Author Topic: Virtumonde's latest trick!  (Read 9528 times)

0 Members and 1 Guest are viewing this topic.

Hard_ROCKER

  • Guest
Re: Virtumonde's latest trick!
« Reply #15 on: January 04, 2008, 10:38:24 PM »
I just wonder where my antivirus was when this hit my computer.
Siting silently in the system tray ;D
Better, swirling ;D

Happily scanning along, letting the nasties inside and producing FP's every now and then ...  ;D

micky77

  • Guest
Re: Virtumonde's latest trick!
« Reply #16 on: January 04, 2008, 10:46:04 PM »
SasH,do you have any idea how you became infected ? Do you use P2P,( or similar downloading ) or do you think it was by visiting a bad site/opening email/ clicking on link,etc. I do nearly all my surfing/emaiing  using Sandboxie,I haven't as yet,recovered anything from sandboxes,but, as far as just purely using the net to 'look' ,open email attatchments, clicking links etc, I feel quite safe.When I'm done I simply empty the box,and any nasties with it.Also, if you click on an email link while using sandboxie,it opens your browser sandbxed,or if you view a video while surfing,it opens your media player sandboxed,etc,etc.
« Last Edit: January 04, 2008, 11:09:20 PM by micky77 »

Hard_ROCKER

  • Guest
Re: Virtumonde's latest trick!
« Reply #17 on: January 04, 2008, 11:12:34 PM »
Hi SasH,

Well make back ups, maybe have a virtual 2GB online encrypted, and the next time it is flush and install anew, but I agree with you it is one of the nastiest experiences you can get. It turned me into a malware fighter until the end of my days,

Damian

Hello old Pol !  ;D

What did you mean by "make backups", were you referring in general or where you saying to Sasha that HE should make backups ?

You checked out IDrive yet ? U like ? I love it !  ;D

P.S: Thanks again Tech for letting me us know about IDrive !

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Virtumonde's latest trick!
« Reply #18 on: January 05, 2008, 01:15:03 AM »
P.S: Thanks again Tech for letting me us know about IDrive !
Yeah... www.idrive.com
12Gb of storage if you share at least with 5 other friends ;)
The best things in life are free.

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6957
Re: Virtumonde's latest trick!
« Reply #19 on: January 05, 2008, 01:18:56 AM »
SasH,do you have any idea how you became infected ? Do you use P2P,( or similar downloading ) or do you think it was by visiting a bad site/opening email/ clicking on link,etc. I do nearly all my surfing/emaiing  using Sandboxie,I haven't as yet,recovered anything from sandboxes,but, as far as just purely using the net to 'look' ,open email attatchments, clicking links etc, I feel quite safe.When I'm done I simply empty the box,and any nasties with it.Also, if you click on an email link while using sandboxie,it opens your browser sandbxed,or if you view a video while surfing,it opens your media player sandboxed,etc,etc.

To tell you the truth, I have no idea. P2P is a strange word when it comes to my computer. I used to use Azureus but that was 2 years ago. Since then no P2P program is installed on my machine. I simply don't need them. I use uTorrent, but what I was downloading is Linux distros from developers' site, so possibility to download something like that is equal to none.

Even though I don't use P2P, my avast! P2P provider is always active... same with chat programs. I don't do any file transfer when it comes to chat apps.

I really have no clue what was going on... Also, I don't visit any nasty websites... if Site Advisor says it is "green" I am in, if it's not I simply never open that link...
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6957
Re: Virtumonde's latest trick!
« Reply #20 on: January 05, 2008, 01:21:16 AM »
P.S: Thanks again Tech for letting me us know about IDrive !
Yeah... www.idrive.com
12Gb of storage if you share at least with 5 other friends ;)

Free - but not quite enough. My system backups are usually around 13-15 Gb, and that's just partition C: with OS installed and program files. Also, even when encripted, I am not fund of leaving my files somewhere "in the wild".
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

Offline polonus

  • Avast Ɯberevangelist
  • Probably Bot
  • *****
  • Posts: 33440
  • malware fighter
Re: Virtumonde's latest trick!
« Reply #21 on: January 05, 2008, 01:21:37 AM »
Hi Miha,

