 |
|
06-28-2007, 07:03 PM
|
#1
|
|
Moderator Emeritus
Join Date: Feb 2004
Location: minnesota
Posts: 13,228
|
We got virused
Our home network got attacked by a worm. Neither my nor DH's virus checker caught it, and both were up to date, automatically updated every day. DH has AVG as a virus checker. I have Semantec.
Anyway, DH's computer is out of commission, I brought mine into the IS person at my former job to get cleaned up, and I have a loaner, my old computer from work.
I am generally very careful about what I open, but I was tricked by a purported lawyer email. 
So why didn't the virus checkers pick this up?
__________________
.
No more lawyer stuff, no more political stuff, so no more CYA
|
|
|
 |
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!
Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!
You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!
|
|
06-28-2007, 07:29 PM
|
#2
|
|
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Join Date: Feb 2005
Location: Central MS/Orange Beach, AL
Posts: 9,072
|
Does the worm have a name?
__________________
Retired 3/31/2007@52
Investing style: Full time wuss.
|
|
|
|
|
06-28-2007, 07:51 PM
|
#3
|
|
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,708
|
Are you SURE your antivirus is properly updating itself?
The sad truth is that many of the nastier bugs are new and the AV stuff can only detect what its been instructed to find. By which time it may be too late. And stuff that you explicitly open may or may not be headed off by the program that opens it...what exactly was the attachment? IE script? an executable? ??
And before it gets started, since I see Apple patched a dozen or so fairly unpleasant holes in their operating system a month or two ago, its time for a nice big cup of... 
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
|
|
|
|
|
06-28-2007, 08:05 PM
|
#4
|
|
Moderator Emeritus
Join Date: Feb 2004
Location: minnesota
Posts: 13,228
|
Dawg, I'll ask the IS person when I get my computer back.
I do know Greg's antivirus updates itself everyday because it tells us so and it told me it updated last night. He caught the virus from me. 
__________________
.
No more lawyer stuff, no more political stuff, so no more CYA
|
|
|
|
|
06-28-2007, 08:11 PM
|
#5
|
|
Recycles dryer sheets
Join Date: May 2007
Posts: 290
|
That is why I converted my home PC to Linux last year.
I'll go brew myself a cup right now.
|
|
|
|
|
06-28-2007, 08:14 PM
|
#6
|
|
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,708
|
Whoa, didnt see that one coming. Fortunately I have my chuck norris tee shirt on and therefore have an extra fist.
Is it time for me to whip out the report I just saw yesterday that discusses how vista is superior in security to linux?
And who are you, and what have you done with bpp, bpp1 and bpp2?
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
|
|
|
|
|
06-28-2007, 08:22 PM
|
#7
|
|
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,708
|
Oh and Martha...have you installed windows defender on your machines? Its a good idea and a decent freebie accompaniment to your antivirus protection. Its built into vista.
Some of the early versions were a bit flakey, but the newer versions are transparent.
I know it smells a little bit like another AV package, but its more effective in sealing up any security holes and protecting from naughty apps and spyware.
Windows Defender home
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
|
|
|
|
|
06-28-2007, 08:22 PM
|
#8
|
|
Recycles dryer sheets
Join Date: May 2007
Posts: 290
|
 Quote:
Originally Posted by cute fuzzy bunny
Whoa, didnt see that one coming. Fortunately I have my chuck norris tee shirt on and therefore have an extra fist.
|
I'm sorry, I can't hear you over the sound of my STFU brewing.
Quote:
|
Is it time for me to whip out the report I just saw yesterday that discusses how vista is superior in security to linux?
|
Feel free, right after you find that list of applications that work under Vista.
(The one that includes Cygwin and VPN, hopefully.)
<gulp, slurp> Oops, never mind.
|
|
|
|
|
06-28-2007, 08:24 PM
|
#9
|
|
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,708
|
Alright, i gotta go quit laughing my ass off now...
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
|
|
|
|
|
06-28-2007, 08:33 PM
|
#10
|
|
Recycles dryer sheets
Join Date: May 2007
Posts: 290
|
Quote:
Originally Posted by cute fuzzy bunny
And who are you, and what have you done with bpp, bpp1 and bpp2?
|
Keep asking nosy questions and you just might find out.
|
|
|
|
|
06-29-2007, 05:38 AM
|
#11
|
|
Thinks s/he gets paid by the post
Join Date: Jul 2005
Posts: 2,375
|
just found three trojans
is it possible to get infected by ER forum?
|
|
|
|
|
06-29-2007, 06:24 AM
|
#12
|
|
Thinks s/he gets paid by the post
Join Date: Feb 2004
Location: Mid Hudson Valley
Posts: 1,781
|
Quote:
Originally Posted by DanTien
just found three trojans
|
Don't take any chances. Throw them away. 
