Trojan Terror

RawArtRawArt Posts: 5,731
edited December 1969 in The Commons

People who write viruses deserve their own special place in hell.

I had to download a program to open rar files. A simple thing. I even downloaded the same program I used to have on my old computer (this comp is only a month old)....but apparently someone decided to put the virus into this legit program and place it back on the net.
So I have been offline for the last two days and now I have to reinstall everything all over again.

Such a PITA.....all because some idjit thinks its fun to write something that will damage computers.

Rawn :coolmad:

«1

Comments

  • bytescapesbytescapes Posts: 1,799
    edited December 1969

    RawArt said:
    Such a PITA.....all because some idjit thinks its fun to write something that will damage computers.

    Fun ... or profitable.

    Virus-writing is no longer recreation, it's business, and it's a business that involves organized criminals and a whole bunch of other unpleasant folks. The goal is to get your computer working for them rather than you, and there's big money involved.

    I like to think that there's a special circle of Hell reserved for these people.

  • EleleElele Posts: 1,097
    edited December 1969

    I usually download free programs from download.com. They get checked, so I hope those are safe. Many times if a program is free I find it there...

  • ByrdieByrdie Posts: 1,751
    edited December 1969

    I feel your pain. Had to do the same thing last week on account of a bit of spyware that came wrapped around a legit video player I downloaded from an equally legit, apparently trustworthy source. Even though my anti-malware programs detected and removed it, the damage was already done. Worse, it cost me a really big repair bill as I didn't know what was wrong with the computer -- it acted as though there were hardware problems when there weren't and unfortunately only the hardware and tech support for that was covered by my warranty. Software support, two external hard drives 'cuz I had to back everything up *fast* before everything died on me and finally a fix from Dell cost me the price of a new machine. Right now I am still putting everything back together on my system and praying to whatever Vengeance Deities there may be to blast whichever giant humanoid turd is responsible for "Incredibar". Tar and feathers just won't cut it, a good old fashioned smiting of Biblical proportions is what these virus makers and "script kiddie" criminals deserve.

  • SickleYieldSickleYield Posts: 7,626
    edited September 2012

    It's a good idea, but sometimes you can only get nice independent programs - like IrfanView, JDirStat, or other simple-interface programs that provide wonderful utilities - from the web sites of their creators, which may be more vulnerable to hacks (or just not watched that closely). Firefox claims it's scanning for viruses when I download items, but I suspect it may not be that accurate about that.

    I'm sorry this happened to you, Raw.

    Post edited by SickleYield on
  • Andrew_CAndrew_C Posts: 78
    edited September 2012

    Sorry to hear that. Which program was it, and where did you download it, by the way? I find drive-by Malware downloads are a serious problem these days, which is why I usually browse with scripts and plugins blocked.

    If you need a program which can read rars. Peazip and 7-Zip both can do it. I use 7-zip but PeaZip is also good and perhaps has a better interface.
    Peazip: http://peazip.sourceforge.net/
    7-Zip : http://sourceforge.net/projects/sevenzip/

    Post edited by Andrew_C on
  • RawArtRawArt Posts: 5,731
    edited December 1969

    Thanx Guys

    The guy in the shop loaded winrar on for me and told me to never download that other program again LOL
    They were actually good to me, most of th work was still under warranty. They just charged me for a reinstall of my OS (which was about 1/3 of what they really should have charged, because they did a full cleaning on my machine)

    Hate that I am going to miss almost a week of work though because of this (maybe only half a week...if I get all my installing doen tomorrow...but i wont hold my breath)

    Rawn

  • mjc1016mjc1016 Posts: 15,001
    edited December 1969

    My first question...are you 100% sure it was infected?

    There is minor problem with most AV software these days...it tends to err on the side of 'everything is infected', so there is time spent disinfecting a clean system and time spent worrying if you got everything cleaned up. Often various system tools/utilities (especially those that deal with network monitoring and 'in depth' security tools) are flagged like this.

    The downside is, if 'everything' is a threat then, people tend to become desensitized so when something really happens, they are caught by surprise.

    It's always best to get at least one 'second' opinion on a suspect file...if not more than one. No single AV package is 100% against everything out there. (On the other hand, running multiple AV apps at the same time is a recipe for disaster.)

    A good place to check out a suspect file against multiple AVs is...

    http://virusscan.jotti.org/en

    You simply upload it and let them scan it.

    SY...FF's scan is as accurate as your resident AV program. That's what it uses, by default (and MS Security Essentials, if that's all you've got on your system).

