Got a nasty virus yesterday...

Author
craigb
Max Output Level: 0 dBFS
  • Total Posts : 41704
  • Joined: 2009/01/28 23:13:04
  • Location: The Pacific Northwestshire
  • Status: offline
2011/04/23 21:18:02 (permalink)

Got a nasty virus yesterday...

Just because the forums were down doesn't mean I went surfing pron sites, however, another forum I go to was hacked and redirected to one that downloaded a fake AV (called WindowsRecovery).  This wasn't on my studio box, but my personal/work box.
 
Anyway, I haven't migrated from AVG yet and even though it has the most current virus database AND it did catch a part of the virus download, it didn't catch the main part.  After scanning in Safe Mode for over nine hours it didn't find anything else (although the virus was definitely there).  I ended up having to use Malwarebytes along with two other utilities (RKill that stops malicious processes so you can run Malwarebytes and Unhide to make all my files visable again).  Malwarebytes found the main parts of the virus and removed them, but even it missed one part (found later by AVG) and two Registry entries that were found by Spybot.
 
The bottom line (besides having over 20 hours of PC usage lost), is that none of these solutions found all the parts of the virus by itself!
 
Now I'm wondering if MS Essentials would have prevented this (or even AVAST which is what my business partner now uses after being sent a malware link from a "trusted" friend).  For a computer that must travel down dark alleys once in a while (unlike my studio box), what IS the best choice for an AV?  Is it still MS Essentials with SpyBot?  The "Pro" version of Malwarebytes?  AVAST?  Something else???  Even having to pay a small amount isn't as bad as wasting 20 hours of my time, but I don't want something that completely makes my PC unusable (like Norton used to).
 
Thanks for listening - I'm done venting now.
 
Also, I wanted to put out a warning that, even if you're only going to sites you believe are clean, you can still end up with something nasty.

 
Time for all of you to head over to Beyond My DAW!
#1

22 Replies Related Threads

    Old55
    Max Output Level: 0 dBFS
    • Total Posts : 19791
    • Joined: 2008/09/19 20:10:05
    • Location: Californiashire
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/04/23 21:21:06 (permalink)
    Sorry to hear Craig.  I've learned a lesson from it.  I'll be updating my antivirus software. 

    Should auld acquaintance be forgot--hey, who the hell are you guys?  
     
    X2(X3 pending hardware upgrade), Emulator X2, E-mu 1212M, Virtual String Machine
    #2
    Anubis
    Max Output Level: -69 dBFS
    • Total Posts : 1059
    • Joined: 2004/01/16 00:59:30
    • Location: Miami
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/04/24 02:22:52 (permalink)
    I got that one too at on my business machine. Malwarebytes rocks!

    X2Studio_Win7(64)_SamsungChronos_QuNexus_QuNeo_Axiom25_Saffire24Pro_Saffire6USB_EdirolPCR300_Nocturn
    Amplitubes_AmpegSVX_StylusRMX_SampleTank/Tron_Komplete7_AddictiveDrums_TRacks3_Wavelab6
    miTunes
    #3
    chuckebaby
    Max Output Level: 0 dBFS
    • Total Posts : 13146
    • Joined: 2011/01/04 14:55:28
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/04/24 08:08:09 (permalink)
    can you guys throw out the name of the site so we dont go there?..and i do have norton..and i think its awesome..i have no problems with it at all..but i have it custom set up..and also..why diddnt you just try a system restore,this usually takes out the whole virus.

    Windows 8.1 X64 Sonar Platinum x64
    Custom built: Asrock z97 1150 - Intel I7 4790k - 16GB corsair DDR3 1600 - PNY SSD 220GB
    Focusrite Saffire 18I8 - Mackie Control
       
    #4
    codamedia
    Max Output Level: -67 dBFS
    • Total Posts : 1185
    • Joined: 2005/01/24 09:58:10
    • Location: Winnipeg Canada
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/04/24 10:18:33 (permalink)
    ... another forum I go to was hacked and redirected to one that downloaded a fake AV (called WindowsRecovery).

     
    FYI: When these windows first pop up the damage has not yet been initiated. That window is 100% fake, and is luring you into clicking anywhere within it. They usually even have a fake "cancel" or "close" button, but they are just as dangerous as "buy now" or "fix".
     
