Sunday, January 25, 2009

Virus Mayhem

You might notice that I deleted the post with the broken English sign. I believe the web site I got it from wreaked havoc on 2 of my PCs this afternoon, rapidly filling them with viruses. While I can't be 100% sure the infection came from there, a warning came up almost immediately upon hitting the page and a new web page loaded and dropped files on my PC.

While it may not be their fault, I don't think it is a good idea to visit Engrish (I separated the words to make it harder to create a link from). If it was from their page, it was probably one of their advertisers (or a hacker I suppose). I had four other tabs open, so it could have come in from an ad on one of those pages. I hate to disappoint, but none of them were porn.

I should also point out that I've been visiting this site for months without any problem.

Several things frustrated me about this:

1. While Microsoft gets a lot of heat about every security transgression, the browser people (mostly Firefox & IE) along with AND ESPECIALLY Adobe Flash don't seem to face the same scrutiny. This happens in spite of the fact that malicious web pages are the usual mode of virus transmission now.

2. These viruses are nasty and well-written. They mutate, self-replicate, self-encrypt, and block your browser from using Windows update and, in some cases, reaching security web sites.

3. AVG Free could identify some of the virus files, but couldn't remove them. PrevX found the virus files, but wouldn't remove them without buying a license. Yeah, I am going to give out my credit card # on an infected PC, riiiight. Haven't these people heard of bootable live CDs?

4. Thanks to Ubuntu Linux, I was able to boot in and manually remove the files myself, but how is a novice going to know that? Sadly, our eMachine seems to freeze up when booting Linux, so I am still trying to figure out what to do there.

If the malicious web page situation can't be solved, I can definitely see us moving out of Windows altogether. I love the development tools, but I can't have my life disrupted by visiting innocuous web pages again. I don't understand why doesn't send out a muck raker to expose this security malaise.

The other option is to take the Commander Adama approach and remove the Internet part of our connectivity. It may be the only way to keep the Cylons out. :D


Arkonbey said...

I'm just happy that nobody's gotten around to making lots of Mac viruses...

Hypatia said...

Yes, me too! sorry Snabby. The poopsmiths attack again!

Dave said...

Zone Labs Security Suite AntiVirus and Firewall is about the best you can get. For what ever reason, the virus seems to have not spread from your pc to your blog, we hope.

The Moody Minstrel said...

Maybe someone in China or Japan was trying to get revenge for being laughed at. That does suck, though.

Back when I used AVG Free it used to find viruses left and right, a couple of times even ones that Norton missed. Now I use the paid, licensed version of AVG w/ Firewall on my home computer, and it doesn't seem to have found a virus in ages. Of course, since it now does almost everything in the background it's possible I just don't know about it. There's also the no small fact that both my web-surfing and spam e-mail are a tiny fraction of what they used to be.

DewKid said...

I seriously doubt you got it from there. It's one of my regular stops, and I have yet to see a virus appear on my machine.

Don Snabulus said...


Beware! A new Mac trojan is making the rounds.


Much poopie.


I am comparing Zone with 3 other AV programs (since files are still being detected each day with AVG going). I will post my results.


AVG keeps history logs and you can always peek in the vault. I am glad things are going well.


I will just repeat...

a warning came up almost immediately upon hitting the page and a new web page loaded and dropped files on my PC.

I don't know for sure if it was them, but any site with ads allows 3rd party code to execute on their page. They can't be ruled out.

Not that it matters, it appears that I will be reinstalling Windows (or other OS) after my AV testing is over. I will never be sure it is really clean unless I do.

Dean Wormer said...

Commander Adama approach. Or the Ripley from Aliens approach- take off and nuke it from orbit. It's the only way to be sure.