?

Log in

No account? Create an account

Previous Entry | Next Entry

Instability and Malware

Hirilonde is still bluescreening.

The frequency had increased from once per day to 2-3 times per day, but I noticed that Internet Explorer was spontanteously popping open with "Windows Antivirus" ad windows, so I ran Spybot S&D 1.4. It caught some things, but nothing that looked definitely like the culprit. I immunized the system against some 12000 malware entities.

I then ran Ad-Aware. At one point during the scan, it bluescreened with a STOP error (no reboot). After I restarted and repeated this problem a few times, I realized that it was the SpyBot immunization. I ran it again, and it detected a checksum failure (indicative of tampering). I reinstalled, but did not immunize.

Then I ran Ad-Aware again. It bluescreened again, but not before I was able to nuke one item of adware. Finally, I ran VundoFix, and it removed several instances of Virtumundo.


Now the computer is a bit more stable, crashing only once a day, but I still have no idea what people are thinking when they send out this stuff. Not only does it hijack your computer - it has the same behavioral signature as the worst malicious viruses! They thwart detection by modifying scanners that would otherwise find them... and again, what are we supposed to think? "Wow, how clever. I could really use a Tronco Blargotron."

--
Banazir

Comments

( 2 comments — Leave a comment )
neadods
Sep. 25th, 2006 10:53 am (UTC)
Are you sure it's Ad-Aware? Because I got hit with the Command Service virus, which popped up a new Explorer window every 30 seconds until my memory ran out. Spybot could find it, but it took reinstalling the OS from scratch to kill it.
banazir
Sep. 25th, 2006 03:17 pm (UTC)
Need an OS reinstall?
That may indeed what I have to do, but I'm trying to establish what it is first, so I can prevent it - either by installing the right protection up front (and keeping the system integral while these installations are happening).

I still don't know what it could be. It may be collateral damage from malware, or something else entirely. IE isn't opening by itself any more. Since the rate of crashing increases exponentially with the number of internet apps (especially browsers), I'm running with Firefox only to see how long it lasts. Yesterday it crashed four times, plus once first thing this morning, but I had Firefox and Mozilla open together, with my usual 20+ tabs in each.

--
Banazir
( 2 comments — Leave a comment )

Latest Month

December 2008
S M T W T F S
 123456
78910111213
14151617181920
21222324252627
28293031   

KSU Genetic and Evolutionary Computation (GEC) Lab

Teunciness

Breakfast

Science, Technology, Engineering, Math (STEM) Communities

Fresh Pages

Tags

Page Summary

Powered by LiveJournal.com
Designed by Naoto Kishi