    When the fake A/V appears, it immediately takes over focus. Simply press ALT/F4 to close the window, then move on. If that doesn't work - just reboot the computer - it is the safest way out. Closing the window by any method "they" have provided, will result in infection, but if you can let Windows close it out - you will be fine.

    Don't fix it in the mix ... Fix it in the take! 
     

    Desktop: Win 7 Pro 64 Bit , ASUS MB w/Intel Chipset, INTEL Q9300 Quad Core, 2.5 GHz, 8 GB RAM, ATI 5450 Video
    Laptop: Windows 7 Pro, i5, 8 Gig Ram
    Hardware: Presonus FP10 (Firepod), FaderPort, M-Audio Axiom 49, Mackie 1202 VLZ, POD X3 Live, Variax 600, etc... etc...
    #5
    Beagle
    Max Output Level: 0 dBFS
    • Total Posts : 50621
    • Joined: 2006/03/29 11:03:12
    • Location: Fort Worth, TX
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/04/24 13:59:19 (permalink)
    +1 to codamedia

    and as much as I like you Craig, I'm not going to check to see if MS Essentials will catch it for you.  our friendship only goes so far...

    http://soundcloud.com/beaglesound/sets/featured-songs-1
    i7, 16G DDR3, Win10x64, MOTU Ultralite Hybrid MK3
    Yamaha MOXF6, Hammond XK3c, other stuff.
    #6
    JonD
    Max Output Level: -39 dBFS
    • Total Posts : 3617
    • Joined: 2003/12/09 11:09:10
    • Location: East of Santa Monica
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/04/24 16:03:02 (permalink)
    Nine hours of scanning in safe mode in the hopes you "might" clean up a virus?!

    In my experience, it's not worth chasing malware for hours when it's entirely probable that even if you reach a point where it "looks" clean, some part of it is still there, waiting to bite you on another day.

    But, you say, the alternative is reformatting and reinstalling everything back on my C: drive!

    I see your point... and you're right:  that is your only alternative this time.   So here's what you're going to do (at least I hope for your sake) for next time:

    Read the following (My post, and the next one with the link to the free software):

    http://forum.cakewalk.com/fb.ashx?m=2272988

    Installing this program, and putting in 20-30 min of maintenance time every month, will give you a safety net against any software problems (That includes viruses).

    From that point on, you will always be only minutes away from restoring your C: partition.

    (And this is to every DAW owner without a backup imaging program):  You really, really need this

    Just a thought...




    SonarPlat/CWbBL, Win 10 Pro, i7 2600K, Asus P8Z68 Deluxe, 16GB DDR3, Radeon HD5450, TC Electronic Impact Twin, Kawai MP11 Piano, Event ALP Monitors, Beyerdynamic DT770 Pro, Too Many Plugins, My lucky hat.
    #7
    Guitarhacker
    Max Output Level: 0 dBFS
    • Total Posts : 24398
    • Joined: 2007/12/07 12:51:18
    • Location: NC
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/04/24 18:18:20 (permalink)
    I have seen these windows, after searching for something on google. I thought it was a virus loader and tried to close it by clicking on the "X" at the top right of all windows boxes.... that did not work. My wife had one that she click on and it put her machine in a loop.

    On my machine, I simply crashed the machine, rebooted and ran the AV scan.

    On my wife's machine I had to run Malwarebytes to get it out. MWB found 6 files in different locations including 2 registry infections.

    That did get it out...same thing happened on my daughter's lappy. Malwarebytes solved it too.

    My website & music: www.herbhartley.com

    MC4/5/6/X1e.c, on a Custom DAW   
    Focusrite Firewire Saffire Interface


    BMI/NSAI

    "Just as the blade chooses the warrior, so too, the song chooses the writer 
    #8
    craigb
    Max Output Level: 0 dBFS
    • Total Posts : 41704
    • Joined: 2009/01/28 23:13:04
    • Location: The Pacific Northwestshire
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/04/24 18:40:56 (permalink)
    Just an FYI, I left every message on my screen except for blocking cookies (I have it set to prompt me).  I'm not sure what I could have clicked to initiate the download, in fact it seemed to download automatically after the redirect.  One of the first things it did was to remove my ability to use the Task Manager so I eventually had to power down to get out of the page instead of ending the process.

