Category: Geeks r Us
Hi folks,
for the first tiime since i've been on the net, or at least the first time after I'd gotten that stupid pretty park attachment, I got a virus, or at least a threat, that's what avg called it. I was downloading, or rather i was going to download a cd someone had sent to sendspace, and another link came up when i entered on sendspace. for anyone who doesn't know, sendspace is a file sharing service where you can download and upload files, music, audio books, old time radio, movies, and tv shows. I quickly closed the link that came up, after i got an instruction to click here to download an active x control. I did jump out of that page pretty quick, but avg came right up and said, threat detected. there was an ignore option, send to vault button, heal button. well i knew you don't ignore a virus warning, and not sure abouit the heal option, since someione who did a review of avg on acbradio said it was good at sniffing them out, but not so good at healing if yoiu already had the virus. I let it go in the vault, because i think i remember reading somewhere that that's a quaranteen, where the file or files stay separate from other files and can't harm anything. So I did a scan, and it said, trojan horse, and i was reading what i couild while it was scanning my hard drive. there seemed to be 6 bad files, 1.ani, da1.exe, da2.exe, da3.exe, and 2 files that said free mp3player, one a .exe file, the other a .rar file. after it got through, it said there were 7 files, and 7 files were healed successfully. I scanned it again, and it said no threats. after it got through scanning the second time, i went on VIPconduit, and talked to start button, who is reallky techie techie, i mean really tech savvy. and he said the best thing to do was restart my computer, because sometimes they try to come back again when you reboot, scan it again after reboioting, open adaware and check for spyware, delete the files out of the virus vault. so, I rebooted my pc, it started normally, but it put the files for the virus on my desktop. I'm sureit was probably the files associated withthe trojan horse, because for the longest time, including when i turned on the pc yesterday evening, i had 50items on my desktop, then after rebooting, I had 56, 3 of them i remembered avg identifying in the list, da1, da2, da3. there was also a file with a string of letters, something like brg-Gbr, and a few other letters i can't remember, and it had the extention, pinch.exe. there was the 1.ani file, and a add.php. isn't a php file some sort of script? I mean, if a file ends in .php, isn't it some sort of script file? AVG identified it as i.worm.drefir. has anyone ever heard of this thing? so anyway, I deleted those dirty files from my desktop, emptied the recycle bin, went in the avg virus vault, deleted the files from there, and did a scan of my hard drive again. w hile i was scanning, i was able to read where it said, you are fully protected, and all installed components are functioning correctly. so far my pc seems to be ok. when i pressed control o to open a web page, jaws was a litttle slow abouit reading the dialogue that comes up, type in a document or url and internet explorer will open it for you, but hopefully it had nothing to do with that. anyway, start button said it would be best if i never go to that site again where i got the virus, so i'm gun shy abouit going back to send space ever again, but is it always the site owner when you get a virus from a particular web site? it could just as easily be a hacker or virus writer who hacked in to th esite and put it there. I've never really heard of anyone catching a virus from a site that has no ads at all, but then I can't say for certain whether or not it's always the ads you get the virus from. oh, almost forgot, when it said trojan horse, it said, generic 3, which I assume has to do with how high or how low the threat is, but don't know if that means it's high or low, anyone know? take care all, and hope this doesn't happen to anyone else.
wonderwoman
Hi Wonderwoman. Unfortunately, SendSpace does have ads. I've seen them when trying to download a file. There are these ad frames within the download page that say something along the lines of "google ads." As for the virus you got from the site, I'm sorry to inform you that you're not the only one with the inconvenience. Quite a few people I know have been getting a trojan horse from that site, so best bet is to keep away from SendSpace till they can figure out how to get rid of that virus. I hope this helps.
