Woke up this morning to AVG flashing messages telling me that multiple files in the system32 folder were infected (and that it didn't know how to fix them). Fixed that (eventually) by deleting the DLLs and then manually unpacking them from their source CDs, AVG now reports the whole machine is clean. However, it really made me wonder how said virii got onto the machine.
As I've mentioned before, I saw a weird ping coming from the firewall (an SMC Barricade 7004ABR, if it matters to anyone) to Sandra's machine as I was setting it up. That made me suspicious that the router/firewall was compromised. The virii showing up on my machine this morning had me pretty sure.
So, I set about trying to reset and then flash the bios for the silly little thing. Problem is, the only (documented) way I can find to flash the bios is via the web interface, which complains about every upgrade file I have, both known-good ones and ones just downloaded from SMC. That would be consistent with a virus or hacker infecting the firewall and blocking any attempts to remove it, and it's pretty much convinced me the firewall is compromised.
Long story short, I've got a firewall I can't trust :( , and should probably re-install the whole operating system on the workstation to be sure there's no sleeper virii or root-kits hanging around. Worse, I've already lost 5 hours of work to this stupidity (if I have to reinstall there's another 30 or 40 hours of work lost).
If I had decent support for the tablet and PVR cards in Linux I'd be out of here like a shot. Speaking of shooting and virus writers...
Pingbacks are closed.