    I also just got Acronis, but haven't used it yet - I'm way behind on creating a new system but will image it once I do.

    Just to reiterate, AVG did stopped one trojan, but not the WindowRecovery fake AV virus and even Malwarebytes missed two entries in the registry that SpyBot caught.  I'm just wondering if I'll always have to use multiple layers of AV...

     
    Time for all of you to head over to Beyond My DAW!
    #9
    Jonbouy
    Max Output Level: 0 dBFS
    • Total Posts : 22562
    • Joined: 2008/04/14 13:47:39
    • Location: England's Sunshine South Coast
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/04/24 18:50:27 (permalink)
    Policy is the only true AV and it's found between yer ears.

    I say that because I had a complete lapse a few days ago and clicked on an executable of dubious origin and paid the price myself. (Don't ask...)  Fortunately it coincided with Cakewalks outage.

    The executable itself vanished on activation and the only other clue that I'd been infected was that some of my desktop icons moved position.

    Like you say Craig various solutions including Malwarebytes, McAffee etc. were only able to detect parts of the infection (MSE inicidentally found nothing) because once the machine is compromised then it can made to perform plenty of legitimate tasks which won't show up as being a problem at all and yet are all designed to create self-replicating problems.

    After using various tools to clean out various aspects of the infection, my browsers (both IE and Firefox) were being still redirected by some cleverly vectored Java scripts that of course were bringing in reinforcements and affecting other subsystems, so the first course of action is to come offline.  Alongside this other obvious stuff was happening like the task manager was kaput so was Windows update.

    I decided in the end that a complete system zap and re-install was the only recourse I had to regain any confidence in my system.  20 hours later and I am back as good as new, on 2Tb that would have been about the time it would have taken to do just a couple of full scans.

    Although I've cleaned up plenty of badly infected machines for other people this is the first non-Microsoft inflicted issue I've suffered myself to date and it would have been completely avoidable had I listened to my own advice.

    I shall be even more careful as like I say once a machine has been compromised in such a way if it wasn't for the bad behaviour there is no way of detecting cleverly programmed nuisances that seem legitimate to the system which is the form that many of these new kinds of trojans take the shape of.

    The initial lapse squarely came from me not from any inadequate protection tools, and I'm convinced that is the truth for the vast majority of us.  So the implementation of policy and not several layers of tools still seems to be the surefire method.
    post edited by Jonbouy - 2011/04/24 18:59:24

    "We can't do anything to change the world until capitalism crumbles.
    In the meantime we should all go shopping to console ourselves" - Banksy
    #10
    joakes
    Max Output Level: -72 dBFS
    • Total Posts : 905
    • Joined: 2006/12/05 15:51:24
    • Location: 465 Km South West of Paris
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/04/24 23:55:25 (permalink)
    Long Live Avast.

    Catching nasty a nasty virus is never good.

    BTW, a tip someone once gave me : when cleaning out a virus its better to turn OFF System Restore before starting the cleaning. If the virus is particularly virulent, it could worm(sic) its way into a SR point.

    So, you do manage to clear it off your machine, and then have to do an emergancy restore for whatever reason right after said disinfection, you become infected again through SR.

    Once you've finished disinfection and re-booted, you can turn SR on again, and immediately create a fresh non-infected Restore point.

    S'wot I done in the past (not through dodgy pron sites though ! )

    Cheers,
    Jerry

    Cheers,

    Built by yours truely : I7-2600@3.4GHz, Asus P67Z68, W10x64 Creator Edition, 32GB RAM, 3 HD's, nVidia 760 GT, Focusrite 18i20 2,d Gen + Ti FW, Oxygen 61 iv Gen, and Edirol SD-20 (yes it works), CbB, Teles, Strats, LP's, Epi Riviera, etc
    #11
    jbow
    Max Output Level: -0.2 dBFS
    • Total Posts : 7601
    • Joined: 2003/11/26 19:14:18
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/05/05 15:08:13 (permalink)
    Malwarebytes is good, so is Spyboy S&D but sometime I have had to use Hijackthis to fix things. It simply scans the whoe registry and creates a filelog that you can look at. The you can use processlibrary.com to check .exe files you are not sure about. Then use the main result screen of hijackthis to remove the files from the registry. It has always worked for me when other things didn't.
    If things are really hairy there are forums like whatthetech.com and spywareinfo.com and majorgeeks.com they all have maware removal forums and self help FAQ sections if you aren't sure what to remove or keep.

