Last night a friend of mine got his computer infected with a virus. He opened an email from a trusted source, it had attachments, pictures of his friends dogs. AVG put up the notice that a virus threat was detected and asked if it should it be moved to the vault. So my friend clicks yes and then instantly he gets the message across the bottom of the screen "HARD DRIVE FAILURE". So he shut the computer down and called his friend from whom he recieved the email. This guy knows computers pretty well and even though his email contained the virus none of his computers were infected. Anyway, he told my friend to restart his computer and press the F2 key. He does that and the BIOS recognized his hard drive. So he thinks that the drive is probably OK but is taking it to a local computer repair place to have them fix the drive. I use AVG and Agent. He uses Yahoo and Outlook AVG. This virus is bad enough that I'm leery of opening any emails even from trusted sources. Comments anyone? Eric
Most likely explanation is that this email did not really come from your friend. It probably came from someone else who DOES have the virus and has your friend's email address in his address book.
That's often how these things work.
But for better protection, dump AVG immediately and get a subscription to Vipre.
When I got hit a few weeks back (an Earthlink security issue actually) Vipre was the only one that could identify the culprit. I'm very happy with it and it's not expensive at all.
formatting link
Oh, lastly, your hard drive is probably just fine, but getting that crud scraped off may be a challenge.
That vipre looks pretty good, $50 for apparently unlimited pyooters -- which almost seems too good to be true.... The tech help, if true and useful, is a big plus, as well.
I use TrendMicro, and just recently got a trojan in a windows dll that can't be eradicated by the program, and of course they won't tell you what to do.
Trend is better than the virus we know as Symantec Norton -- a shitty ripoff company if there ever was one -- but I think Trend is getting too big for its britches as well.
They'll probably use a high-dollar viruscanner and find a few dozen virii the others missed.
Update your virus definitions daily (at minimum) and use a backup check at least weekly to catch those the first one missed.
I use Microsoft Security Essentials (Norton -is- a virus, McAffee has been totally unreachable in an emergency (for a client), AVG and Avast missed some data logging virii in the past) along with Advanced System Care.
And usually, when I'm downloading something, I keep a copy of Task Manager open to close virus installers without using the keys in that affected program.
-- Education should provide the tools for a widening and deepening of life, for increased appreciation of all one sees or experiences. It should equip a person to live life well, to understand what is happening around him, for to live life well one must live life with awareness. -- Louis L'Amour
The virus notice was the virus. Usually written in HTML or some other browser code and when you accept the scan or retaliation action you are installing the binary code from another website.
This virus detection virus happens all the time now. When you get it, hit and kill the process. and you should be fine. Never accept the action as your scanner will not report it and ask anyway unless you have a stupid one.
They are all set up to look like your real AV scanner.
---------------------------
Last night a friend of mine got his computer infected with a virus. He opened an email from a trusted source, it had attachments, pictures of his friends dogs. AVG put up the notice that a virus threat was detected and asked if it should it be moved to the vault. So my friend clicks yes and then instantly he gets the message across the bottom of the screen "HARD DRIVE FAILURE". So he shut the computer down and called his friend from whom he recieved the email. This guy knows computers pretty well and even though his email contained the virus none of his computers were infected. Anyway, he told my friend to restart his computer and press the F2 key. He does that and the BIOS recognized his hard drive. So he thinks that the drive is probably OK but is taking it to a local computer repair place to have them fix the drive. I use AVG and Agent. He uses Yahoo and Outlook AVG. This virus is bad enough that I'm leery of opening any emails even from trusted sources. Comments anyone? Eric
Virus scanners do not detect webpages with fake scanners on them. When you hot "OK" you have installed it.
--------------
I use Microsoft Security Essentials (Norton -is- a virus, McAffee has been totally unreachable in an emergency (for a client), AVG and Avast missed some data logging virii in the past) along with Advanced System Care.
And usually, when I'm downloading something, I keep a copy of Task Manager open to close virus installers without using the keys in that affected program.
-- Education should provide the tools for a widening and deepening of life, for increased appreciation of all one sees or experiences. It should equip a person to live life well, to understand what is happening around him, for to live life well one must live life with awareness. -- Louis L'Amour
The best defense for viruses I have heard of (and what I use) is as follows:
1) to put in a second slave drive (of a different size than the main drive) to the computer, store all your important files on that. The reason is that many destructive viruses will scramble the file system index, but only of the main hard drive (that the OS is running off of). When you reformat an infected system, the reformatting software will show the hard drive sizes, so you can tell from that which one is which. .... Also, just making a separate partition on the same drive, is not the same thing as adding another physical hard drive. You need to get a second hard drive installed, so that it resides on another disk controller.
2) run an antivirus, anything that is current (I use the Microsoft free one) but do not expect it will save you every time. No antivirus program catches everything all the time. Go to any support forum for any antivirus program and you will see plenty of people outraged about the one virus the program did not stop.
