Author Topic: 32.Trojan.Downloader did me in (Read 334 times)

Balsy · « **on:** April 28, 2006, 05:51:19 AM »

Well turned on the ole PC yesterday morning and after it fired up I heard the occasional HD hit, and checked, and sure enough it was hitting the internet. Checked Norton, it had detected the virus, ran spyware, adaware etc.. in Both Safe and regulare modes, each time I came back to normal mode, same deal, internet hits and more viruses...Tried to update Norton... wouldnt let me do it.

Tried to do windows update, but IE wouldnt let me get there, downloaded Netscape, went to windows update (can only use windows update with IE thanks Bill G)...tried to manually download updates, but whe I tried to install them said something about the cryptographic service not running (it was), so I couldnt install. Tried to download IE 7 beta, wouldnt let me install. Ran windows stupid "defender" thing, all it did was force a reboot immediately upon boot up, cuz it detected the virus.

6 hours later, pulled the plug, saved favorites, AH setting, TIR Profile. Went into the RAID utilitiy and cleared the whole thing out.

Never had a virus like this I couldnt get rid of with a little work. This was a Ball buster.

Balsy

Geeb 2 · « **Reply #1 on:** April 28, 2006, 08:16:37 AM »

Ouch that Hurts:( Personaly I think the ones who write that crap should be forced to copy the encyclopedia britanica on one of them old timex comps.

Mustaine · « **Reply #2 on:** April 28, 2006, 08:56:48 AM »

did you try hijack this to stop the virus from running in the background before you tried to nuke it?

Brenjen · « **Reply #3 on:** April 28, 2006, 09:22:17 AM »

Scap Norton & all those others....Buy yourself a copy of NOD32 by ESET & you'll thank me later.

Auger · « **Reply #4 on:** April 28, 2006, 02:07:04 PM »

This is my Unix bias coming through.

Never, ever, use Internet Explorer on a web site that you do not control. It has too many hooks into the OS to "enhance the user's web experience". These hooks have the unintended result of allowing pretty much anyone with malicious intent to compromise your computer if you happen to browse the wrong web site.

The number of sites that allow cross site scripting and uploading of trojaned graphics is too big to put your trust in IE. Netscape and Firefox have their own set of issues, but they are several magnitudes better than IE. Firefox with the NoScript extension shuts down just about all malicious scripting.

If you absolutely have to use IE, set the Internet Zone security to High, then go in and disable everything that isn't already disabled. And do yourself a favor and set up a user account that does not have administrator or power user privileges. Pretty much all of the malware out there needs rights to write to the system folder and to modify the registry so that it starts after a reboot. Plain users cannot write to the system folder or change the registry, which shuts down the malware.

TequilaChaser · « **Reply #5 on:** April 28, 2006, 04:12:19 PM »

Quote

Originally posted by Auger
And do yourself a favor and set up a user account that does not have administrator or power user privileges. Pretty much all of the malware out there needs rights to write to the system folder and to modify the registry so that it starts after a reboot. Plain users cannot write to the system folder or change the registry, which shuts down the malware.

just in case anyone missed it in regular print

Balsy · « **Reply #6 on:** April 29, 2006, 07:41:21 AM »

I didnt do any of the above, but after I found out this thing downloads more and more virus's I figured best to reformat.

On the good news front, AH runs the BALLS now.

I get a pegged 85 FPS in Small PAC with all 3 sliders 95% to the left. 1600x1200, 512 tex loaded to ram.

New nvidia drivers.
New directx.
and a clean install.

Balsy

Roscoroo · « **Reply #7 on:** April 29, 2006, 11:47:38 AM »

(wispers) ...... Firefox