    Julien

    Sonar Platinum
    Studiocat Pro 16G RAM (some bells and whistles)
    HP Pavilion dm4 1165-dx (i5)-8G RAM
    Octa-Capture
    KRK Rokit-8s
    MIDI keyboards...
    Control Pad
    mics. 
    I HATE THIS CMPUTER KEYBARD!
    #12
    craigb
    Max Output Level: 0 dBFS
    • Total Posts : 41704
    • Joined: 2009/01/28 23:13:04
    • Location: The Pacific Northwestshire
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/06/17 03:21:43 (permalink)
    Ok, an unfortunate update...  Turns out I didn't get ALL of the virus before.  It left a rootkit that stayed dormant until two nights ago - then all heck broke loose.  Bottom line:  Avast! works the best of the many A/V's I've had to use (including AVG and Malwarebytes).  I've also had to try out some of the "Big Boys" like Combofix, TDSS Killer and Hitman, but with varying success.  One of the nasties that I inheirited is the so-called Google Redirection Virus (the Alureon variant).  NOTHING has fully gotten rid of this one and, although it's talked about, I couldn't find any fix that worked.

    So, even though I STILL don't own Windows 7, I'm preparing to do a full format & reinstall.  "Not a big deal" I bet some of you are saying, however, because all of my various work programs & files along with my personal programs & files for the LAST SIX YEARS are on there, it's going to be VERY annoying to figure out what needs to be reinstalled (then adding all the tweaks, customizations, templates, etc.).  Of course, it's Windows that makes this so annoying because they hide important files where the average user would never think to look (for example, WHY isn't your mail database in a normal documents area?).

    This time the virus has wasted over 48 hours of my time and I know it's from the previous infection after checking my offline and internet backups.  I even found it sleeping on a different PC here (since nothing seems to remove it including DOS and Bootscans, I may have to reformat and reinstall on that PC as well).

    My mind keeps playing images of really nasty things to do to the punk hackers that created these infections...

     
    Time for all of you to head over to Beyond My DAW!
    #13
    Old55
    Max Output Level: 0 dBFS
    • Total Posts : 19791
    • Joined: 2008/09/19 20:10:05
    • Location: Californiashire
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/06/17 04:21:29 (permalink)
    craigb


    Ok, an unfortunate update...  Turns out I didn't get ALL of the virus before.  It left a rootkit that stayed dormant until two nights ago - then all heck broke loose.  Bottom line:  Avast! works the best of the many A/V's I've had to use (including AVG and Malwarebytes).  I've also had to try out some of the "Big Boys" like Combofix, TDSS Killer and Hitman, but with varying success.  One of the nasties that I inheirited is the so-called Google Redirection Virus (the Alureon variant).  NOTHING has fully gotten rid of this one and, although it's talked about, I couldn't find any fix that worked.

    So, even though I STILL don't own Windows 7, I'm preparing to do a full format & reinstall.  "Not a big deal" I bet some of you are saying, however, because all of my various work programs & files along with my personal programs & files for the LAST SIX YEARS are on there, it's going to be VERY annoying to figure out what needs to be reinstalled (then adding all the tweaks, customizations, templates, etc.).  Of course, it's Windows that makes this so annoying because they hide important files where the average user would never think to look (for example, WHY isn't your mail database in a normal documents area?).

    This time the virus has wasted over 48 hours of my time and I know it's from the previous infection after checking my offline and internet backups.  I even found it sleeping on a different PC here (since nothing seems to remove it including DOS and Bootscans, I may have to reformat and reinstall on that PC as well).

    My mind keeps playing images of really nasty things to do to the punk hackers that created these infections...


    Good luck with all of that, Craig. 

    Should auld acquaintance be forgot--hey, who the hell are you guys?  
     
    X2(X3 pending hardware upgrade), Emulator X2, E-mu 1212M, Virtual String Machine
    #14
    timidi
    Max Output Level: -21 dBFS
    • Total Posts : 5449
    • Joined: 2006/04/11 12:55:15
    • Location: SE Florida
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/06/17 07:55:55 (permalink)
    Craig
    My girlfriend got the same virus last week. She uses AVG. I think she got it because of AVG. The program has become quite intrusive over the years.