  • MattymanxMattymanx Posts: 6,877
    edited December 1969

    Good to know you got it all cleared up

  • ByrdieByrdie Posts: 1,751
    edited December 1969

    Oh, mine was definitely infected. The last bits of it were hiding in Internet Explorer's registry settings. Even though I don't use that browser it comes with Windows and apparently you can't uninstall the damn thing. Needless to say the first thing I did after getting Win7 up and running again was to disable IE just as soon as I got Chrome and FireFox.

  • RKane_1RKane_1 Posts: 3,037
    edited December 1969

    *sniffle...pout*

    With the title of the thread... I thought RawArt had made a new beasty for us from ancient Greece....

    *double pout*

  • aminrougeaminrouge Posts: 0
    edited December 1969

    Good for you to find them on internet explorer registry because mine was infected 7 times last week and i had to delete the whole system 7 times,gess where did i found them?in my zbrush 3 folder and don't even know how the hack they camp there!
    but now i am pretty sure that nothing will hit me again,you fold me once,shame on you.you fold me 7ence,i will kill you,and beware of nova site,it takes long long very long time to download and 50% are all infected,my whole hometown are infected with a new virus called "h4d",
    i never heard of it before,i was going to uplod a pain in the ass virus to free download sites but i was afraid to hurt people just like us......
    but i give you my word that all those infection geeks will fall down someday,maybe we will be theyr'e replacements.
    See around mates.

  • ByrdieByrdie Posts: 1,751
    edited December 1969

    RKane_1 said:
    *sniffle...pout*

    With the title of the thread... I thought RawArt had made a new beasty for us from ancient Greece....

    *double pout*


    Well, perhaps we can feed the virus makers to some of his old beasties. Or would that constitute cruelty to animals, werewolves and zombies? ;-)

  • GigabeatGigabeat Posts: 164
    edited September 2012

    So true viruses are a PITA. Got one just before DS4.5 was released and had to reformat my PC.
    Anyhoot since this is about viruses the following is news on the latest IE bug (trojan loop hole).

    Microsoft warns on previously unseen IE bug.
    http://www.bbc.com/news/technology-19636382

    Also I agree with angusm that viruses are more about underworld business.
    Following is another interesting piece of news and scare if you think out it.

    Malware inserted on PC production lines, says study
    http://www.bbc.com/news/technology-19585433

    Post edited by Gigabeat on
  • mjc1016mjc1016 Posts: 15,001
    edited December 1969

    Byrdie said:
    RKane_1 said:
    *sniffle...pout*

    With the title of the thread... I thought RawArt had made a new beasty for us from ancient Greece....

    *double pout*


    Well, perhaps we can feed the virus makers to some of his old beasties. Or would that constitute cruelty to animals, werewolves and zombies? ;-)

    No, I don't think it would be cruelty...but even those critters are too picky to munch down on that group of slimeoids...

  • RawArtRawArt Posts: 5,731
    edited December 1969

    Oh I was definitely infected. The bugger dug its way into my root sectors and prevented the computer from booting properly.

    I usually have a couple virus detectors running on this machine, so it is hard to get infected. The only thing with this one was that I was not paying too close attention to where i downloaded this program from, and it came from a site that I didnt know.
    So I really can't blame anyone but myself.
    I am usually so paranoid about downloading stuff on this machine, because well...I make my living off of this machine, so when its down....everything comes to a stop.

    Well..its clean now...time to reinstall all my virus detectors ;)

  • Fixme12Fixme12 Posts: 589
    edited December 1969

    RawArt said:
    People who write viruses deserve their own special place in hell.

    I had to download a program to open rar files. A simple thing. I even downloaded the same program I used to have on my old computer (this comp is only a month old)....but apparently someone decided to put the virus into this legit program and place it back on the net.
    So I have been offline for the last two days and now I have to reinstall everything all over again.

    Such a PITA.....all because some idjit thinks its fun to write something that will damage computers.

    Rawn :coolmad:

    Avast or Nod32 and acronis trueimage will solve all your problems ;)

  • JohnDelaquioxJohnDelaquiox Posts: 1,184
    edited September 2012

    Recently I have found that the anti virus companies hire people to write viruses. I think one of the main companies doing so is AVM and StopZilla but that is just my opinion.

    Yeah same thing happened to me last month or the month before. I was looking for a program that I use to use to convert video files. And yeah I had downloaded the same program from the same website I use to get it from.

    This wiped out my entire harddrive but I always keep my content and files on a secondary drive and I always have an Ubuntu Disk to access my drive and backup what ever I missed. so it does not take me long to get back up and working again.

    I use
    MalwareBytes
    Super Anti Spyware
    Avira Antivirus '
    RKill is an amazing program and I use it as my last resort

    http://www.bleepingcomputer.com/download/rkill/

    Lesson Learned The Hard way

    Don't download a thing from any sites you don't know.

