We got virused

Martha

Martha

Moderator Emeritus
Joined
Feb 27, 2004
Messages
13,228
Location
minnesota
Our home network got attacked by a worm. Neither my nor DH's virus checker caught it, and both were up to date, automatically updated every day. DH has AVG as a virus checker. I have Semantec.

Anyway, DH's computer is out of commission, I brought mine into the IS person at my former job to get cleaned up, and I have a loaner, my old computer from work.

I am generally very careful about what I open, but I was tricked by a purported lawyer email. :(

So why didn't the virus checkers pick this up?
 
Are you SURE your antivirus is properly updating itself?

The sad truth is that many of the nastier bugs are new and the AV stuff can only detect what its been instructed to find. By which time it may be too late. And stuff that you explicitly open may or may not be headed off by the program that opens it...what exactly was the attachment? IE script? an executable? ??

And before it gets started, since I see Apple patched a dozen or so fairly unpleasant holes in their operating system a month or two ago, its time for a nice big cup of... ;)
 
Dawg, I'll ask the IS person when I get my computer back.

I do know Greg's antivirus updates itself everyday because it tells us so and it told me it updated last night. He caught the virus from me. O0
 
That is why I converted my home PC to Linux last year.

cute fuzzy bunny said:
And before it gets started, since I see Apple patched a dozen or so fairly unpleasant holes in their operating system a month or two ago, its time for a nice big cup of... ;)
Click to expand...

I'll go brew myself a cup right now.
 
Whoa, didnt see that one coming. Fortunately I have my chuck norris tee shirt on and therefore have an extra fist.

Is it time for me to whip out the report I just saw yesterday that discusses how vista is superior in security to linux? ;)

And who are you, and what have you done with bpp, bpp1 and bpp2?
 
Last edited:
Oh and Martha...have you installed windows defender on your machines? Its a good idea and a decent freebie accompaniment to your antivirus protection. Its built into vista.

Some of the early versions were a bit flakey, but the newer versions are transparent.

I know it smells a little bit like another AV package, but its more effective in sealing up any security holes and protecting from naughty apps and spyware.
Windows Defender home
 
cute fuzzy bunny said:
Whoa, didnt see that one coming. Fortunately I have my chuck norris tee shirt on and therefore have an extra fist.
Click to expand...

I'm sorry, I can't hear you over the sound of my STFU brewing.

Is it time for me to whip out the report I just saw yesterday that discusses how vista is superior in security to linux? ;)
Click to expand...

Feel free, right after you find that list of applications that work under Vista.
(The one that includes Cygwin and VPN, hopefully.)

<gulp, slurp> Oops, never mind.
 
just found three trojans

is it possible to get infected by ER forum?
 
BUM said:
Don't take any chances. Throw them away. :D
Click to expand...
:D
probably right...how long after the expiration date are they good for do you recon...by the way would you use condoms made in China?
 
Last edited:
Martha said:
I am generally very careful about what I open, but I was tricked by a purported lawyer email. :(
Click to expand...
By any chance was this an e-mail claiming to have an attached PDF file?

When the "I Love You" virus came out, one of the first computers at our military training command to receive it was in the torpedomen's office (the submarine force's version of GEICO's cavemen). Because they're military instructors, these guys were smarter than your average knuckle-dragger and they knew all about anti-virus software. They all clustered around the computer, discussed the virus issue in depth, and decided to run a virus scan on it. It passed clean. Reassured by their forethought and their faith in anti-virus technology, they clicked on it.

Martha said:
So why didn't the virus checkers pick this up?
Click to expand...
Then we all got to attend a few hours of mandatory training on how virus-checking software is updated AFTER the innovative new virus comes out.
 
OK, our IS person said it was a trojan, specifically Trojan.Peacomm.B. I have my computer back all nice and cleaned up.

I can't seem to clean up Greg's computer. I followed all the antivirus directions (disabling system restore) and ran it several times, including in safe mode. I ran the spyware stuff too. No virus was found. But I cannot get his computer to get on the internet. I have a call into the IS person at my former job to hire her to come and fix it. Any ideas?
 
