Virus

Dann757 · By: **Dann757** On: Sun Mar 15, 2009 8:20 pm

I clicked on a Harry Potter movie clip last night and knew right away I made a mistake. I saw an .exe flash by and seconds later I had viscious malware pop ups. I tried to run Malwarebytes free anti malware, but it didn't do the trick. I tried to have XP repair itself and eventually got my desktop back. I installed service pack2 which I have on cd, hoping it would help, and got my desktop back with no icons. I tried Norton recovery disc which was useless since I had no recovery points established. I got to a command prompt and found an .exe file in dir:C. It was dated yesterday so I deleted it. Then after service pack 2 installed I lost my usb keyboard and mouse. I couldn't type in my password. I gave up, started in again today and put a ps2 keyboard and mouse in. I got the desktop back and was able to back up a few needed files to cd. I took service pack 3 off Microsoft website which took a couple tries to download. Things seem to be working again.
That really sucked. I think it's called a trojan rogue virus?

009to090 · By: **009to090** On: Sun Mar 15, 2009 8:30 pm

HOLY Crud!!! That is scarey! How come Norton did not find it before it executed? At least Trend Micro gives me a warning, before I open anything malicious.

Westy · By: **Westy** On: Sun Mar 15, 2009 10:52 pm

I use Eset's NOD 32 it's saved me a few times in the last few years. Unlike Norton, it doesn't slow your system down, even while doing a scan in the background.

Richard S. · By: **Richard S.** On: Mon Mar 16, 2009 1:14 am

Why would you run a .exe from an unknown source? If you haven't already done so make sure file extensions are viewable,

Control Panel :arrow:

Folder Options :arrow:

View tab ... Under "Hidden files and folders" make sure "hide extensions for known file types" is unchecked.

For the record movie and image files are data files and the chance of getting a virus from them are about none. Generally speaking they are never packaged as .exe's but it's certainly possible. There's only one exploit for actually image files that I'm aware of and that was patched years ago. It pertained to the exif data where malicious code could be injected and it effected a lot of software other than windows.

CapeCoaler · By: **CapeCoaler** On: Mon Mar 16, 2009 9:44 am

The human factor...
Social engineering...
If you click it you can override any protection.
Hence the harry potter movie...
gotta see it...
oops...

Dann757 · By: **Dann757** On: Mon Mar 16, 2009 11:35 am

Richard S. wrote:Why would you run a .exe from an unknown source?

I thought I was clicking on a play button on a movie clip.
I got AVG free yesterday and it removed two infections:

Trojan horse SHeur2.WAI

Trojan horse Generic13.AZR

djackman · By: **djackman** On: Mon Mar 16, 2009 1:02 pm

DVC500_at_last wrote:HOLY Crud!!! That is scarey! How come Norton did not find it before it executed?

The only thing Norton/Symantec is good at detecting is when their license is up for renewal.

CapeCoaler · By: **CapeCoaler** On: Mon Mar 16, 2009 3:49 pm

Run 'combofix' in safe mode.
How to here...download at the bottom
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Virus

Virus

Re: Virus

Re: Virus

Re: Virus

Re: Virus

Re: Virus

Re: Virus

Re: Virus