Nasty Virus Windows 7

D.P.

D.P.

D.P.

Caporegime
Joined
18 Oct 2002
Posts
32,651
TL:DR, how can secure windows 7 because just got raped by a nasty virus.


Just had a very nasty virus in my windows 7 installation. I mostly use linux and so I'm not really up to date on what security software is needed for windows, I have AVG installed and all windows security options enabled as default and though i would be safe.

I was just starting to watch some family guy streamed through a common website. Illegal yes but a common activity. Nothing too dodgy.
All of a sudden a big screen pops up, fullscreen. I live in Swizterland and all the text was in German so I didn't understand it (I live in the french part) but I did read some lines land it seemed to be accusing me of possessing kinderpornographie, terrorist emails, drug paraphernalia etc. It seemed to provide some means of paying online through the post office, which is common here, and entering a pin code to unlock. Everything looking very official and well designed so it did scare me. Normally the language errors make these things dead give away but in german i had no clue. It knew my IP, location and ISP, but this stuff is relatively easy to get.

The fact is that if they thought had childporn on my computer or were sending terrorist emails they would not want me to pay 150CHF! So total scam.

Anyway, I could not close this window at all, no Alt+F4, couldn't bring up a task manager, nothing. Re-booting, same thing. Safe-mode, same thing. totally locked out. Manged to restore windows to an earlier restoration point and its OK now.

Did a complete scan with AVG and nothing. So how can I secure windows in the future?
 
Welcome to Windows. The virus makers are always once step ahead of anti-virus software and windows updates so you will never be fully secure. Providing you keep your AV and windows up-to-date and stay on trusted websites you will usually be fine.

Linux is the safer option for your "nothing too dodgy" surfing :D
 
Avria, Zonealarm, MBAM, Spybot, backup images of the main HDD, a second operating system and Googlefu.

Generally the first four won't do much. Catch blatant and clumsy programs yes but can't do a dam thing against a decent rootkit which frankly can cripple them all.


So if things start acting unusual and they can't help, go to the second operating system and attempt to find and fix the problem from there.

If that doesn't work, nuke the drive and restore a stored image from a previous time.


That's for me though, for computers I set up for someone else I set it to auto login to a limited account and make sure its updated regularly.
 
Last edited:
derv said:
Welcome to Windows. The virus makers are always once step ahead of anti-virus software and windows updates so you will never be fully secure. Providing you keep your AV and windows up-to-date and stay on trusted websites you will usually be fine.

Linux is the safer option for your "nothing too dodgy" surfing :D
Click to expand...

Honestly I don't go to anything particularly dodgy, certainly no warez sites and I don't use bit-torrent. Standard streaming videos sites like megavideo and I admit to the common youtube type sites for porn maybe once a week (hey, GF lives on a different continent...). I didn't think that such sites are particularly risky, even if watching TV is illegal this way (also something I'm kind of forced to do because watching something like family guy dubbed in french is horrific.)
 
Hotwired said:
Avria, Zonealarm, MBAM, Spybot, backup images of the main HDD, a second operating system and Googlefu.

Generally the first four won't do much. Catch blatant and clumsy programs yes but can't do a dam thing against a decent rootkit which frankly can cripple them all.


So if things start acting unusual and they can't help, go to the second operating system and attempt to find and fix the problem from there.

If that doesn't work, nuke the drive and restore a stored image from a previous time.


That's for me though, for computers I set up for someone else I set it to auto login to a limited account and make sure its updated regularly.
Click to expand...

will install the software and make a new backup.

I usually have a linux install on this computer which I do most of my work in but for the last months I've removed the linux install to free up some disk space and been using windows. Time to buy another HD an put linux back on, which I want to d anyway but i've been too lazy.
 
I can honestly say I've not had a virus since I was using XP and that was the blaster worm. I've been using Vista then Windows 7 since launch and I've not had a single virus/spyware.

Let me guess UAC turned off and you use an admin account?
 
Last edited:
Meatball said:
I can quite honesty say I've not had a virus since I was using XP. I've been using vista then Windows 7 since launch and not a single virus/spyware problem.

Let me guess UAC turned off and you use an admin account?
Click to expand...

same here
i cant remember the last time i had a virus
it must be well over 10 years

you have to be doing something, you dont just get them or we would all be getting them
all the time
 
Last edited:
That first link is exactly what I had to sort on a mates laptop this week. Luckily she only uses it to surf so a quick format and reinstall
 
Sure the screen wasn't a fakey windows popup? I never thought a website can install things on your system or infect it (unless you're using dodgy plugins or activex add ons from untrusted sources).
 
mrbell1984 said:
If only you had a mac.
Click to expand...

I realize this is bait but the No.1 Mac security feature is obscurity, and he can get that for free by installing Linux.

derv said:
Welcome to Windows. The virus makers are always once step ahead of anti-virus software and windows updates so you will never be fully secure. Providing you keep your AV and windows up-to-date and stay on trusted websites you will usually be fine.

Linux is the safer option for your "nothing too dodgy" surfing :D
Click to expand...

To be fair these days it is statistically more likely you will get owned by a Flash/PDF/Java exploit than a Windows flaw, and the majority of the ones that do attack Windows itself are back-engineered from Windows patches that are already available and rely on people not updating their machines. Only the creme de la creme of malware is exploiting the unknown holes like Stuxnet and Duqu.

Personally, free TV and adult sites fall under my definition of "risky". That's not to say any site is truly safe, but we're really talking about likeliness of there being a problem. Third-party advertising services used by these types of site are notorious for getting duped into serving up adverts with a nasty payload.

The obvious solution is to not visit those sites, but if that isn't acceptable the first thing to do is get rid of any internet-facing software you don't use and make sure the stuff you do is up to date. I use the 64bit version of IE9 on the PC with no plugins, and Chrome for the odd time I want to use YouTube or open a PDF.

Another alternative would be to create yourself a separate user account for surfing these sites. A lot of these scareware/exploitware types are usually only running as the logged in user anyway. If in doubt, you can pretty much reboot your machine and delete the affected account and be ok.
 
ShakenNstirred said:
same here
i cant remember the last time i had a virus
it must be well over 10 years

you have to be doing something, you dont just get them or we would all be getting them
all the time
Click to expand...
same and im running with UAC off on an admin acount.

my stepson has had 2 viruses though in the last 2 years... his internet hustory has some of those youtube like porn sites listed so i guess thats where he gets them.

i usually just throw combifix at them and so far its worked
 
You must log in or register to reply here.
Back
Top Bottom