My computer has a virus!

[Cheka Man]

The Winshow Virus, a Trojan. How do I get rid of it? And what is the best antivirus & firewall to stop it coming back? ZoneAlarm? something else? Help!!!

[Dozus]

Oh noes!    I found this link, perhaps it can help you.  I've never heard of the virus itself, so I couldn't tell you what would work to prevent further attacks.  I personally use A² and Avast!, and have never suffered any infestations.  Good luck!

[Cheka Man]

My computer has now been cleaned of the virus, has new protection, and has had it's fans cleaned out as dust was making the computer shut down.

[Chaosmark]

Now you just need to get rid of the AOL and move to a slightly less insane IP.

[dark_dragon]

In the words of Our BDFL "Reformat. Reinstall windows."

[Ancient Gamer]

Skilled hackers can install root kits on your drivers, which would remain even after a complete format and reinstall. In short: If the wrong person (meaning a really good hacker) wants into your PC, you cannot hope to stop him. But you can make it hard and try to convince them to find an easier mark.

Of course, if you get infected by the skilled guys you will never notice them in the first place.

Hehe, I once installed a root kit removal tool. As it turned out the tool was an actual root kit itself. 0_o

[Strolen]

Trojans suck! I use Comodo Firewall and AVG since they are both free. I keep my system in such a state that it only takes me about 3 hours for a full restore. Plus, I use "Windows XP Ultimate Edition by Johnny" so it probably comes preinstalled with a ton of virus and trojan goodies....I simply don't care.

Moved to unbuntu a few days ago and this time it is simply gorgeous, easy to update, has everything I need except easy DVD ripping and photoshop so left the dual boot. I am moving to unbuntu as my primary system!

[valadaar]

Using a router will also help a little.  At least its worked for me thus far...

[dark_dragon]

Skilled hackers can install root kits on your drivers, which would remain even after a complete format and reinstall.

Nope. Formatting a drive shouldn't leave anything behind. Not formatting the partition, mind you, but the drive itself. MBR and all.

No drivers, no MBR, no operating system, just zeros on the HD. Ergo no rootkit.

I guess that you might not call that a formatting. You're probably right. It's what I call formatting a drive. As you would if you were selling it on ebay, say.

WARNING: THE FOLLOWING WILL IRRETRIEVABLY ERASE ALL DATA ON YOUR HARD DRIVE

Derik's boot and nuke will do it: http://www.dban.org/, or if you feel a little more adventurous,  boot http://gparted.sourceforge.net/ and run 'dd if=/dev/urandom of=/dev/sda; dd if=/dev/zero of=/dev/sda' in the shell. (or whatever is appropriate instead of /dev/sda)

Both will nuke anything on your hard drive. Data recovery now pretty much requires an atomic force microscope.

To clear only the MBR do 'dd if=/dev/zero of=/dev/hda bs=512 count=1'

As for installing a virus in the BIOS: it is nigh on impossible. Virii can clear the flash, corrupt it, but to actually 'infect' the BIOS would be a very difficult task. Usually, you'll be able to reflash to a manufacturer's BIOS. (Having recently suffered from a corrupted BIOS, I know it is possible to get your mobo back. In a desperate case, you can always re-order BIOS chip.)

I mean, it is possible, but my (black)hat off to anybody who can do it successfully in-the-wild. You'd have to be exceptional.

if you're interested in how it is possible:
https://www.blackhat.com/presentations/bh-federal-06/BH-Fed-06-Heasman.pdf

[Ancient Gamer]

Peripheral devices have their own storage dark_dragon. Sorry, but you are wrong.

Not just the BIOS, but other peripherals as well. They have software, they can be written to. Read Hoglund and Butler's "Rootkits" book, okay?

[dark_dragon]

Peripheral devices have their own storage dark_dragon. Sorry, but you are wrong.

Not just the BIOS, but other peripherals as well. They have software, they can be written to. Read Hoglund and Butler's "Rootkits" book, okay?

Ok, I think I see what you mean.

Something like this?

Firmware rootkits et al. Theoretically, you could even have a virus in your laptop's battery that would make your machine overheat dangerously. (Mind you, sony's batteries don't need a virus to explode)

However, I remain extremely sceptical. They're at the proof of concept stage in security labs. To have such a beast running around in a home computer would be... extremely surprising.

I would give good money if you could show me a virulent firmware virus/rootkit. In fact, I expect that the first exploits of this kind will be sold for very significant sums. The development costs would be insane compared to the usual "click here for more pron" approach. It would take a concentrated effort from some very skilled hackers. The crazy firmware diversity is one thing too. There would be no One OS to bind them here. Your Exploit would have to run on a particular chip of a particular manufacturer which is installed in a subset of a particular device. You'd have to circumvent firmware authentication (which requires intimate knowledge of the particular chip you're working with, knowledge not exactly easy to come by.). Then you'd have to know the system features inside out to do anything at all besides corrupting the firmware. Hell, lots of genuine firmware update fail (I am a case in point.). Those are updates using the manufacturer's own tools, rather than reverse engineered ones too. And you would have to get system-level access in the first place (compared to the rest this seems easy.).

It would be masochistically hard to do. Especially if to do all this you've already gained complete access.

I expect that the kind of people capable of writing virulent firmware rootkits are not going to want to get family pics from a home pc. They'd be running targeted attacks against hardened targets with specific goals in mind. Getting credit card details would be trivial if you can do all this.

[Ancient Gamer]

Hoglund and Butler were among the extreme elite of their kind, so I tend to agree. This is not your garden variety hackers we are talking about. I was talking about the best.

The hackers you usually encounter install malicious apps to access your banking accounts, financial systems, or just to abuse your system for their own sinister purposes. Besides, most users are clueless about the presence of a rootkit or trojan unless their anti-virus tells them otherwise, and some have no or outdated anti-virus.

My point was that it is possible, your point is that such rootkits are rare (ok, you phrased it differently).

But believe me, rootkits can be installed wherever there is software, and wherever there is a CPU software can be run.

And no, I will not show you example code. But you could visit rootkit dot com if you are interested in learning.

I hope that didn't come across as patronizing or arrogant. Internet communication can be difficult, with the absence of body language and all (not to mention communicating across cultural boundaries).

I just wanted to tell you the future is here, and it is mean.