As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/

A quick malware / spyware question (Removal - Prevention?)

TetraNitroCubaneTetraNitroCubane The DjinneratorAt the bottom of a bottleRegistered User regular
edited November 2007 in Help / Advice Forum
I regularly use a variety of web-based email clients to check my email from various computer I maintain and know to be secure. It's not a good solution, but it's the best option I have to check from work and such. Anyway, just this evening, I was checking my archaic hotmail account on a Macintosh at work (using Firefox!), when suddenly without my input it closes the browser window and calls up a pop-up (which are set to be blocked).

The pop-up is obviously malware, something called malwarealarm, which insists that the computer needs to be scanned and asks if I want to download the program. I cancel, naturally, but that doesn't stop the damned thing from redirecting me to its webpage and trying to download all kinds of nasty shit.

Long story short, it was on a Mac, so I'm not sure if anything happened that could be bad. But this has me paranoid for my PC now. I hadn't opened an attachment, or even any email at all in my hotmail account. I had barely even opened my inbox when this thing jumped out of nowhere, so I don't have any idea where it might've come from, save for a rouge banner ad. From what I understand, Macs are pretty impervious to this kind of attack, so I doubt it was pre-existing spyware.

Regardless, what's the best way to assure that this kind of thing won't fuck my PC, since I didn't do anything except open my inbox? I'm paranoid to even check my email now. On my PC I'm using Opera, I've got Nod32 installed, and I periodically run Spybot S&D. But if malware can strike me that quickly from a trusted site, obviously I don't know how to surf safe. Any advice?

VuIBhrs.png
TetraNitroCubane on

Posts

  • PrimesghostPrimesghost Registered User regular
    edited November 2007
    On a Windows machine, the only way to be as protected as possible is to run antivirus and antispyware software. That specific piece of spyware is particularly nasty so watch out for it. I recommend Spy Sweeper running in conjunction with weekly AdAware sweeps for spyware and Kaspersky for antivirus. These are the ones I have had the best luck with as far as detection and removal goes.

    Regarding Nod32. Last week a contract customer of mine had a snafu with their email server and had to recover their data from a backup. A couple of years ago they gave up Norton Enterprise to go with Nod32 Server because of the price difference. Well I contacted their offsite backup company and got them to send me a copy of their data on an external drive so that I could restore their email server data. I got a call from them to let me know that when they were putting the data onto an external drive for shipping they found a signifigant number of viruses and that I should be careful when restoring the data. I got the drive in yesterday and scanned with both Nortons and Kaspersky. In total they found 178 virus infected files. I know for a fact that the Nod32 was installed properly and fully updated when these backups were created because I did it myself. I now have no faith in Nod32 at all and will be cautioning my customers to use something else from now on.

    Primesghost on
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited November 2007
    On a Windows machine, the only way to be as protected as possible is to run antivirus and antispyware software. That specific piece of spyware is particularly nasty so watch out for it. I recommend Spy Sweeper running in conjunction with weekly AdAware sweeps for spyware and Kaspersky for antivirus. These are the ones I have had the best luck with as far as detection and removal goes.

    Regarding Nod32. Last week a contract customer of mine had a snafu with their email server and had to recover their data from a backup. A couple of years ago they gave up Norton Enterprise to go with Nod32 Server because of the price difference. Well I contacted their offsite backup company and got them to send me a copy of their data on an external drive so that I could restore their email server data. I got a call from them to let me know that when they were putting the data onto an external drive for shipping they found a signifigant number of viruses and that I should be careful when restoring the data. I got the drive in yesterday and scanned with both Nortons and Kaspersky. In total they found 178 virus infected files. I know for a fact that the Nod32 was installed properly and fully updated when these backups were created because I did it myself. I now have no faith in Nod32 at all and will be cautioning my customers to use something else from now on.

    Are you serious? I've heard just about everywhere that Nod32 is the best anti-virus protection around. These forums usually offer glowing praise, and just about every review I've ever read says that Nod will catch a virus and remove it before the virus definitions of other AV software have even been updated toward the threat. I went with Nod, not because of the price difference, but because it seems to be unobtrusive and effective. Have I been misinformed, then? I'm not meaning to sound ungreatful, but are there any other soruces other than ancedotal that illustrate Nod's failure?

    Also, I'm less concerned about being reactionary (i.e. Now that the spyware's here, let's remove it), and more concerned with being preventatory (i.e. I want to minimize my contact with that shit in the first place). I try to keep my browsing habits sane, but I was curious if there's any way to prevent a malware infection when opening my email inbox starts a malicious download. Note that I never even opened an attachment - Or even any mail message! I had just input my password and username, hit submit, and it loaded my inbox fine... then the malware hit. I'd really rather not reformat my computer every time I check my email.

    TetraNitroCubane on
    VuIBhrs.png
  • PrimesghostPrimesghost Registered User regular
    edited November 2007
    As for Nod32, all I can offer is my own personal experience. I hooked the external drive up to their server yesterday and did a full scan with their Nod32 (which I made sure was fully updated) and it found nothing at all. I then hooked it up to my laptop with Norton AV 2008 and it found 150 viruses in email attachments in their email archives. I then brought the drive back to my shop and hooked it up to a machine with Kaspersky Internet Security 2008 and scanned again and found 28 more viruses. The part I found odd was that all the viruses were in email attachments from their archive for 2003 and they were all very popular and old viruses (MyDoom, Klez, etc.). Maybe Eset (Nod32 makers) removes old viruses from their definition files after a few years or something. Like I said, I can't offer any solid evidence since I didn't take screenshots or anything. This is just what I experienced personally.

    Primesghost on
Sign In or Register to comment.