Wilson's mugging e-mail reminded me that I meant to post this yesterday.
http://content.usatoday.com/communities ... w/1?csp=hf
Nasty Virus
Moderator: CameronBornAndBred
-
Miles
- PWing School Associate Professor
- Posts: 3318
- Joined: April 10th, 2009, 9:55 pm
- Location: Charlotte, NC!!!
- Contact:
Nasty Virus
sMiles
-
CameronBornAndBred
- PWing School Chancellor
- Posts: 16139
- Joined: April 8th, 2009, 7:03 pm
- Location: New Bern, NC
- Contact:
Re: Nasty Virus
From that story..
The most prevalant viruses we have seen lately are rootkit viruses..these are pretty nasty too, but easy enough to get rid of (although it took a while for us to find the right tools). I'd recommend that everyone keep Malwarebyte's Antimalware installed on their computers, and run a scan every week or two. If indeed you are infected with a rootkit, this program will not be able to remove it..you need to use ComboFix..it's the only one we've found that really does a solid job. Signs of the rootkit infection are redirected websites, or the inability for you to click on links from Google or other search engines. (You once again get redirected..but you can get to your target if you copy and paste the posted URL.)
One of our clients' servers was recently infected with Sality. Talk about a nightmare...we were able to remove the virus, but in doing so killed the server, so we had to a complete restore from backup..they lost about a day's worth of work. It's pretty rare to encounter an infection that bad, and on a server.Although there have been multiple (malicious software) families that have picked up this vector, one in particular caught our attention this week--a family named Sality, and specifically Sality.AT. Sality is a highly virulent strain. It is known to infect other files (making full removal after infection challenging), copy itself to removable media, disable security, and then download other malware. It is also a very large family--one of the most prevalent families this year.
The most prevalant viruses we have seen lately are rootkit viruses..these are pretty nasty too, but easy enough to get rid of (although it took a while for us to find the right tools). I'd recommend that everyone keep Malwarebyte's Antimalware installed on their computers, and run a scan every week or two. If indeed you are infected with a rootkit, this program will not be able to remove it..you need to use ComboFix..it's the only one we've found that really does a solid job. Signs of the rootkit infection are redirected websites, or the inability for you to click on links from Google or other search engines. (You once again get redirected..but you can get to your target if you copy and paste the posted URL.)
Duke born, Duke bred, cooking on a grill so I'm tailgate fed.
-
colchar
- PWing School Professor
- Posts: 4120
- Joined: April 8th, 2009, 7:12 pm
- Location: Brampton, Ontario
Re: Nasty Virus
What do you think about Avira's antivirus software (the free version)?
". . . when a man is tired of London, he is tired of life; for there is in London all that life can afford."
— Samuel Johnson
----------
2010 & 2012 CTN NASCAR Fantasy League Champion. No lemurs were harmed in the winning of these titles.
----------
— Samuel Johnson
----------
2010 & 2012 CTN NASCAR Fantasy League Champion. No lemurs were harmed in the winning of these titles.
----------
-
CameronBornAndBred
- PWing School Chancellor
- Posts: 16139
- Joined: April 8th, 2009, 7:03 pm
- Location: New Bern, NC
- Contact:
Re: Nasty Virus
It's ok..I haven't used it much. I personally use AVG. These viruses that are out now get past whatever you have though. AVG has seemed to at least stop some of the infection from taking hold, but we've had clients in the shop with all sorts of protection, and none of it is foolproof.colchar wrote:What do you think about Avira's antivirus software (the free version)?
Duke born, Duke bred, cooking on a grill so I'm tailgate fed.
-
Miles
- PWing School Associate Professor
- Posts: 3318
- Joined: April 10th, 2009, 9:55 pm
- Location: Charlotte, NC!!!
- Contact:
Re: Nasty Virus
I've had FreeAVG on all of my Windows-based test harnesses. Haven't had a problem in years.CameronBornAndBred wrote:It's ok..I haven't used it much. I personally use AVG. These viruses that are out now get past whatever you have though. AVG has seemed to at least stop some of the infection from taking hold, but we've had clients in the shop with all sorts of protection, and none of it is foolproof.colchar wrote:What do you think about Avira's antivirus software (the free version)?
sMiles