PDA

View Full Version : Well, it's a good thing I posted the LCD hack



localroger
12-24-2011, 11:35 PM
A couple of hours ago the fake antivirus trojan hosed my computer, and the PING backup isn't working. So the archives I posted on the blog are the only records I have of that work.

Lost some other stuff too, most of the more important stuff was on the USB external drive. But damn.

Publison
12-24-2011, 11:42 PM
I feel your pain! My 1TB backup drive just refused to be recognized today. And I just did a fresh OS install last week and have not got every thing back on the 'puter yet.

Gee. does it have anything to do with a Microsoft Service Pack download this morning :(

Rebuilding the file system as we speak.

Don M
12-25-2011, 02:10 PM
I've been using Dropbox for a lot of my development files.

Loopy Byteloose
12-25-2011, 02:59 PM
Seems that Windows is still susceptible to a Christmas virus.

Kye
12-25-2011, 03:00 PM
I was really lucky with this. So... I installed some windows updates, then backed my computer up.

Then when I rebooted my computer it said "Operating System Not Found"...

Haha, luckily I was just about to reformat it so all my data was saved!

$WMc%
12-25-2011, 04:56 PM
Turn off the automatic updates!!!!!!
'
Just say NO....
'
Yes you'll get that annoying pop-up that your PC might be at risk,But its better than that blank blue screen.
'
Check out UniBlue....
http://www.uniblue.com and http://www.liutilities.com
'
this might help you to recover from the virus.

SRLM
12-25-2011, 06:19 PM
More importantly, have three copies of all your important data: main computer drive, second internal drive, and external USB drive. With this method you'll never have all your copies of the data together in one place (or connected to one system...).

Martin_H
12-25-2011, 06:32 PM
Last night my wife's computer got hit with something called System Fix which downloads via some IE vulnerability. It pops up a sign screen which looks like a system utility claiming your machine has hard disk and ram problems. A bunch of her files also went missing. It offers to fix these problems if you paid to download the full version.

Needless to say I didn't do that and found that it could not be killed. Since she was on System 7 and we had UAC on, there was a good chance that only the current user was infected. So I shut the machine down and rebooted and logged into my account. This worked and I was able to clear off the infection as it was quarantined to one user. It also wasn't able to deploy its root kit because UAC requires a password to touch system files.

The last problem was all the missing files. I did a Google search and found that System Fix only marks them hidden, so running unhide.exe solved that. All in all a close call.


TL;DR Roger, your files might only be marked hidden if these two pieces of malware are related.

localroger
12-25-2011, 08:31 PM
Sadly, Martin, I overwrote my own files with the sector backup. Did the same thing to my wife's computer a couple of years ago, but it was an old machine and obviously had a problem with the USB ports. This is a much newer machine, and I was feeling confident because I've restored several other similar generation machines with PING. Ugly update, certain model Dells have this problem and when I ran the error message through Google came up with quite a few complaints -- but no solutions.

I did manage to get my year and a half old backup to mount well enough to copy some of the more important stuff off of it via the PING linux shell, although it wouldn't boot and much was still corrupted. Today (Christmas) I've been occupied rebuilding the system, periodically backing it up again with PING, and verifying that it will restore. I think that now that the problematic Dell service partition has been overwritten it will be OK. But I will always make sure to have my personal data in a mountable, verifiable external form before trying another sector restore.

ElectricAye
12-25-2011, 10:44 PM
Seems that Windows is still susceptible to a Christmas virus.

Are all you gurus suffering from the same kind of virus or whatever? If so, perhaps posting a detailed warning with an eye-catching title in this forum would give some people a heads up???
It worries me when I see you experts lamenting these kinds of problems, for what chance do lowly clueless non-IT types like me have against such threats? Is it 2012 already?

BTW, Merry Christmas, gurus.

Publison
12-25-2011, 11:12 PM
Are all you gurus suffering from the same kind of virus or whatever? If so, perhaps posting a detailed warning with an eye-catching title in this forum would give some people a heads up???
It worries me when I see you experts lamenting these kinds of problems, for what chance do lowly clueless non-IT types like me have against such threats? Is it 2012 already?

BTW, Merry Christmas, gurus.

I don't know anything about a Christmas Virus that Loppy eluded to, (or even heard of a Christmas Virus). I think my problem was hardware probable due to a power glitch that I just remembered we had a few days ago. (External backup drive too far away from Battery Backup to be plugged in)

davejames
12-26-2011, 01:46 AM
Last night my wife's computer got hit with something called System Fix which downloads via some IE vulnerability.