thanks spanish could. i was on a couple email lists where they exchangefiles, and i was going to download a bg's cd when it hit. i had requested cd's by 2 artists, but after i got that, i panicked and unsubscribed from both lists before you could say virus. I told them i was going, i was like, i think you're all great, but can't take the risk anymore. one of the members sent me one of the cds i requested through another site, divshare.com. they say they're ad free, yet pop up blocker came up and blocked an ad just the same, and they did have some google ads that you have to scroll down to, and there is a link that says advertise on this site. well, they didn't say they were ad free, just no pop ups, so why then did pop up blocker come up and block an ad? pop up blocker seems to block ads pretty well as long as the ad comes in th esame window, but it it comes up in a separate window, and seems to be a link to another site, it wonnnn't block that. I did download the file, but you can bet i scanned it first with avg before doing so.the lady who had the bgs cd siad if she couldn't up load it that way she'd have to try another way, she said she had no problem wit it. I don't understand why i got it and some people didn't. i would think that if it's travelling around the site, every one who goes there would get it, but it seems to be random. and what's more, it's probably a brand new virus. thanks again,
wonderwoman
Viruses were the first computer bugs, and anti-virus (AV) software was made specifically to detect and get rid of these. Worms are a little different than viruses, which is one reason why AV software has a harder time catching them. Finally came trojan horses, usually just called trojans. These are very different than both viruses and worms. They actually take advantage of the weaknesses that are inherent in AV software. For one, most trojans actually try to hide
from being detected by AV software. They also work "smarter" by creating hidden copies of themselves so that when they do get detected and cleaned, they can re-infect the computer with the hidden copy right after the AV software cleans the original infection. Basically, trojans are AV software's worst nightmare simply because AV software wasn't designed to specifically go after this type of threat. Today, AV software is much better at detecting all types of parasites than before but they will need to be redesigned and start using multiple methods if they are ever going to be effective against all parasites.
Tips.
It is recommended to turn off System Restore before you scan, and when you're done, turn it back on so you are still protected from standard computer problems. And remember to update, update, update.
IF you need more Tips you can send me a private message.
thanks buck, I got hit with another one, i don't know how i got this one, because i was on librivox, and i've been there lots of times and never got any virus at all. this was a different one, banker.exe i think, and avg said it healed 3files successfully. avg runs in the system tray lal the time. i was just downloading a classic bok of stories on librivox when avg popped up with another threat detected. I let it go in the virus vault where its suppose to be quaranteened, but later i'm going back in there and get it out of there. I shut the computer down and rebooted, scanned again, and it said no threats found. websites have been slow loading, and when i was listening to some tutorials on vip, winamp was so slow in coming up, it t imed out, but it did play when i hit the x key. I'm just concerned that the first trojan horse had time to slow my internet connection down or browser just before avg got it out. I wa playing anagrams earlier today, and it took 15 seconds each time to find the word, or check the word. things seem ok when the sites come up, but man they were slow. the zone seems a bit faster than it was earlier, but the slowness could have something to do with the hard wind we've been having for a couple of days, and our power was off yesterday for an hour. I'd rather it would be because of the wind than i had the trojan horse doing something to slow it down.
wonderwoman
trojans can't slow down your system once they are gone. maybe you would get system slow down when it was there, but not now.
rat, I don't think it was smy computer exactly, I think it was just web pages, but when i did things having nothing to do with ie or web pages, my computer responded as quick as it always does, it's just pages were taking longer to come up, so long that i thought i was bck on dial up again, except when anything with audio came up, winamp or whatever player i was using came up, it didn't stop to buffer, and i'm not breaking up in broad band chat rooms. it seems to be a bit better right now. hey buck, where is the option to turn off system restore? I found system restore easily enough under system tools, but there wasn't an option to turn it off. just restore my computer to an earlier date, and i think a place to type in a restore point, but no where to turn it off. I was looking for something that said system restore off or turn off system restore. i'm not use to going in to system restore.
wonderwoman
Hello wonderwoman. I like viruses especially with tender crispy chicken strips, hehegh, yummy!
Now follow these tips. Shall we?
For WindowsXP.
Move to my computer icon, and press alt+enter, the System Properties dialog box appears.
Now press ctrl+Tab (4times)now you will hear the System Restore tab.
Check "Turn off System Restore" or "Turn off System Restore on all drives."
