Posted: Sep 30, 2012 6:44 am
Ironclad wrote:So far so good, Nora. Computer seems to be back to normal, for now. Honestly, I have rebooted this thing zillions of times & had to turn it off by hold the power button down far too many times also.
I was surfing by phone and attempting to Mod by tablet, not easy when I need to cut/paste so heavily.
Byofrcs has a report to chew over, to my untrained eye it looks like a pile of adware (from movies i've DLed) but nothing to evil, but also four viruses & one exploit (whatever that means).
Byofrcs may overrule me, and do stick with your successful practice of listening to him and him alone here - but you do want a firewall in addition to a scanner/realtime av like Avira. I like Comodo firewall with Avira on XP, V, 7, although the built-in Windows firewall is a very good and quite capable of doing just about whatever you want to do with a packet filter.
A firewall would likely not have helped anyone in this case. It's just bad when a site gets pwnd and sends malware right down Port 80 or rebinds DNS to resolve a good site to a bad IP.
I remember Gumblar. A Trojan worm that laid a rootkit of about 30 lines of heavily-obfuscated javascript that would run as a service, listening for instructions from Russian Business Network-hosted servers to slowly and steathily assemble itself.
Over time, it could become a full RAT, echoing keyboards and displays over multiplexed encrypted tunnels. Control for the botnet of infested computers was through IRC. The botnet master had his net segmented vertically and horizontally. Probably so he could sell it in pieces or close off hatches when it got hot.
It was a nasty little fucker. I doubt the diabolical VXsonofabitch who coded it is still breathing though. Dangerous business that. At that scale especially. The stuff of novels.