    I just started from scratch and re-installed windows. data gone, problem fixed.

    she's on Facebook a lot. could also be the culprit.

    ASUS P8P67, i7-2600K, CORSAIR 16GB, HIS 5450, 3 Samsung SSD 850, Win7 64, RME AIO.
     
    https://timbowman.bandcamp.com/releases
     
    #15
    jcschild
    Max Output Level: -41 dBFS
    • Total Posts : 3409
    • Joined: 2003/11/08 00:20:10
    • Location: Kentucky y'all
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/06/17 09:28:15 (permalink)
    ideally eSet.
    i really like MS essentials as well but there is a virus out that is designed specifically for those who use MS essentials and it missed it.
    whilst i have not had it (nor any of the systems here or at home) i have had a few clients who did.
    (all my systems have MS)
    those are the only 2 i recommend for daw use. (works fine and does not hurt daw functions) for non daw hard to say
    eset would still be my fav.

    for malware sometimes it takes 3-4 scanners to catch the culprit

    Scott
    ADK
    Home of the Kentucky Fried DAW!
    #16
    slartabartfast
    Max Output Level: -22.5 dBFS
    • Total Posts : 5289
    • Joined: 2005/10/30 01:38:34
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/06/17 13:19:51 (permalink)
    It is a common myth that the operator must take a positive action in order to download malware. Saying that you have to click a button in order to be infected is like saying you have to invite a vampire into your house in order to get bitten, it gives a false sense of security. Unless you have pretty much everything from the website blocked, just visiting the site can initiate a download. Using something like noscript can be helpful, but you will rapidly learn that, given how easy and tempting it is to write gee-whiz web pages with scripts that run automatically, most web pages are paralyzed or incoherent when this stuff is blocked.
    It is also a myth that any antivirus software will be able to stop or clean all viruses. By definition, new wild viruses will not be in anyone's signature file, and sufficiently rigorous heuristic analysis will probably shut down stuff that you need to run. Windows 7 at least has the potential to confine the damage of some viruses to one account, provided you are not running an administrator account while surfing. Surfing from a sandbox is even more effective at limiting damage, but is beyond the capability of most people using a computer for fun. And yes, it is possible to infect a restore point, and it is ludicrous to set a restore point after you are infected, since you have most likely put the virus in the can along with everything else.
    Frequent off-machine imaging is probably the most efficient way to recover an infected machine. It is a lot faster than waiting for hours while a crew of anti-malware apps try to find the bugger, but it is also possible to have a stealth virus waiting in your disk image for its activation. Re-installation from distribution disks is the only way to be sure, and that only after a very thorough wipe of the disk. Parts of the hard disk are not accessible to the OS, and are not affected by a format.
    In short, there is no absolute safety from viruses. The most careful operator with the most up to date software can not be guaranteed immune, in spite of spending hours attending to his security. The average user is just playing the averages. Guard your data (out of reach of the computer), and be prepared to re-install your system more than once in a computer's lifetime.


    #17
    craigb
    Max Output Level: 0 dBFS
    • Total Posts : 41704
    • Joined: 2009/01/28 23:13:04
    • Location: The Pacific Northwestshire
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/06/17 15:30:59 (permalink)
    Man what I'd like to do to the punks that write these things...  Grr...

    Oh well.  If I get a stand-alone DAW I won't have as many issues, unfortunately, these boxes are used for work and we need to search for parts and vendors a lot.  I also like to research potential customers and general information about our industry.  This has me surfing all over the place (something I wouldn't be doing with the DAW).

    In this case, the infection started from a link sent by our VP of Sales & Engineering.  I've caught this when friends send links and should have noticed but didn't.  As soon as weird stuff started to happen I tried to get out and shut down as fast as possible, but wasn't fast enough!  AVG showed the viruses, but evidentally didn't stop them so it's gone.  I specifically didn't go with MS Essentials for the work box after reading several times that there were some infections written specifically to get around it.  I now keep a few A/V's ready to try and defend my turf - lol!  I'll have to look for eSet - haven't heard about that one.

