus & Malware Scanners

by Sean P. Aune

From the article:

There's no substitution for a quality antivirus solution, but how many times were you in a situation that you simply have none at your disposal? In such situation, the best you can do is use something that's free and fast. We bring you a list of online virus and malware scanners which will do just fine for a quick scan of the system.

Just click on the link and the information is easy to use.

(btw - It doesn't help an infected Windows user who is losing all his data to tell him Linux or Mac are better. It might help to encourage him to migrate after the scare, but at the time, it is akin to watching someone get run over and saying to him, "You should be more careful," instead of getting him to a hospital.)

Michael

[Rich Engle]

Just for grins I ran the stuff Angie recommended. It did pluck out quite a few I could see but never could get rid of, in particular a very nasty Trojan dropper. Performance improved. So it got in there a bit better than AVG and AdAware, which is what I usually have going.

Oh, to have a Mac. I just spent a good while learning about/working with Macs and it was a real joy.

[Robert Campbell]

Rich,

I hope you'll get a chance to work with a Macintosh again.

I'm sure the Mac OS is targeted far less often than Windows because there is far less hatred for Steve Jobs than for Bill Gates in the world at large--and this could change if the Mac OS is widely enough adopted.

But I suspect that OS X might also be better designed.

I haven't heard any complaints about Leopard being a step backward compared to Tiger. Whereas online stores are offering Windows machines with an optional "downgrade" to XP.

Robert Campbell

[Rich Engle]

I think you're spot on, Robert.

I made my living in IT for a long time, but never much exposure to Macs. I did a little business project recently with a Mac guru, we were rebuilding G4's and selling them for very reasonable prices. Those things were typically 7 years old and they can stand up. Never any troubles. I agree the OS is the thing. OSX is so elegant...

[Kat]

I almost got socked with a nasty little scare-ware called Deus Cleaner. This is one of those programs that tells you that your security is compromised and to install their program to protect your computer. It didn't want me to not install it and the install prompt kept popping up so I did a force quit in firefox and ran virus scans, including the one Angie recommended. Seems ok. I cleared all my stuff... history, cookies, sessions. I went back online and googled Deus Cleaner. It seems that someone else also got this one from the Rolling Stone site and wrote to the Washington Post computer columnist about the problem.

Maryland: Hi. I clicked on a link from an RSS feed on my iGoogle for an article on rollingstone.com. Suddenly, I was attacked by flashing annoyances and scary pop ups suggesting my security would be compromised if I didn't download, download, download. My history (in FireFox) tells me these were sites by something called 'Deus Cleaner.'

What is Deus Cleaner? How did this happen? Is my computer infected? How can I prevent incidents like this? Is this site legitimate?

Thank you very much.

Brian Krebs: Deus Cleaner is but one of many "scareware" scam anti-spyware products that use pop-ups, drive-by downloads and other techniques to try and scare you into thinking you have massive spyware/virus infections and that you need to pay for their all-too-likely worthless product. Usually, these are served up by malicious banner ads or sites that have been hacked. I'd recommend running an anti-virus scan on your system, and setting up Firefox to run with Drop My Rights (see link above), which can make drive-by downloads go bye-bye.

He also refers to an earlier article he wrote and recommends a couple of free scanners in this column: In addition to the GMER tool, there is F-Secure's Blacklight Beta, Microsoft's Rootkit Revealer, and the Sophos http://www.sophos.com/products/free-tools/...otkit/download/. This guy seems pretty sharp and has a blog column called SecurityFix.

Man, I just hate these nasties that try to invade the computers so we will be stupid enough to buy the program that put it there in the first place. Vundo (aka WinFix) is a similar virus that got me a year or two ago and I called in the geek squad, but now I know where there is a fix for that one online called Vundofix by atribune.

Kat

[Robert Campbell]

Kat,

A couple of days after your Deus Cleaner adventure, the Windows side of our new Macintosh was attacked by something billing itself as Malware Crusher, complete with phony warnings about malware already allegedly present on our machine.

Nasty stuff. Fortunately I immediately suspected it was a scam and didn't download any of its crap.

I feel more secure working online from the Mac side of our computer (we can switch into Windows using Boot Camp).

Robert Campbell