Joined
·
335 Posts
Well it was bound to happen, and I took the precautions neccessary but still got dinged!!
So last week I got dinged with a zipped file that had a nasty virus in it. Did the scan before hand, and was all clear. Opened the zip file transfered to the desktop and all seemed good. Opened the file and the Anti-Virus went nuts.
So I thought everything was caught so I ran a scan after the initial cleanup and bingo still there. It was attached to several files, 5 to be exact. The applications I use the most, which I cleaned but in the process lost files from those programs.
Reinstalled the programs and called the Tigers. Master Blaster John L gets on and takes care of it, and I'm off and running or so I thought. So past few days the system has been moving slow, and I wanted to make sure nothing hokey dokey was going on. I ran 3 scans Quick, Normal, and in-Depth. All came clear, so I rebooted the box and noticed windows was saying an application was in use. Only problem is the name of the application was blank.
Ok so hit the panic button, force a shutdown. Reboot and go to dos and do a Netstat -A. See all types of TCP and UDP ports open and start drilling on some unkown ports. Wondering if my Anti-Virus was corrupt as some of the nastier viruses will take out your AV, I went online to F-Secure and did a scan. Boy oh boy, seems Mr. Virus is working its magic. So It pings a few applications, and I click to delete the problem and nope it wont allow me to delete it. I go into the task manger and try to kill it, windows says I dont have the permissions for it.
So I force a shut down, reboot in safe mode, made some config changes and brought the system online and backed up my images and docs. Doing reformat, so will have to reinstall everything and patch and re-align and Grrrrrrrr...........
So my question to the Family is has anyone else had this happen to those who have been operational for awhile? Does anyone else except Zip files or do you not accept Zip files and only take the images?
Guidance for others.
When you receive a virus you can check the IP address of the sender and backtrack to their Internet Service Provider. Verizon (DSL) was there provider and was most helpful in addressing the issue with the sender after receiving the logs I sent.
Misunderstanding- Anti-Virus is working so I'm safe!! Wrong!! AV's only work off of the known signatures, and characteristics of a virus. There are several types of Viruses, Trojan Horses, Worms, Root Kit's, Malware Generators, Polymorphic Worms etc. So just because you have an Anti-Vrus like Symantec, or McAffee as an example doesn't mean your safe. Just means your doing due dilligance.
Top Anti-Virus in My opinon in no particular order:
WebRoot
Symantec
F-Secure
McAffee
Keep you up to speed with Anti-Virus;
1.) Trend Micro
2.) F-Secure
3.) AV-Test.org
Malware Port listings:
1.) Anti-Trojan
So last week I got dinged with a zipped file that had a nasty virus in it. Did the scan before hand, and was all clear. Opened the zip file transfered to the desktop and all seemed good. Opened the file and the Anti-Virus went nuts.
So I thought everything was caught so I ran a scan after the initial cleanup and bingo still there. It was attached to several files, 5 to be exact. The applications I use the most, which I cleaned but in the process lost files from those programs.
Reinstalled the programs and called the Tigers. Master Blaster John L gets on and takes care of it, and I'm off and running or so I thought. So past few days the system has been moving slow, and I wanted to make sure nothing hokey dokey was going on. I ran 3 scans Quick, Normal, and in-Depth. All came clear, so I rebooted the box and noticed windows was saying an application was in use. Only problem is the name of the application was blank.
Ok so hit the panic button, force a shutdown. Reboot and go to dos and do a Netstat -A. See all types of TCP and UDP ports open and start drilling on some unkown ports. Wondering if my Anti-Virus was corrupt as some of the nastier viruses will take out your AV, I went online to F-Secure and did a scan. Boy oh boy, seems Mr. Virus is working its magic. So It pings a few applications, and I click to delete the problem and nope it wont allow me to delete it. I go into the task manger and try to kill it, windows says I dont have the permissions for it.
So I force a shut down, reboot in safe mode, made some config changes and brought the system online and backed up my images and docs. Doing reformat, so will have to reinstall everything and patch and re-align and Grrrrrrrr...........
So my question to the Family is has anyone else had this happen to those who have been operational for awhile? Does anyone else except Zip files or do you not accept Zip files and only take the images?
Guidance for others.
When you receive a virus you can check the IP address of the sender and backtrack to their Internet Service Provider. Verizon (DSL) was there provider and was most helpful in addressing the issue with the sender after receiving the logs I sent.
Misunderstanding- Anti-Virus is working so I'm safe!! Wrong!! AV's only work off of the known signatures, and characteristics of a virus. There are several types of Viruses, Trojan Horses, Worms, Root Kit's, Malware Generators, Polymorphic Worms etc. So just because you have an Anti-Vrus like Symantec, or McAffee as an example doesn't mean your safe. Just means your doing due dilligance.
Top Anti-Virus in My opinon in no particular order:
WebRoot
Symantec
F-Secure
McAffee
Keep you up to speed with Anti-Virus;
1.) Trend Micro
2.) F-Secure
3.) AV-Test.org
Malware Port listings:
1.) Anti-Trojan
