cpx

I thought that virus was called "windows"

SpaceBass

Lots of great ideas in this thread.

I know I sound like a broken record but I want to reiterate two points:
1) a clean install is the only solution where you can be reasonably sure that you are clean... think about it like this: any virus has the potential to manipulate the results from any scanner or cleaner (including Blink, although they claim otherwise...so maybe not). Regardless, you can never be sure of the results of any scanners or cleaners until you are on a fresh system.

2) Blink by eEye is a new product to me, but I am totally blown away by it. I cannot say enough... I took a machine that was heavly botted and "owned" (to borrow the vanacular)... I could watch it try and make about 50 concurrent malicious connections (mostly to china) ... I installed Blink and they dropped to zero ...it also found and cleaned a lot more viruses than AVG and ClamWin (admittadly, clamwin doesnt clean so well).

It was a find from Security Now (www.grc.com) and so far I'm really impressed. Its very lightweight for all the things it does which may be my favorite part.

TA

this thread at a popular tech discussion site has a comprehensive set of links on how to remove all types of spyware, viruses, etc. from your computer. I've relied on this successfully when I stupidly downloaded a trojan and it refused to be cleaned by most of the removal programs I know:

http://forums.anandtech.com/messagev...&enterthread=y

I highly recommend this.

Emma65

That is true. I used my work computer to download and burn and then go to client's.

However - those who don't have access to an uninfected comp may have to settle with burning off their own.

/E

Emma65

Windows is the trojan that carried the virus.

:P

driftings

SpaceBass's first post provided an excellent way of ensuring a clean system after a virus - or after 6 months of regular use on any computer running Windows (whichever comes first.) Keep your data backed up on an external drive and DVD's - then wiping and resinstalling everything is much less of a hassle.

SpaceBass

must...resist...urge...to...promote OS X...
BUY A MAC

damn, I couldn't keep it in

mbreuer

Sadly, no. The issue with the external drive is that you're likely to back up the virus. If you got the virus, by definition your scanner missed it. It's likely it ended up on the last backup, and also infected the external drive.

DVD is better as already-written data won't be infected. But... it is reasonably likely that the most recent (most desirable) backup is infected.

So, back up (after all, you might not have a virus, but have a hard drive crash). But, update your virus scanner and scan the backup media & content before you restore. Also make sure autorun is disabled.

SpaceBass

I understand where you are coming from. There is always the risk, even with DVD or write-once media, that the virus will be present on the backups.

That said, these days you are more likely to get a bot or trojon as the virus and those are more likely to try and take over your system for malicious purposes than corrupt data. So more than likely a virus scanner missed it b/c of the use of a rootkit or by simply corrupting the scanner. If you do a fresh install, fully patch the system and then load some good virus and malware protection (not just scanning) software (like Blink, did I mention I'm a fan?) and THEN attach the external storage or mount your backup, you are more likely to be on the safe side. (one heck of a run-on sentence there...sorry).

I get passionate about this subject b/c I spend several hours a month taking care of this very problem for friends and family. All it takes is one little exploit and the system is totally compromised and you've got 100 bots all logging into IRC servers around the world, waiting to be spam agents or DDOS drones. Then I have to go through this whole process of backing up, wiping the drive, reinstalling... which isn't really that hard. The hard part is explaining to the user why it happened and what they could have done to prevent it.

What really burns me up is that this is 2007, you shouldn't have to be a nerd to own a computer and use it safely. We dont have to be mechanics to drive cars or repair men to own refrigerators... It shouldnt be this way...ok, I'm off the soapbox

mbreuer

Yup.

Get a mac

Or, linux.

I solved the household cleaning issue by telling my kids, "next time you click on something and say yes to the spybot warning" you get linux & Open Office. You'll be able to surf, IM and do school work, but sorry about those games."

They've been good ever since (and now are moving to Macs).

SpaceBass

Linux as a threat?
That's a reward my friend!

I just sent a "cleaned" pc home with its owner yesterday. I tossed in an older 40gb drive I had laying around and set it to dual boot to ubuntu...loaded OpenOffice, Picasa, Amarok and Thunderbird...setup his ~ to point to his windows My Docs folder...he loved it the setup. I said "you can use windows, but you can also boot into Ubuntu and do everything you could do before"...I even burnt and re-ripped his (25 or so) purchased iTunes tracks to remove the DRM so Amarok would play and sync them.

mbreuer

At the time, removal of The Sims was the real threat.

Emma65

I went to see a friend about a PC a few years ago. I couldn't even get in, that's how infected it was. I ended up taking the box back to my office and spent a week with removal tools to clean it before I got to the stage of backing up, formating, reinstalling, installing antivirus, firewall etc, check it again and bring in that back up of files, check again and again and again until I was certain it was clean. That box sat in my office for 2 weeks in total.

The funniest one was a call from an ad agency. I grabbed my rescue folder of discs and wandered over to their office. Inside I stood and looked around wondering what the h*ck I was doing there as all I saw was mac (before OS X days). The co-owner lured me in to a back office and there was the guilty PC. The guilty machine had spent the entire night spewing out thousands of infected e-mails to every person in the address book. I located the e-mail and the attachment that started it all only to realize the e-mail was internal.

I asked the co-owner who's email address that was and she came clean. It was her's. She had gotten the mail with the attachment to her mac. Couldn't open the attachment so sent it on to the PC. Clicked on it there and all that happened was that the screen flickered for a second and that was it. Thought it was nothing and left it at that.

A few hours and a lecture in internet security later I walked back to my office.

The other co-owner rang me at home later that night and thanked me.

/E

SpaceBass

I think we need to start a "technology nightmares" thread...
I was thinking last night about the time I shut down a server in Kentucky while I was in Virginia (far away from the KY side of VA)... that wasn't pretty...and I have more stories about trashed computers than I can even count.

Emma65

My sysadmin has given me root to my machine but is contemplating setting up a different root with less privileges and himself as superroot. I think he's a bit tired of getting my calls in the middle of the night when I've done something and "apachectl restart" tells me to f*** off seconds before it dies.

I'm in UK the server is in Sweden and he's 30 miles/50 km from it.

I have got to stop doing stuff in the middle of the night.