Log in

No account? Create an account

The Toybox

people for the conservation of limited amounts of indignation

Previous Entry Share Next Entry
psa: megaupload and viruses
children of dune - leto 1
Heads up on a new and exciting computer virus for downloaders. Quoting from chopchica here:

chopchica: Yesterday, I went to megaupload to download a new Merlin vid. I've downloaded from megaupload a billion times and never had a problem but yesterday, I immediately ended up with the Virtumonde/Vundo trojan horse on my computer and I am *totally fucked*. From what I can see out there, a new extremely virulent version appeared yesterday. BE VERY CAREFUL WHEN DOWNLOADING *ANYTHING* right now, but *especially* from megaupload! If you think you have it, turn off your internet access (*all* of it)*immediately*, because goes to the web and downloads new malware to your computer for fun.

ileliberte: Hi, coming in through surfing my f-flist. I had a Vundo trojan infection recently and the best program to deal with is Malwarebytes. go to malwarebytes.org and you can download the basic program for free. Quick scan usually gets rid of it all but run a complete one just to check up afterwards. It can run on usual startup mode, but if you want to be extra careful, run it on safe mode and it'll get rid of the trojan. Symantec unfortunately doesn't really recognize this virus. Also, beware of windows popping up that look exactly like My computer windows, be sure you don't mistakenly click anything there before you see the url.

ETA: More here from ileliberte on the virus.

ETA 2: cat_77 has some more info on AVG antivirus program here.

I'm seconding malwarebytes as a possible solution, as it's the one the tech guy at work bullied me into getting for both my work and home computer and it's caught several things that both McAfee and AdAware missed.

If anyone has any other solutions, please feel free to suggest.

Stinger, by McAfee and Sysclean, by Trend -- both stand-alone virus checker apps, both free, Stinger is a little easier to use than Sysclean. Also? I don't know if you saw my warning the other day, but MAKE SURE YOU'VE GOT ADOBE READER NINE. Another new virus that went live yesterday exploited some damn thing in Reader anythinglessthannine and it's already hit a bunch of people at my office (for which I'm getting blamed, for which they can fire my ass and they won't because I'm the only one stupid enough to work there).

Gah. All I want is ten minutes alone in a locked room with those fuckers who think writing viruses is funny. I wouldn't even need a weapon. Well, okay, a plastic spoon.

Unfortunately, they don't just think it's funny, they're profiting from the viruses. Botnets are big money.

I say we kill all the spammers. ::nods firmly::

Edited at 2009-02-25 07:11 pm (UTC)

Just to add to what I said, one of the things it also does is install a program called Antivirus 360 that pretends to be a legitimate antivirus program and mimics the Windows interface style, just cross it out from the top right corner, don't hit cancel or ok on the body of any pop-up alerts it shows. Malwarebytes should get rid of it all, you won't be able to uninstall it by yourself completely.

(Deleted comment)
Feel free. I do, too, and it's only luck I think that I didnt' have time yesterday to download like chop did.

Oh shit. I'll be downloading that, I have both McAfee and AdAware and thought both were safe. :( Also I thought megaupload would be safe.

How did you know you have the Virtumonde/Vundo trojan? Is it obvious?

Ahahha, sorry, I went back and reread your post. You were quoting. *headdesk* Please ignore!

When I got hit a little while back, nothing was getting all the hidden crap left in random places on my computer (including my documents folder, for some, odd, reason). Downloaded the free trial version of AVG and it worked wonders. If you go to their main site, it's a bit hidden. Do a search in their helpful little window for "Free Download" and it comes up (was the first option). Good enough I'm thinking of buying the full program.

Also, out tech guys here at The Company just sent out a notice about a new round of email spam that contains links to virus sites. Hopefully no one is stupid enough to click on a random "e-card" from someone they don't know, but apparently enough people were dumb enough that they needed to send out a reminder.

Added to entry. Thank you!

Thanks so much for this post. I've downloaded the Malwarebyes program recommended, and I'll pass it on.

Hopefully ESET Smart Security will prove to be sufficient protection. It does combine functions of a firewall and antivirus...

But I suppose I should update my Adobe Reader 8.0 to 9.0, just to be on the safe side. Though I'll be sad to part with the previous version, it was the best interface they came up with so far.

Thanks for the heads up!

I just had p_zeitgeist point this out to me: http://www.adobe.com/support/security/advisories/apsa09-01.html which means that Adobe 9 is vulnerable now, too! I'll post in my own damned LJ about it, but... just... GAH!

I try to avoid catching those viruses by using for a year now

if I do not even go to the MU and otherwise sites in the browser, at least, that should save me from their infected ads.
whether or not the files, that i dl, are infected , is at my own risk.

Thanks for that rec. That's a handy piece of software.

I swear by AVG. Absolutely.

I'd definitely put my weight behind the Malwarebytes recommendation - one of the best pieces of software I've found in a while. Not a fan of AdAware personally - takes up way too many system resources for my liking. Spybot S&D isn't too bad and seems to do a good job at getting most of the nasties, providing you keep the definitions up-to-date.

Also, on an anti-virus note, Avast is pretty good and has kept my computers almost completely virus-free for many years.

Edited at 2009-02-25 10:11 pm (UTC)

Avast rocks. No doubt about it. Back when I was building computers for a living, I told my customers to use that and nothing else.

Just throwing my two-cents in here as well as on chop's post, but I got hit with a virus while I was on a freaking cupcake blog a few weeks ago. After checking back, I found that the google ads - the flash ads, not the text kind - were what apparently did it, so I downloaded this firefox addon which does incredible things not only for your safety on sites like MU and mediafire and sendspace, but also website loading speed if you're browsing.

I literally clicked your link and downloaded and installed immediately. I remember the stress of losing my last laptop. Thank you!

I'd also like to recommend people visiting http://www.spywarewarrior.com/index.php

They will walk you through, step by step, how to clean and rescue your computer for free. They've saved my computer a number of times. They are big on using Malwarebytes too. BUt Malwarebytes doesn't always get the entire infection. There are usually other things you need to do to get it all. I've gotten the Vundo/Antivirus 2008 infection before and they saved my computer.

Edited at 2009-02-26 04:18 am (UTC)

Thank you for this! I have NoScript add-on with Firefox, which I highly recommend for blocking flash-ads and must have saved my ass the few dozen times I DL'ed from MU.

Would you mind me linking to you for a large music-sharing community?

Wandered over here from...somewhere, don't remember. But the point is thank you so, so much for both the information that a) there's a fucking virus and b) about the malwarebytes program, which promptly revealed that I was infected, which may explain some recent comp shenanigans.

Thanks again!