Virused
John Board
Posts: 371
G'day,
I don't think this is quite the right place to post... but there are some pretty clever people here, so I thought perhaps someone could help
I have been using Ubuntu 12.04 for some time now, and I have dropped my guard security wise on windows machines.... And I beleive I have been infected.
Whenever my (windows 7) computer turns on, I log in, and about 30 secons after logging in, it has a bluescreen. I do know that it is not an OS issue.
I've tried booting up Kaspersky's Linux recovery disk, and running a virus checker on that - nothing, same thing with avira, also booted into safe mode, installed the following antivirus systems, and they report all negative for any viruses:
Kaspersky
McAfee
Malware Bytes scanner
SpyHunter
Micro Trend
AVG
(and a few others)
After scanning with all this software... still no avail.
[FONT=verdana, geneva, lucida, lucida grande, arial, helvetica, sans-serif]Any ideas?
Thanks,
John[/FONT]
I don't think this is quite the right place to post... but there are some pretty clever people here, so I thought perhaps someone could help
I have been using Ubuntu 12.04 for some time now, and I have dropped my guard security wise on windows machines.... And I beleive I have been infected.
Whenever my (windows 7) computer turns on, I log in, and about 30 secons after logging in, it has a bluescreen. I do know that it is not an OS issue.
I've tried booting up Kaspersky's Linux recovery disk, and running a virus checker on that - nothing, same thing with avira, also booted into safe mode, installed the following antivirus systems, and they report all negative for any viruses:
Kaspersky
McAfee
Malware Bytes scanner
SpyHunter
Micro Trend
AVG
(and a few others)
After scanning with all this software... still no avail.
[FONT=verdana, geneva, lucida, lucida grande, arial, helvetica, sans-serif]Any ideas?
Thanks,
John[/FONT]
Comments
What do you mean?
If your machine won't start it's either hardware or operating system.
At this point I would just stick to Ubuntu. Run an instance of Windows in a VirtualBox if you have to. When it get's hosed by a virus or cock-eyed driver installation you can always revert to a working image almost immediately.
For ANY windows issue, reformat the hard drive, and reinstall clean. It takes about 45 minutes. Diagnosing ANY problem takes forever, and never quite fixes the issue, as windows never really "undoes" anything completely.
Any data you had that was important was backed up, anything that wasn't backed up can be downloaded from the internet, anything that was custom created can be recreated. It much faster than wasting you life on fixing windows.
Setting up you firewall properly is where I would advise spending time, after the wipe and reinstall.
Perhaps there is a ton of stuff on that drive that John wants back. Even if it is just the result of the last three day non-stop propeller coding stint when backups were neglected.
You can always plug that drive into an Ubuntu box, mount the Windows partition and copy your valuable files out.
Then put it back in the original machine, and reinstall Debian...err sorry Windows:)
1. Keep as much data as possible on external drives and disable autorun on all Windows machines so they can't carry an infection
2. Perform clean install, install all major software, then make a sector-level backup. I use the freeware PING utility. Restoring from such a backup is MUCH easier than reinstalling Windows.
3. Before using the machine for real work, reformat and make sure the sector-level backup WORKS. I had some issues with a Dell box that had a secret partition confusing PING.
4. Don't even waste time with antivirus. They are useless for zero day exploits and viruses are now very good at hiding themselves from scanners.
The problem may not be a virus, but it may be a corrupted OS file instead. Have you tried restoring to a previously saved version? Or you should be able to restore to the original version. That's what I had to do on my Windows computer. Make sure you back up your data files using your linux box before you do anything else. You will lose all your files if you revert back to the original version, and you'll have to reload your programs and copy your data files from the backup.
And make sure you pay your Norton tax every year (or whatever antivirus software you use). Antivirus software is a necessity on Windows boxes. I haven't any problems for the last few years on systems where I keep the antivirus software up to date.
Combofix sounds interesting unless it leads to Scroogling...
BTW, my mobo has a bad SATA HD connector that gives me a BSOD every 6 months, I have to R&R the connector and all is well for a while, GRRRRRR.... A bad cable could cause the same issue. Wiggle your connectors or swap cables just to be safe.
If you need to salvage files for a reboot, just use an Ubuntu Linux Live CD or USB boot on the Windows machine and take a look around. You won't hurt anything and you may figure away to salvage quite a lot of important data before you end up getting into that finally acceptance that nothing can be done and wipe the hard disk.
Linux can look in NTFS partions and copy files, but MS is making this harder and harder. On my own W7, I can see everything from Ubuntu.
Thanks for the heads up on a Windows 7 virus. Living in Taiwan is like living in the cesspool of the Internet, so I nearly always use Linux... but I do have Windows7 retained on a dual boot.
It was posted in the Propeller forum.
I've had to remove the suspect disk drive and connect it into (onto) a known good computer and run the anti-whatever from there.
Don't forget about something called a "root kit". These nasty things imbed themselves into OS files and are invisible to a lot of anti-whatever. Most IT professionals (of which I am not) will recommend wiping the suspect disk and re-installing the OS if a root kit is deemed the culprit. Fortunately , root kits don't appear to attack non-OS files. So the user files are relatively safe. Thanks to Average Joe for that most helpful bit of information.
Good luck!
After all, Linux can get this virus - so it is the ideal tool to clean up the mess a Windows virus makes.
I had been playing with my CMUCam earlier on, and had put the SD card in the computer, to calibrate it. While I was playing around on the TV, and my java GUI, my computer had the blue screen... After much virus scanning, etc, no avail. Anyway, after many tries, I thought "I"ve been with computers long enough... Lets see if we can decode this wall of gibberish called a blue screen...", so I found the name of the module that was causing the issue, then I googled it... and found it was a Broadcom SD card driver, so I thought I'd remove the SD card, and see what it'd do... Well it must've been that, because I haven't had an issue since!
So there you have it, a possibly corrupted SD card can crash a computer!
Thanks again for all your help / interest! And sorry Leon for posting in the propeller section, I meant it for the general chat.. I must be too used to going to the propeller section.
-John
Reformat! Reformat EVERYTHING! Muhuhahaha!
OK, you can just remove the SD card, but what fun is that?
1. Do NOT enable Windows Update! If it works fine, don't let M$ f%^* with it! Ever! One of their updates toasted my WinXP box to the point that it would not boot, and it took days to reconstruct everything.
2. Just because Windows is TU doesn't mean the HD is toast. In the event referenced in #1, I was able to restore all of my work files via a Knoppix live CD. Not that I needed to, but it was easier than recovering from backups.
3. Keep a "lifeboat" handy in a safe place that includes all of the CDs and software installation keys and you need to restore your apps. It saves looking all over the place for installation disks and license info.
4. Never use your work PC for surfing consumer-oriented or other dodgy websites. The kind of viruses your grandmother would pick up form incautious web use should not be allowed near a work PC.
-Phil