Virus

Post Reply
 
Dann757
Member
Posts: 3363
Joined: Sat. Sep. 06, 2008 9:10 am

Post by Dann757 » Sun. Mar. 15, 2009 8:20 pm

I clicked on a Harry Potter movie clip last night and knew right away I made a mistake. I saw an .exe flash by and seconds later I had viscious malware pop ups. I tried to run Malwarebytes free anti malware, but it didn't do the trick. I tried to have XP repair itself and eventually got my desktop back. I installed service pack2 which I have on cd, hoping it would help, and got my desktop back with no icons. I tried Norton recovery disc which was useless since I had no recovery points established. I got to a command prompt and found an .exe file in dir:C. It was dated yesterday so I deleted it. Then after service pack 2 installed I lost my usb keyboard and mouse. I couldn't type in my password. I gave up, started in again today and put a ps2 keyboard and mouse in. I got the desktop back and was able to back up a few needed files to cd. I took service pack 3 off Microsoft website which took a couple tries to download. Things seem to be working again.
That really sucked. I think it's called a trojan rogue virus?

 
User avatar
009to090
Member
Posts: 5104
Joined: Fri. Jan. 30, 2009 10:02 am
Location: Live Oak, FL

Post by 009to090 » Sun. Mar. 15, 2009 8:30 pm

HOLY Crud!!! That is scarey! How come Norton did not find it before it executed? At least Trend Micro gives me a warning, before I open anything malicious.

 
User avatar
Westy
Member
Posts: 35
Joined: Tue. Sep. 30, 2008 5:47 pm
Location: Ontario,Canada

Post by Westy » Sun. Mar. 15, 2009 10:52 pm

I use Eset's NOD 32 it's saved me a few times in the last few years. Unlike Norton, it doesn't slow your system down, even while doing a scan in the background.


 
User avatar
Richard S.
Mayor
Posts: 15184
Joined: Fri. Oct. 01, 2004 8:35 pm
Location: NEPA
Stoker Coal Boiler: Van Wert VA1200
Coal Size/Type: Buckwheat/Anthracite

Post by Richard S. » Mon. Mar. 16, 2009 1:14 am

Why would you run a .exe from an unknown source? If you haven't already done so make sure file extensions are viewable,

Control Panel :arrow: Folder Options :arrow: View tab ... Under "Hidden files and folders" make sure "hide extensions for known file types" is unchecked.

For the record movie and image files are data files and the chance of getting a virus from them are about none. Generally speaking they are never packaged as .exe's but it's certainly possible. There's only one exploit for actually image files that I'm aware of and that was patched years ago. It pertained to the exif data where malicious code could be injected and it effected a lot of software other than windows.

 
CapeCoaler
Member
Posts: 6515
Joined: Sun. Feb. 10, 2008 3:48 pm
Location: Cape Cod, MA
Stoker Coal Boiler: want AA130
Hand Fed Coal Stove: DS Machine BS#4, Harman MKII, Hitzer 503,...
Coal Size/Type: Pea/Nut/Stove

Post by CapeCoaler » Mon. Mar. 16, 2009 9:44 am

The human factor...
Social engineering...
If you click it you can override any protection.
Hence the harry potter movie...
gotta see it...
oops...

 
Dann757
Member
Posts: 3363
Joined: Sat. Sep. 06, 2008 9:10 am

Post by Dann757 » Mon. Mar. 16, 2009 11:35 am

Richard S. wrote:Why would you run a .exe from an unknown source?
I thought I was clicking on a play button on a movie clip.
I got AVG free yesterday and it removed two infections:

Trojan horse SHeur2.WAI

Trojan horse Generic13.AZR


 
djackman
Member
Posts: 381
Joined: Sat. Jan. 19, 2008 12:01 am
Location: Long Island, NY

Post by djackman » Mon. Mar. 16, 2009 1:02 pm

DVC500_at_last wrote:HOLY Crud!!! That is scarey! How come Norton did not find it before it executed?
The only thing Norton/Symantec is good at detecting is when their license is up for renewal.

 
CapeCoaler
Member
Posts: 6515
Joined: Sun. Feb. 10, 2008 3:48 pm
Location: Cape Cod, MA
Stoker Coal Boiler: want AA130
Hand Fed Coal Stove: DS Machine BS#4, Harman MKII, Hitzer 503,...
Coal Size/Type: Pea/Nut/Stove

Post by CapeCoaler » Mon. Mar. 16, 2009 3:49 pm

Run 'combofix' in safe mode.
How to here...download at the bottom
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post Reply

Return to “Technology”