Martha said:
OK, our IS person said it was a trojan, specifically Trojan.Peacomm.B. I have my computer back all nice and cleaned up.

I can't seem to clean up Greg's computer. I followed all the antivirus directions (disabling system restore) and ran it several times, including in safe mode. I ran the spyware stuff too. No virus was found. But I cannot get his computer to get on the internet. I have a call into the IS person at my former job to hire her to come and fix it. Any ideas?
Click to expand...
I found three trojans after your heads-up. Used Ad-Aware its free...
 
OK, I got Greg's computer to work. It could never find our internet network. I remember having that problem before and having to set a static IP address. I did that and now it works. I never found the trojan on his system so I am thinking it maybe never got there and in the process of trying to fix all of this on my own I ended up losing the static IP address and it would search automatically and never find it. I still don't have the two computers together on the wireless system. I am not sure it is safe.
 
Martha said:
I followed all the antivirus directions (disabling system restore) and ran it several times, including in safe mode.
Click to expand...

I have always wondered about this step. I know Symantec says to do it, presumably to avoid backing up the virus. However, it is my understanding that, when you disable System Restore, you lose all of your previous restore points, which go back over the past 3 months. Wouldn't it be better to try some restore points from back before when you think you got the virus before doing the disable?
 
Uh oh, a rootkit virus. Generally bad news.

Symantecs removal instructions: Trojan.Peacomm.B - Symantec.com

I looked at the AVG site, and their 'virus encyclopedia' doesnt include any mention of peacomm, so I'm wondering if it even detects or removes it.

Disabling system restore shouldnt remove your prior restore points. You CAN remove them at your discretion.
 
fuzzy bunny;530685]
Disabling system restore shouldnt remove your prior restore points.
[/quote]

"Note that disabling System Restore doesn't just prevent future restore points from being created. It also permanently deletes any restore points created in the past. These are nonrecoverable, even if you turn System Restore back on, so use this feature with caution."

Smart Computing Article - Take Advantage Of System Restore
 
Last edited:
I stand corrected. I've been running without system restore for some time now...last time I used it and turned it off, my recollection was that it kept all of the old restore points.
 
cute fuzzy bunny said:
Uh oh, a rootkit virus. Generally bad news.

Symantecs removal instructions: Trojan.Peacomm.B - Symantec.com

I looked at the AVG site, and their 'virus encyclopedia' doesnt include any mention of peacomm, so I'm wondering if it even detects or removes it.

Disabling system restore shouldnt remove your prior restore points. You CAN remove them at your discretion.
Click to expand...

Thanks for looking at the AVG site. I am very green on all this, my first virus. :rolleyes: Greg's computer seems to be working fine, so I just don't know. Any way to find out? Maybe we should use a different antivirus program on his computer?
 
martha, bummer but glad you got restored. anyway, thanx for the reminder to back-up my puter files. i tend to get lazy with that.
 
I read more about rootkit viruses and it is disturbing. The reason I discovered the problem was that our ISP locked us down for sending boat loads of spam and suggested we had a virus. My IS person from work says my laptop is clean (really? how does she know?). I am kind of at a loss as to what to do. Certainly no online banking or brokerage account activity for now. Change passwords?
 
You must log in or register to reply here.

Similar threads

S
Question on sharing debit card & bank account info with (corporate) landlord.
2
Replies
44
Views
3K
NgineER
N
Z
Medicare and Auto-crossovers to Supplemental Insurance
Replies
3
Views
1K
braumeister
braumeister
R
Realtor issue and legal advise
2
Replies
25
Views
2K
retire to nature
R
E
Seeking suggestions in ending a difficult "friendship"
2 3
Replies
52
Views
7K
SpinDoctorTX
SpinDoctorTX
A
Is it possible to retire now (40's)?
2 3
Replies
53
Views
9K
AbbA
A

Latest posts

Back
Top Bottom