Drive-by downloads
I consider myself a fairly computer savvy user. I block ads via my hosts-file, I don't click on untrusted links, i don't run flash except by whitelist, I don't click on punch the monkey. I've never had any viruses, never been infected with any trojans. Until today. Today, I got the "AntiVirus 2010" virus. It's a variation of the other similar viruses that circulated in 2009 and 2008. It basically shows fake virus alerts, prompting you to buy the full version to clean all the fake viruses off your system. Obviously, the only virus, is "AntiVirus 2010".
I was very surprised to get this virus, as I'm a firefox user. I always keep both my windows installation and my firefox installation up to date. I thought I was immune to this crap. I was wrong. I got it by means of a drive-by download. I was visiting fairly innocuous sites, looking at some pictures, and them BAM, out of nowhere, this thing is already downloaded and installed on my machine. There are .exe files everywhere, and it lives in my system tray. I never saw a dialog box or anything.
Perhaps it's my own fault, for not running any anti-virus, but quite frankly, most anti-virus solutions are total fucking resource hogs, and since they are only actually useful in extremely rare cases, they are a total waste of money and cpu cycles (hey, run-on sentence, what the hell, man?).
So I ask you now, what can I do to prevent this shit? Obviously the bad guys are getting smarter and the good guys have their hands full. Clearly being up-to-date is not sufficient anymore. I've installed no-script, but last time I did, I got so frustrated with how bad the internet worked, that I simply disabled it. I guess we'll see how long it lasts this time.
I was very surprised to get this virus, as I'm a firefox user. I always keep both my windows installation and my firefox installation up to date. I thought I was immune to this crap. I was wrong. I got it by means of a drive-by download. I was visiting fairly innocuous sites, looking at some pictures, and them BAM, out of nowhere, this thing is already downloaded and installed on my machine. There are .exe files everywhere, and it lives in my system tray. I never saw a dialog box or anything.
Perhaps it's my own fault, for not running any anti-virus, but quite frankly, most anti-virus solutions are total fucking resource hogs, and since they are only actually useful in extremely rare cases, they are a total waste of money and cpu cycles (hey, run-on sentence, what the hell, man?).
So I ask you now, what can I do to prevent this shit? Obviously the bad guys are getting smarter and the good guys have their hands full. Clearly being up-to-date is not sufficient anymore. I've installed no-script, but last time I did, I got so frustrated with how bad the internet worked, that I simply disabled it. I guess we'll see how long it lasts this time.
Labels: anti virus, antivirus 2010, browser, drive-by downloads, firefox, internet, security, trojan, virus
posted by Markus at
10/11/2010 07:03:00 PM
4 Comments:
The solution to all your problems is always linux ;) c'mon everything you'll argue is missing can be run under wine.
Iv never had to bother with viruses etc for many years now, never goin back..
By
Kim ^^, at Thursday, December 30, 2010 at 8:06:00 AM GMT+1
After tried a lot of non-efficient antivirus software, i found a very intersting little piece of code. Combofix is able to track down and delete most of the trojans / backdoors / rootkits.
I was very surprised to see it find and delete the "Antivirus 2010" like a charm.
This is only a few Megs and do not require any install at all.
Take a look and give a search for combofix. I think you'll be happy ^^
By
Anonymous, at Monday, January 24, 2011 at 3:01:00 PM GMT+1
Kim: Linux will become a target soon enough... Anyway, it's not that I can't use Linux, it's just that there's no point. Linux does virtually nothing better than windows, and Linux lacks the polish that windows and mac os has. Linux is 80% of an OS to me. Client side, anyway. Server side is a different story.
By
Markus, at Tuesday, January 25, 2011 at 7:02:00 PM GMT+1
if you were fortunate enough to get rid of this virus without any major damage, i'd seriously consider running anti-virus at this point. a fantastic solution is microsoft security essentials which i've been running on multiple workstations and servers for some time now with great results. it uses very little resources and has great detection rates. best of all, it's free.
By
Anonymous, at Wednesday, December 28, 2011 at 11:59:00 PM GMT+1
Post a Comment
<< Home