Why are you always guessing what I think about? Yes that was what I was thinking about. He has too many valuable things on his computer to loose that because of a compromised computer.
The "total recall" thing should not be out of the ordinairy, and your thought is the best option in the case of hardware trouble, you know better than me what the life-span of a hard disk is/could be, what dust can do to a motherboard, and that a normal "nagrywarka" (dvd-burner) does not live longer than 250 !! burning-hours? Heh, it is not a lightbulb, but this hardware comes closest. Did you know that? Shocking information for some. So your critical items locked online, not a bad thought, I have my codes online at a share site of 2 GB, and you have to renew by going there every month.

And for SasH, go to wikipedia and do a read-up on vundo and the Internet glitch, you can get this doing nothing at all just hanging on the Internet through a router will do it in time! M$ would say that it was a feature...

pol
« Last Edit: January 05, 2008, 01:26:01 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Hard_ROCKER

  • Guest
Re: Virtumonde's latest trick!
« Reply #22 on: January 05, 2008, 01:46:52 AM »
...
Why are you always guessing what I think about?
...

Well i have to guess because i do not understand your posts sometimes and i want to know what you meant, that's all ...

In this case it seemed like you were implying to Sash that he needs to backup, which is a strange comment since he explained already he is doing regular backups. Besides you and me both know he was making system images before you and me even heard the term system image so i just wanted to clear up what you meant. Did you mean A: Sash you need to backup ! or B: Everybody should back up ! I hope you understand what i am trying to say, your post could be interpreted either way .


Offline polonus

  • Avast Ɯberevangelist
  • Probably Bot
  • *****
  • Posts: 33440
  • malware fighter
Re: Virtumonde's latest trick!
« Reply #23 on: January 05, 2008, 01:57:40 AM »
Hi Miha,

No I mean as I say that an oline image of what we have is a blessing for all that suddenly run into a big hardware calamity to recover data easily and at a low(er) cost. I could have guessed that Sasha thought of this before all of us. Another thing is that I experienced what it was to have to copy your windows data burning from knoppix because the data could not be attained in any other way (no valid allocation and other major trouble), using the alternating arrows and F8's to change from a compromised Windows into a Linux for recovery is no pleasure, I can tell you, it brought me here,

Damian
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Hard_ROCKER

  • Guest
Re: Virtumonde's latest trick!
« Reply #24 on: January 05, 2008, 02:22:49 AM »
Free - but not quite enough. My system backups are usually around 13-15 Gb, and that's just partition C: with OS installed and program files. Also, even when encripted, I am not fund of leaving my files somewhere "in the wild".

Hello buddy !

It's meant more for file/folder backups, and not system images altough you could store those aswell that's of course if they fit. But you could get a payed account with 50gb storage, 12gb is enough for my needs. I only backup my documents and certain sensitive files with IDrive though. All of that is only 1gb so the size isn't an issue for me. As for system images i have the latest always stored on my second hdd and the older ones i store on my linux rig.

cgpmaster

  • Guest
Re: Virtumonde's latest trick!
« Reply #25 on: January 05, 2008, 05:06:39 AM »
lol where can i download this Virtumonde's ?

I want to destroy this computer (NOT IN MY SIGNATURE)

Offline YLAP

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2119
Re: Virtumonde's latest trick!
« Reply #26 on: January 05, 2008, 10:32:14 AM »
I just wonder where my antivirus was when this hit my computer.
Siting silently in the system tray ;D
Better, swirling ;D

 ;D It's funny, but it scares me. I'm already afraid to surf the net  :( going only to sites I check everyday...

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6957
Re: Virtumonde's latest trick!
« Reply #27 on: January 05, 2008, 04:55:55 PM »
lol where can i download this Virtumonde's ?

I want to destroy this computer (NOT IN MY SIGNATURE)

Destroy which computer ? We are here to help people recover their computers and ask for help when needed... certainly not to destroy anything.

Not quite for LOL in my opinion  :P

These forums are here to help people having problems with viruses, stop spreading of above mentioned or if it's already kind of late, trying to clean them... and asking to download some virus is not appropriate, especially in forums like this one. I hope it was just a joke.
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s