    Of course, this crap hit at a very busy time for us (Murphy's Law) so, needless to say I'm glad the weekend is coming up so I can catch up on both work and sleep.  The bad OS drive was cloned last night so I can keep all the data, and I will probably format and start the long reinstall process tonight.  If this had happened next month, we probably would have had our next customer deposit in and I could have either bought a new PC or, at least, been able to upgrade to Windows 7 - I hate having to reinstall XP Pro again...


     
    Time for all of you to head over to Beyond My DAW!
    #18
    jm24
    Max Output Level: -54 dBFS
    • Total Posts : 2127
    • Joined: 2003/11/12 10:41:12
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/06/18 12:06:12 (permalink)
    When removing the nasty bits I use:
    Malwarebytes

    SpyBot Search and Destroy

    Kasperksy removal tool:     one of the best

    'tis about 80meg. Does deep cleaning. Can take hours.
    This tool is updated at least every day. A client's computer took three days, and three updates of Kaspersk to get all the **** removed
    http://majorgeeks.com/Kaspersky_Virus_Removal_Tool_d4515.html

    Viri do hide themselves in the pagefiles and the hibernate files.
    So, if the viri does not prevent such: I stop the all pagefiles, disable hibernate, disk clean-up all temporary files, and empty recycle bin BEFORE running any of these tools. Often the little bastard is in one of these areas (except for java exploits, and few other animals) and I do not want to waste time scanning stuff that should be gone anyway.

    J

    #19
    craigb
    Max Output Level: 0 dBFS
    • Total Posts : 41704
    • Joined: 2009/01/28 23:13:04
    • Location: The Pacific Northwestshire
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/06/18 12:24:31 (permalink)
    Yep!

    My pagefiles were stopped/replaced, I don't hibernate, all temp files removed and I don't use the recycle bin.

    I had to do about 8 different scans (that I can remember - could be more) to get things clean for now, but NOTHING has fully removed the hidden root kit and only a couple of things even find it (but have been unsuccessful in getting rid of it).

    So, I'm clean until the time bomb goes off again which means I'll be wiping and reinstalling hopefully this weekend.  I first have to document all the programs, setups, files to save, settings to save, etc., etc. so the new environment will have what I need.  Although I won't have Windows 7 yet, at least I'll have a cleaner PC which should run MUCH faster.  We'll see.

     
    Time for all of you to head over to Beyond My DAW!
    #20
    bvideo
    Max Output Level: -58 dBFS
    • Total Posts : 1707
    • Joined: 2006/09/02 22:20:02
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/06/18 12:59:57 (permalink)
    One way to deal with difficulties in removing stuff, like root kits and hidden files, is to boot an alternate OS (from CD). It makes those things easier to delete.

    For example, use root kit revealer on Windows to identify the files that are hidden, then boot linux-based systemrescuecd from a CD to remove those files. It can be annoying to figure out how to mount your Windows partitions on linux, but the Windows-base malware doesn't get a chance to run or hide itself. SystemRescueCD also contains some antivirus programs, but  don't know how effective or up to date they are.

    Bill B
    #21
    slartabartfast
    Max Output Level: -22.5 dBFS
    • Total Posts : 5289
    • Joined: 2005/10/30 01:38:34
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/06/18 13:59:58 (permalink)
    Man what I'd like to do to the punks that write these things... Grr...


    The same talents used to ruin your weekend, can be employed to ruin lives and infrastructure. Most people are aware of stuxnet, which reportedly destroyed gas centrifuges in Iran's nuclear program. Not so many are aware that trojans, believed to have been planted by Chinese hackers, have been found in US electrical grid control systems. The Aurora test was carried out to see what a hacker could do to infrastructure. By penetrating the control system through the current defenses and  rapidly switching circuit breakers under network control so that a generator's output was off cycle from the grid. Results here.
    #22
    jm24
    Max Output Level: -54 dBFS
    • Total Posts : 2127
    • Joined: 2003/11/12 10:41:12
    • Status: offline
    Re:Got a nasty virus yesterday... 2011/06/18 15:16:02 (permalink)
    kaspersk does look for rootkits

    set it for deep scan  and rootkit detection
    #23
    Jump to:
    © 2024 APG vNext Commercial Version 5.1