OUCH!!! That's a known malware (showed up in 2010) which exploits the administrator level that all Windows XP users have. So when a link is clicked, whatever is behind that link is run with administrator privledges.

Ask me how I know...

It took the IT group at work close to 3 days to work around the little nasty and extract my data off the hard drive. Yes, I had a back up of all my major project code and schematics, but all my home stuff was locked on the hard drive.

Now I use a general XP acount (no admin priv) to surf the Interweb.

wmosscrop
12-26-2011, 02:18 AM
More importantly, have three copies of all your important data: main computer drive, second internal drive, and external USB drive. With this method you'll never have all your copies of the data together in one place (or connected to one system...).

I'd add at least offsite backup in case of disaster. What I use is an external disk drive that has not only my backups (encrypted) but also my music files so that I can listen to them at work...

...and we also use Mozy. We have tons of scanned family photos (thanks to my wife and her ongoing genealogy project) and the auto-backup feature works great.

One thing I've learned over the years as a programmer/developer/whatever is that you can't have too many backups.

Walter

bsnut
12-26-2011, 02:33 AM
More importantly, have three copies of all your important data: main computer drive, second internal drive, and external USB drive. With this method you'll never have all your copies of the data together in one place (or connected to one system...).
This the best method that you can do.

I haven't had any problems with Windows XP updates myself since I got my used government laptop.

For one, I don't leave my laptop connected to internet and since I used my smart phone for my laptop to connect to the outside world. The only problem I had with my computer is the MS Office program loss it registry file that says its a legal program.

Loopy Byteloose
12-26-2011, 01:13 PM
Using Ubuntu Linux and having a lot less problems.

Firstly, one need only back up /user directories - not all and everything for recovery. You can recover from an updated OS image and just restore the /user to have it configure properly.

Second, less susceptible to viruses. Most viruses create .exe files that Linux just ignores.

Third, doing a hard disk image is a rather generic process and FREE in Linux. No more buying Ghost or whatever.

Fourth, the updates in Linux are not nearly as questionable as the one's in Windows - so automatic updates are not really a problem. And, they install in the background - so you don't have hanging log outs. A few major ones require an additional wait to log in, but they are easy to recognize and to opt a convenient time to do.

And fifth, I have SIX desktops that allow me to more easily multitask.

Other advantages are no defragmentation required, no registry cleaner needed, and nearly no cash out of pocket.

Merry Christmas.

Tor
12-26-2011, 01:49 PM
And fifth, I have SIX desktops that allow me to more easily multitask.
Only six? I have 18.. :)

Other advantages are no defragmentation required
This isn't strictly true though.. the ext2 and ext3 filesystems are also susceptible to fragmentation. Almost every filesystem is, going all the way back to the first Unix filesystems. The reason is that to avoid fragmentation there needs to be a certain amount of free space in the filesystem itself, otherwise it cannot rearrange and allocate space for the data in an efficient way. In practice, this means that if you start filling up your filesystem more than around 80% there won't be enough free space left to do efficient file allocations. This happens to NTFS and ext2/ext3 (and most other filesystems). For all of these, the same rule applies: If you wish to avoid fragmentation then stay below 80% (the actual percentage depends somewhat of the size of files you typically write).

In my job I've done extensive testing on filesystems because fragmentation causes performance issues that our products cannot tolerate (real-time data is written to disk at a very high rate and the filesystem is being accessed for reads, writes and deletes at the same time. Fragmentation results in drops in the performance now and then, which, to us, means data loss).

So yes, there is fragmentation also on Linux filesystems (XFS is the one which handles full filesystems best, in my experience), but there are no usable de-fragmentation tools available. The only practical way to de-fragment is to backup, re-create the filesystem, restore (incidentally this is the optimal way to defragment _any_ filesystem, including Windows filesystems).
It could well be that the Linux filesystem fragmentation isn't as severe as Windows filesystem fragmentation, but I have no data to back that up and I wouldn't count on it. It's difficult to measure though because there are so many other things that can slow down Windows at the same time, including the registry pollution issues you also mention.
The good news is that if you don't fill up your filesystem but leaves some 20%-30% free then the Linux filesystems will be very well-behaved w.r.t. fragmentation. But doing this also helps to avoid WIndows filesystem fragmentation.

-Tor