    Post edited by JohnDelaquiox on
  • mjc1016mjc1016 Posts: 15,001
    edited December 1969

    Recently I have found that the anti virus companies hire people to write viruses. I think one of the main companies doing so is AVM and StopZilla but that is just my opinion.

    Yeah same thing happened to me last month or the month before. I was looking for a program that I use to use to convert video files. And yeah I had downloaded the same program from the same website I use to get it from.

    Stopzilla NEVER was a legit antivirus company...they have ALWAYS been considered, at best, rogue. They are the originators of the 'free scan, pay to clean' scam.

  • JohnDelaquioxJohnDelaquiox Posts: 1,184
    edited December 1969

    Yeah I remember reading something like that back in the day

  • Testing6790Testing6790 Posts: 1,091
    edited December 1969

    Anyone remember that Sheep virus? Now THAT was the kind of virus people should write. Recreational, sure. Invasive? Technically. Having sheep spawn on your desktop and roam around? Worth it.

  • JohnDelaquioxJohnDelaquiox Posts: 1,184
    edited December 1969

    The Sheep Virus actually lead to some very interesting developments in software. Like Desktop ponies.

    http://bronies.deviantart.com/journal/Desktop-Ponies-296001059

  • mjc1016mjc1016 Posts: 15,001
    edited December 1969

    Anyone remember that Sheep virus? Now THAT was the kind of virus people should write. Recreational, sure. Invasive? Technically. Having sheep spawn on your desktop and roam around? Worth it.

    One of the more benign items...it was 90% hoax, though...

    But just think, it could have been worse. It could have spawned.,,Justin Biebers all over the place.

  • Joe CotterJoe Cotter Posts: 3,258
    edited September 2012

    fixme12 said:
    ...acronis trueimage...

    Anyone making their living with their computer should follow a couple simple steps.

    1) keep the OS/programs on a separate drive from any Data
    This allows wiping the OS/Program drive without wiping the data and facilitates the following:

    2) Always make an image of the system immediately after loading the system, updating it, loading any main programs used, and any basic customization. *Do this before using the system or going out on the internet any more then necessary to update/activate software. Acronis is relatively straightforward. I recommend making a secure zone on the hd and doing an optical image. The secure zone on the system makes it easy to recover the system, the optical image is your failsafe in case the secure zone becomes damaged or infected. This image should not include any data. Never update the image unless you first restore from the image and then update the system. This prevents infecting the image inadvertently. Use the built in MS Restore Points to do quick and dirty saves of the system state inbetween Imaging.

    2b) Test all images to a blank hd if possible. It sx to find out that they don't work or that you don't know how to recover from them after a crash. We are not our best in bad situations so we want to be as capable of recovering without too much thinking and we want to know it will work.

    3) Only store data on the data drive and back it up as often as one doesn't want to lose stuff. For some of us that could be multiple times a day.

    * The industry is blurring the line between images and backups, using the terms interchangeably. This is unfortunate as they are *not* the same, and doing so encourages bad practices and misunderstanding. Images are the system, backups are the data. Keep them separate for your own sanity.

    ** I say separate drives but actually the point is separate partitions, it can be on the same physical drive. Separate physical drives do offer minor advantages.

    *** Don't think fancy mirroring systems will help you. These only protect against hardware failure which is much more rare then software corruption or infection. Unless one is a production facility with multiple employees, mirroring is not the answer, imaging and backups are. Mirroring doesn't negate images and backups, it simply adds another layer of protection for production houses that isn't cost effective for most small shops.
    --------------------------------------------------------------------------------------------------------------

    And sorry to hear of your loss RawArt. I know this doesn't help after the fact, but I figured since you just rebuilt your system it might come in handy.

    Post edited by Joe Cotter on
  • RAMWolffRAMWolff Posts: 10,142
    edited December 1969

    I say fight fire with fire for those dung heads. That would teach them a lesson or two when their own systems got borked. That whole Christian attitude of turn the other cheek does not work here. Beat the living hell out of them and destroy them any way possible. Sorry you went through this RAWN!

  • mjc1016mjc1016 Posts: 15,001
    edited December 1969

    Gedd said:
    fixme12 said:
    ...acronis trueimage...

    Anyone making their living with their computer should follow a couple simple steps.

    1) keep the OS/programs on a separate drive from any Data
    This allows wiping the OS/Program drive without wiping the data and facilitates the following:

    2) Always make an image of the system immediately after loading the system, updating it, loading any main programs used, and any basic customization. *Do this before using the system or going out on the internet any more then necessary to update/activate software. Acronis is relatively straightforward. I recommend making a secure zone on the hd and doing an optical image. The secure zone on the system makes it easy to recover the system, the optical image is your failsafe in case the secure zone becomes damaged or infected. This image should not include any data. Never update the image unless you first restore from the image and then update the system. This prevents infecting the image inadvertently. Use the built in MS Restore Points to do quick and dirty saves of the system state inbetween Imaging.

