Computer.How did I get 84 rootkits this morning?

[jon gaper]

I had actually run a full Malwarebytes scan during the night.This morning I only went to the same 10 websites as usual.I downloaded 2 items from vimeo,scanned them ,and they were clean. While browsing craigslist , portions of the screen started disappearing,and other things were not acting properly, like the browser or full system was going to crash.So I ran a full Avast scan and it turned up 84 rootkits in windows XP.Then ran in again as a boot time scan and it is clean. What happened?

[stuckathuntermtn]

Your virus protection isn't working, that's what happened. Don't use IE. Get an ad blocker extension for your browser. Replace Malware Bytes with SpyBot and run immunizations. Don't install the TeaTimer portion, though.

I thought Avast was ok, but maybe not. Consider replacing it with AVG, or something by Kasperski or CA.

Sent from my cell phone. no, a cell phone.

[TomCrac]

What do you recommend instead of IE?

[DJSapp]

Anything is better than IE. Chrome, Firefox, etc.

[RShea]

Is your java and flash player both updated and using the latest versions? If not then I'd bet you may have been infected by visiting a web site that uses it and is infected.

[cegli]

Most of the time if you mysterious got a virus and didn't download and run anything suspicious it is due to:

-Running an outdated browser
-Java not being updated
-Flash not being updated
-Windows updates not being updated.
-Very occasionally Adobe Reader not being updated (you wouldn't think a .pdf reader would have security problems, but Adobe somehow managed to make it happen)

Those five things are the things you should always update. Here's how the malware life cycle works:

1. Security Researchers discover "0-Day" exploit in Windows/Flash/Java/Browser. This means that they found a way to execute malicious code on your computer, without you having to even click anything.

2. They tell Microsoft/Oracle/Adobe to fix it.

3. The company fixes it and issues an update.

4. 2 months later a malware writer after reading over the security researcher's documentation on the bug figures out how to exploit it.

5. Everyone who didn't update gets hit with the exploit.


tldr; update your shit.

[systemoverblow'd]

[jon gaper]

Most of the time if you mysterious got a virus and didn't download and run anything suspicious it is due to:

-Running an outdated browser
-Java not being updated
-Flash not being updated
-Windows updates not being updated.
-Very occasionally Adobe Reader not being updated (you wouldn't think a .pdf reader would have security problems, but Adobe somehow managed to make it happen)

Those five things are the things you should always update. Here's how the malware life cycle works:

1. Security Researchers discover "0-Day" exploit in Windows/Flash/Java/Browser. This means that they found a way to execute malicious code on your computer, without you having to even click anything.

2. They tell Microsoft/Oracle/Adobe to fix it.

3. The company fixes it and issues an update.

4. 2 months later a malware writer after reading over the security researcher's documentation on the bug figures out how to exploit it.

5. Everyone who didn't update gets hit with the exploit.


tldr; update you shit.

I never use IE.
This was firefox up to date.
And all the plugins up to date.
Java,Adobe,Flash,and windows all updated.
I use avast all the time,but use Malwarebytes occasionally as an extra.Also used iobit anti-malware.
This happened during one hour this am with 5 news sites that I always use,and a few other regulars like this one.

I am still quite puzzled...............but I am really glad it recovered.
But 84 rootkits at once? crazy

[RShea]

Security Check by screen317 can be downloaded here: http://screen317.spywareinfoforum.org/and then run on the system to report if any versions of software are out of date and a security risk.

[MontuckyFried]

...So I ran a full Avast scan and it turned up 84 rootkits in windows XP...

Well, there's your problem, mister.