11:17 amSo, BrotherBookworm had the misfortune to get infected with the Virtumonde Virus over the weekend. Damn, that is one persistent little bugger! Last night I finally got enough of it out that Windows Explorer stopped crashing (Spybot SD rocks!), but there is no guarantee that we got it all. Since one of the Virus' features is a keylogger, it is important to make sure that we got it all, so tonight we will begin a barrage of virus and trojan scanners to insure that it is truly gone. And then we'll uninstall IE and reinstall it, since the virus hijacked it as well. It kept trying to redirect me to it's phony anti-virus products when I was trying to access the Windows update site, but I was too crafty for such shenanigans. And then we'll update all possible software to the latest versions (Secunia PSI will come in handy for some of this, a nifty new program that works quite well). And setup a regular virus-scanning schedule. Spybot and A Squared Command Line. (Autohotkey to the rescue again: when I discovered that XP Task Scheduler dislikes some command line switches, I wrote a little script to automate the A2 command line update and scanner. Now, I just point Task Scheduler to the .exe, and, viola! Automated Scanning!) And install ZoneAlarmPro. And maybe AVG Free active scanner (I'm not sure if this would actually be helpful. Would it have caught the trojan? I'm not using an active scanner on my own computers at the moment, instead scheduling passive scanners to run every night, and I have so far experienced no ill effects, but this might be due to Vista's improved firewall and security features...). In the course of dealing with the trojan, we discovered several other infections, some of which were boldly adding themselves to the startup processes. So, we'll be taking steps to prevent further infections. BrotherBookworm uses Windows XP Media Center, and using it reminded me of how much I love Vista. Some of the best new features in Vista are little things that your average user will never notice, but that make a big difference when you're trying to do serious troubleshooting. Plus, with UAC and a better Firewall, the infection might never have happened in the first place. And you never have to open a browser to update Vista, unlike XP. If only we had the XP Media Center Install disc, I would just transfer personal files, format, and reinstall. But, as is the case with many pre-owned computers, the install disc was missing when we got the computer (yes, they're supposed to be included, but many resellers seem to be emotionally attached to them and won't include them no matter what you do...). If all else fails, we'll either format and "downgrade" to my extra copy of XP Home, or Upgrade to Vista Business, which I can get for a good price as a student. But would the expense really be worth it? I love Vista myself, and would love to finally have everyone on the home network using it, but there is no denying the fact that I have a perfectly good unused copy of XP available... This is the first serious infection that has ever happened in my family, and I have no intention of repeating the experience! On the plus side, we are a very techie family (as a household, we have more computers than actual people), and nothing brings us together and facilitates civil conversation like fixing a computer problem. Now to go research restore points. One of the evil side-effects of this virus is that it erased all restore points made prior to infection. If restore points are portable, we can isolate one on a portable drive and prevent such evilness in the future. Here's hoping... Continuing to live up to the Family Motto: Paid Tech Support? We don't need no Overpriced Tech Support! That's what Google is for! |