    2b) Test all images to a blank hd if possible. It sx to find out that they don't work or that you don't know how to recover from them after a crash. We are not our best in bad situations so we want to be as capable of recovering without too much thinking and we want to know it will work.

    3) Only store data on the data drive and back it up as often as one doesn't want to lose stuff. For some of us that could be multiple times a day.

    * The industry is blurring the line between images and backups, using the terms interchangeably. This is unfortunate as they are *not* the same, and doing so encourages bad practices and misunderstanding. Images are the system, backups are the data. Keep them separate for your own sanity.

    ** I say separate drives but actually the point is separate partitions, it can be on the same physical drive. Separate physical drives do offer minor advantages.

    *** Don't think fancy mirroring systems will help you. These only protect against hardware failure which is much more rare then software corruption or infection. Unless one is a production facility with multiple employees, mirroring is not the answer, imaging and backups are. Mirroring doesn't negate images and backups, it simply adds another layer of protection for production houses that isn't cost effective for most small shops.
    --------------------------------------------------------------------------------------------------------------

    And sorry to hear of your loss RawArt. I know this doesn't help after the fact, but I figured since you just rebuilt your system it might come in handy.

    To add...two backups are better than one. Especially for critical data...ideally one should be 'off site'.

  • JohnDelaquioxJohnDelaquiox Posts: 1,184
    edited December 1969

    Totally and three is even better

  • TaozTaoz Posts: 9,714
    edited December 1969

    mjc1016 said:

    A good place to check out a suspect file against multiple AVs is...

    http://virusscan.jotti.org/en


    Another is:

    http://virustotal.com

    It scans the files on all the most well known antivirus engines. I always scan my program updates there before releasing them.

  • Joe CotterJoe Cotter Posts: 3,258
    edited September 2012

    Multiple backups are good and so is offsite (bank safety deposit boxes work well for this.) However, making any system more complex then what one is willing to keep up is detrimental. Find what you are willing to maintain and do that. It can be more important to be consistant then doing many levels that aren't properly maintained. We have to be realistic with how much time and energy we are willing to devote to this. What I mentioned is what we should consider 'necessary' if making our living doing this.

    Also, as we get in the habit of doing basics, we can add something like adding another weekly or monthly backup that we drive out to a bank safety deposit box.

    I forgot, now we have the option to do internet backups as an offsite backup. There are various caveats to this, but the main one I would mention is encrypting if we have anything that we don't want to risk being stolen. It may be overkill for many but it is worth thinking about. If we encrypt, what I recommend is to have encryption software on the computer and encrypt before uploading to the backup site as we are in control of the process this way.

    Post edited by Joe Cotter on
  • TaozTaoz Posts: 9,714
    edited December 1969

    Gedd said:
    fixme12 said:
    ...acronis trueimage...

    Anyone making their living with their computer should follow a couple simple steps.

    1) keep the OS/programs on a separate drive from any Data
    This allows wiping the OS/Program drive without wiping the data and facilitates the following:

    2) Always make an image of the system immediately after loading the system, updating it, loading any main programs used, and any basic customization. *Do this before using the system or going out on the internet any more then necessary to update/activate software.


    I'll second that - always do this myself.



    2b) Test all images to a blank hd if possible. It sx to find out that they don't work or that you don't know how to recover from them after a crash. We are not our best in bad situations so we want to be as capable of recovering without too much thinking and we want to know it will work.


    Or use Image for DOS - it has byte-for-byte verify both on creating and restoring images, which means you can be sure the restored system is 100% identical to the system the image was made from. It's also a very stable and reliable program - I've created and restored hundreds of images on several machines with it over the last 6 years and never had a single error.

    http://www.terabyteunlimited.com/image-for-dos.htm



    3) Only store data on the data drive and back it up as often as one doesn't want to lose stuff. For some of us that could be multiple times a day.
    Also a very good idea. For Windows I can recommend Second Copy for backup. it can even back up to a remote FTP server if you like:

    http://secondcopy.com

    Online backup is also a good backup add-on. Been using CrashPlan myself for 1½ years now, works great.

    http://www.crashplan.com

  • JohnDelaquioxJohnDelaquiox Posts: 1,184
    edited December 1969

    I have two two internal drives for backups, One is the backup of the backup and the third is a network harddrive that I use for backups and for moving stuff from one computer to another

Sign In or Register to comment.