3) use Firefox with the NoScript plugin, which will block a large number of javascript attacks. Only give actual websites permanent NoScript permissions, and look through the NoScript whitelist every now and then to make sure nothing is in there that shouldn't be. Don't use Internet Explorer at all. For email, don't use Outlook, Thunderbird is a safer alternative.
4) install the Adobe and the Foxit PDF readers, but DO NOT set either Foxit or Adobe reader as the default PDF plugin. The reason for this is that then whenever the browser gets a PDF file, it will stop and ask you which one to use. If you know the file source is trusted, use Adobe to view it--otherwise, use Foxit. Foxit does not have all the features that Adobe has, but Foxit also doesn't have the virus vulnerabilities that the Adobe plugin has either.
5) lastly, expect failure. Have the OS system disk and all your siftware CD's/registration info in one place, so you can easily reinstall everything when you need to. You can easily spend 2-3+ hours chasing down a virus, trying to figure out exactly what it is and how to remove it, and even then you cannot be sure that it is 100% removed or that it didn't let something else in,,,,,,,, or you can reformat the MAIN hard drive and reinstall everything in ~1 hour, and then you can be certain that the virus is 100% gone. Which makes more sense?
Comments anyone? Well, so far the best virus protection I know of is to run Linux instead of Windows. I have had my server hacked a few times, but never had event the slightest problem on my desktop machines. part of the problem is that Microsoft assumes it should run any program that is sent to you, whereas Linux assumes you DON'T want to run a program unless you specifically say to. Of course, the second thing is that a MS OS-executable virus won't run on Linux, but even the Java scripts usually try to do something that is not permitted under Linux.
Never, ever log in as ADMINISTRATOR when doing anything but administrative tasks, and when logging in as ADMINISTRATOR (to install new software or change settings or add normal users, like yourself), unplug the network first.
Then log on as an ordinary user, with no privileges.
I have a slightly different system. The Windows OS and My Documents etc are on separate partitions if the computer holds only one drive, like this laptop, otherwise they are on separate drives. I use the free Seagate or Western Digital version of Acronis True Image to back up the OS drive or partition to an external USB drive periodically, usually after scrubbing out the junk before manually installing software updates. The non-OS drive or partition can be simply copied to the USB drive. This separation keeps the size of the OS backup reasonably small so it might fit on a flash drive or DVD.
Acronis lets you make a bootable CD or flash drive (128MB is enough) that you can boot if the hard drive becomes corrupted or invisible, assuming you have placed them in the boot sequence. Recent versions of Acronis will detect the external USB drive and show you the date- stamped backups stored on it. Follow the instructions to restore the OS partition, even onto a new bare drive.
Both versions need to find at least one drive of their own brand, which can be the USB one.
I have a restricted user account to surf, an administrator account to update or install programs, and another administrator account that never goes online to manually explore and clean out the \Cookies, \Temp, \Recent and \Temporary Internet Files folders of the other two. In XP an administrator can't completely examine its own \Local Settings.
You need to turn off Simpleminded File Sharing to fine-tune account priviledges, and enable viewing Hidden and System files to clean out the trash.
You haven't experienced Win 7. Nothing runs unless you have OKed it now or before as a rule.
HTML code and Java run and that is what these viruses are written in until you install the meat and potatoes of it by clicking to "SCAN" or "clean" then out. These viruses emulate and look exactly like your installed scanner and fool the user.
Linux and other rare O/Ses are only behind in development of nasties as their isn't a large enough audience to warrant grandstanding to them.
hacks allowed alterations of the scripts that would be called to run a remote print job. Apache also had a vulnerability.
There were also a few other unsuccessful attempts that scared me, but nobody was able to do much except use my system to store files for nefarious uses. I had a wiki here for a while, but shut it down when it was used that way.
Anyway, I installed denyhosts and set very tight limits on failed login attempts, and it has been enormously successful in keeping the hacker botnets locked out. Each IP in a botnet only gets two login failures every 2 weeks, if they exceed that then that IP gets locked out for months. The botnets actually probe to find the limits of my security, I can see them limiting their probing to stay off the hosts.deny list, but at that rate they will NEVER crack my passwords. Active accounts are EXTREMELY limited on the server.
But, a desktop behind a firewall with bare minimum servers and no IP access to the WAN should NEVER be able to be compromised. If it is, then it is due to appallingly stupid OS security. It is totally incomprehensible why MicroSoft is STILL having vulnerabilities discovered in their OS after all the publicity of their weaknesses.
Yup, I have a number of CAD applications that need some kind of Windows. So, I run Win 2K Pro as a guest OS under Linux via VMware, and never do web surfing using the Windows system. Win 2K runs reliably for months in this environment, much better than it does on real hardware.
PolyTech Forum website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.