Re: MT CHAT - Anyone know what happened?

On Tue, 28 Jul 2009 12:13:00 -0500, "Anne V" <avez64@xxxxxxxxxxxxxxx>
wrote:


"Doug Jones" <norbrookc@xxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:jb2u659se24ktjvlunej5eenrrsctfnevi@xxxxxxxxxx
| It's a trojan bot that's been around on a number of websites - I
| removed it from a couple of other computers for people. Spybot S&D
| and Ad-Aware catch it, but you need to manually remove the programs
| it's running. It gets in through a security hole in Internet
| Explorer. The quickest option to removal is to boot to safe mode, run
| your removal program (the trojan is Virtumonde), search/delete the
| actual programs (b.exe, etc.) run a System Restore from a date when
| the computer was clean, then update any patches needed.
|
| Doug Jones

That might've worked--if my computer would have booted up. By the time the
danged thing was done, all I could get was the blue screen of death, no safe
mode no nothing. Before the computer went completely down, Ad-Aware said at
least part of the trojan was in the system restore files, so I'm not sure
even a restore would have helped.

Anne

There are multiple system restore points. For future reference, it's
always a good idea to save one that you *know* is clean, and restore
from that one. It's one of the more useful tools in the MS arsenal,
unfortunately a necessary one.

I also don't recommend using IE exclusively - I use Firefox with the
IE Tab add-on, which enables me to run IE "natively" in Firefox. If I
have to use IE, I only use it on specific work sites where I'm
required to use it. Otherwise, I just use Firefox. Chrome is another
option, as is Opera.

Finally, I wouldn't recommend relying on just one protection - I use
AVG, but also Ad-Aware, with Spybot as my backup, plus some other
tools to keep an eye on things. That way, if something *did* happen
I'd see it before it does much real damage. Which is what happened
with one of the computers I had to fix. Ad-Aware wouldn't update,
which triggered my alarms, and Spybot found it.
.

Relevant Pages

  • Re: GONE! Trojan Horse Downloader.agent.2.BK
    ... I think the trojan is gone! ... disabled system restore according to the instructions, ... Lo and behold, AVG ... >updated antivirus, in safe mode if you want, you ...
    (microsoft.public.security.virus)
  • Re: Torjan and Virus
    ... But how do I know if its in that one folder? ... So If I do a disk cleanup on system restore, will it just get rid of that ... > A trojan is a specific type of virus - a program that pretends to be ... If you want to speed up this process use Disk Cleanup on the ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: Danger warning! to the public and note to Databaseben
    ... you were correct about the Norton and McAffee virus scans. ... I did run another Ad-Aware SE full scan last night, and it did not find any ... more traces of a Trojan Horse. ... You mentioned that the trojan downloader was quarantined, so do ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: Danger warning! to the public and note to Databaseben
    ... more traces of a Trojan Horse. ... a trojan horse in the first place, but a trojan downloader, which can download its ... I can't tell because it is now in quarantine and you ... by Ad-Aware and other apps. ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: Problem with winlohonhook trojan!!
    ... I had aproblem with this trojan winlogonhook on my computer. ... I have the windows XP home eddition instaled on my comp. ... getting reinfested because you failed to flush System Restore. ... We need to know _where_ your antimalware product finds the malware, ...
    (alt.comp.anti-virus)
Loading