Down for at least 36 hours

| 1 Comment

Yesterday I noticed some things weren't as usual on one of my computers. The machine was throwing errors when trying to launch IE - which I rarely do anyway - and I suspected something was amiss : and right I was. A couple of scans and checks later, it seems it has become compromised by something referred to as "torpig".

It certainly is a pig as I have not yet managed to remove it. I am glad however that even though one machine has become infected, my defense in depth techniques have safeguarded all the other machines in the network.

I've been working on it for a couple of minutes just now, but I need to head off to bed and get some sleep coz tomorrow it's gonna be another long day. Thursday I'll be picking the system apart to see if I can clean the box while maintaining data integrity, and if that's not the case I'll take the only course of action possible : format and complete reinstall. Something I'm definitely not looking forward to, though on the other hand I can't keep on working on an infected machine either. Anyway, it's shut down and disconnected from the network as well as from the internet while I gather information about my little unwanted guest.

It certainly is a setback as I was hoping to get other things done on Thursday, but this has just become my new priority task. I can't afford to loose my main machine to some crappy trojan/spyware program.

The best thing about this all is that I can be almost certain the infection occurred less than 24 hours ago, which leaves the window of opportunity for an external entity to really snoop around on my machine rather short.

Consider this a very serious notice that if you happen to receive a mail from me that looks weird - well, more weird than is usually the case - or that you didn't ask for, it should be deleted, shredded and evaporated without opening it. At least till I post here that everything is at status green again.

1 Comment

good luck in getting rid of that pig!
I've had to reinstall my pc a couple of weeks ago too. it had gotten reeeaaaalllyyyy slow (even though none of the spyware, adware, virus scans found anything suspicious... strange things do happen)

Leave a comment

Monthly Archives

Pages

OpenID accepted here Learn more about OpenID
Powered by Movable Type 5.13-en

About this Entry

This page contains a single entry by ServMe published on July 10, 2007 11:59 PM.

Flimsy was the previous entry in this blog.

Looking better is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.