__________________
In a panamax down by the river.
|
|
|
|
|
06-29-2007, 06:30 AM
|
#13
|
|
Thinks s/he gets paid by the post
Join Date: Jul 2005
Posts: 2,375
|
probably right...how long after the expiration date are they good for do you recon...by the way would you use condoms made in China?
|
|
|
|
|
06-29-2007, 10:47 AM
|
#14
|
|
Moderator Emeritus
Join Date: Dec 2002
Location: Oahu
Posts: 26,860
|
By any chance was this an e-mail claiming to have an attached PDF file?
When the "I Love You" virus came out, one of the first computers at our military training command to receive it was in the torpedomen's office (the submarine force's version of GEICO's cavemen). Because they're military instructors, these guys were smarter than your average knuckle-dragger and they knew all about anti-virus software. They all clustered around the computer, discussed the virus issue in depth, and decided to run a virus scan on it. It passed clean. Reassured by their forethought and their faith in anti-virus technology, they clicked on it.
Quote:
Originally Posted by Martha
So why didn't the virus checkers pick this up?
|
Then we all got to attend a few hours of mandatory training on how virus-checking software is updated AFTER the innovative new virus comes out.
__________________
*
Co-author (with my daughter) of “Raising Your Money-Savvy Family For Next Generation Financial Independence.”
Author of the book written on E-R.org: "The Military Guide to Financial Independence and Retirement."
I don't spend much time here— please send a PM.
|
|
|
|
|
06-29-2007, 02:03 PM
|
#15
|
|
Moderator Emeritus
Join Date: Feb 2004
Location: minnesota
Posts: 13,228
|
OK, our IS person said it was a trojan, specifically Trojan.Peacomm.B. I have my computer back all nice and cleaned up.
I can't seem to clean up Greg's computer. I followed all the antivirus directions (disabling system restore) and ran it several times, including in safe mode. I ran the spyware stuff too. No virus was found. But I cannot get his computer to get on the internet. I have a call into the IS person at my former job to hire her to come and fix it. Any ideas?
__________________
.
No more lawyer stuff, no more political stuff, so no more CYA
|
|
|
|
|
06-29-2007, 02:25 PM
|
#16
|
|
Thinks s/he gets paid by the post
Join Date: Jul 2005
Posts: 2,375
|
Quote:
Originally Posted by Martha
OK, our IS person said it was a trojan, specifically Trojan.Peacomm.B. I have my computer back all nice and cleaned up.
I can't seem to clean up Greg's computer. I followed all the antivirus directions (disabling system restore) and ran it several times, including in safe mode. I ran the spyware stuff too. No virus was found. But I cannot get his computer to get on the internet. I have a call into the IS person at my former job to hire her to come and fix it. Any ideas?
|
I found three trojans after your heads-up. Used Ad-Aware its free...
|
|
|
|
|
06-29-2007, 02:25 PM
|
#17
|
|
Moderator Emeritus
Join Date: Feb 2004
Location: minnesota
Posts: 13,228
|
I ran Ad-Aware.
__________________
.
No more lawyer stuff, no more political stuff, so no more CYA
|
|
|
|
|
06-29-2007, 03:20 PM
|
#18
|
|
Moderator Emeritus
Join Date: Feb 2004
Location: minnesota
Posts: 13,228
|
OK, I got Greg's computer to work. It could never find our internet network. I remember having that problem before and having to set a static IP address. I did that and now it works. I never found the trojan on his system so I am thinking it maybe never got there and in the process of trying to fix all of this on my own I ended up losing the static IP address and it would search automatically and never find it. I still don't have the two computers together on the wireless system. I am not sure it is safe.
__________________
.
No more lawyer stuff, no more political stuff, so no more CYA
|
|
|
|
|
06-29-2007, 04:36 PM
|
#19
|
|
Thinks s/he gets paid by the post
Join Date: Aug 2006
Posts: 2,433
|
Quote:
Originally Posted by Martha
I followed all the antivirus directions (disabling system restore) and ran it several times, including in safe mode.
|
I have always wondered about this step. I know Symantec says to do it, presumably to avoid backing up the virus. However, it is my understanding that, when you disable System Restore, you lose all of your previous restore points, which go back over the past 3 months. Wouldn't it be better to try some restore points from back before when you think you got the virus before doing the disable?
|
|
|
|
|
06-29-2007, 05:00 PM
|
#20
|
|
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,708
|
Uh oh, a rootkit virus. Generally bad news.
Symantecs removal instructions: Trojan.Peacomm.B - Symantec.com
I looked at the AVG site, and their 'virus encyclopedia' doesnt include any mention of peacomm, so I'm wondering if it even detects or removes it.
Disabling system restore shouldnt remove your prior restore points. You CAN remove them at your discretion.
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
|
|
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
» Recent Threads
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
» Quick Links
|
|
|
Linear Mode