Press Apply.
When turning off System Restore, the existing restore points will be deleted. press Yes to do this.
Press OK.
Carefully Look at Windows Add/Remove programs for suspicious programs.
Many of the spyware threats actually install into your system like a program. Many appear to be utilities that you may think are helpful but in reality aren't.
Look for add-an toolbars, while toolbars like those provided by Google, MSN, Yahoo and other are great utils, there are many more that aren't, and if in doubt check it out to see if ones you have are parasitic.
Remove all suspicious programs, if you are wrong, you may always re-install them later.
Run Disk Clean-Up.
You can find it by pressing the Start Button and then going to Programs/ Accessories / System Tools / Disk Clean-up.
I recommend selecting all of its options except the ones for Office Setup Files and Compress Old Files if
you have them. While you may select those if you wish, they aren't as important. This will clean up all of the temporary files so your testing will go faster, and may also delete any spyware that may hiding there if the spyware isn't already running.
Now Run The AVG Program.
All antivirus programs, including AVG, by default have their settings to only scan executable files in an attempt to speed up looking for infections.
While most of the time this is just fine, the newest threats that can infect your computer have started getting sneaky on how they hide their files making it easier for them to reinfect your system if your antivirus program detected and removed their executable file. To help also detect these "backup" files
that the infection leaves on your system, you should in my opinion, make a couple of changes to what your AVG scans from just executable files to all files.
To change AVG's settings, open AVG's Test Center.
Press the Tests menu then in both of the tests labeled Complete Test Settings and Selected Area Test Settings select Scan all Files and press the Ok button.
Now AVG will scan all of the files. This will take longer to complete, but I feel it is a small price to pay for the added security it provides.
If you found any parasites, you need to restart your computer so you can test everything again. There are times that after cleaning certain parasites, you will need to test again because something may have been hidden earlier by the infection.
So repeat this process of testing and restarting until you find no more parasites.
When you believe you are finished, remember to turn System Restore back on.
I recommend testing for parasites as often as you can, probably at least once a month if not more.
The sooner you catch them, the less damage they can do to your computer, and the less chance of a hacker finding your sensitive information such as checking account info, passwords, etc.
ok thanks buck, will do that. I've already done disc clean up the other day, but i guess it wouldn't hurt to do it again.thanks
wonderwoman
again
Your welcome!
well I think i finally did it. I was always forgetting something, because that was a lot to do, but i think I finally made the trojans go beddy bye. last night, instead of just going about my business waiting for the threats found dialogue, I scanned it as soon as i turned it n. before i did that, I used disc clean up, then went in to internet options, deleted cookies, temporary internet files, and offline content. i didn't think there was anything stored in the offfline content unless you chose to save a web page offline, which if you're on broad band is unnecessary anyway. A cousin of our called us, and when i told him i'd had 3 trojans, he told me after they place the things on your coomouter, they could place one there even if you don't have your computer on. so after it found the 2 trojans, or files, don't really know if the 2 files were part of the same trojan or 2 different ones, I scanned my computer, and it found no threats, and today when i turned it on, no threats. so I owe it all to you buck, you have saved me from probably months and months of trojan horses, you're a genius, thank you,
wonderwoman
oh, ps, did i mention one of my last trojans was a bot? yuk! I've been in channels on mirc where there were bots, but i never had one get in my computer before, yikes!
wonderwoman
Pretty cool,i am very happy that your problem was solved, anyway, thanks for the compliment.
yeah, better than the responses you get from vip, all they want to do is talk you in to download a payed version of a progrtam that avg already does for free. I think someone just dropped a single file somewhere in my temporary internet folder or local content folder that kept creating trojans, and emptying those out stopped them.
wonderwoman
That's right. I agree with you it's a war between companies in which we are the victims.
avg does what he said trojan hunter does, but for free. but i think they would've just kept coming back again and again until i deleted my temp files and online content. I think someone just droopped a file on there that keeps creating trojan horses, or thats how it appeared to me.
wonderwoman