Temporary absence

grazr

Old Man Mutant Ninja Turtle
aa
Mar 4, 2008
5,441
3,814
I'm gonna be out of commission for a while due to a bloody trojan infection that sophos is being a pussy about.

It's being pretty destructive, having made me clean up well over 2 thousand files with no end in sight.

I'm upgrading my computer this week so i'm gonna leave it at that, this C drive is 8 years old anyway.

I'll catch you around on the uni machines when i can.

Man, what a hassle.

Hope there are no further ramifications due to leaked personal information.

Fucking Flash adverts....
 

Pc_Madness

L4: Comfortable Member
Aug 31, 2009
164
51
Hang on, what OS and what browser were you using? :\ 8 years old = XP without any service packs? :S
 
Sep 1, 2009
573
323
Activate Malwarebytes' Anti-Malware!
 

REEJ

L420: High Member
Aug 26, 2010
437
176
high5 for a fellow 8 year old HDD
my frodo is still rolling, hardly.
 

matou

L2: Junior Member
Oct 25, 2008
86
20
Sorry to hear about that, should perhaps try firefox with NoScript next time. It'll hopefully stop scripts like that.
 

StickZer0

💙💙💃💙💙
aa
Nov 25, 2008
664
647
Seeya on the other side grazr
 

Rexy

The Kwisatz Haderach
aa
Dec 22, 2008
1,798
2,533
grazr, if it's a common trojan, chances are there are plenty of other people having the same problem. When I get tough malware or trojans like this, typically none of the anti-malware, spybot or anti-virus softwares do anything at all. It's usually find the problem specifically and deal with it head on, instead of those 'scan-my-computer' methods that have no results. I find that other smarter people have already written small executables that terminate the specific trojan at work so it can be eliminated manually.

Anyway, I hope you get it taken care of. If worse comes to worse, a complete OS reinstall never hurts anyone.
 

Pc_Madness

L4: Comfortable Member
Aug 31, 2009
164
51
grazr, if it's a common trojan, chances are there are plenty of other people having the same problem. When I get tough malware or trojans like this, typically none of the anti-malware, spybot or anti-virus softwares do anything at all. It's usually find the problem specifically and deal with it head on, instead of those 'scan-my-computer' methods that have no results. I find that other smarter people have already written small executables that terminate the specific trojan at work so it can be eliminated manually.

Anyway, I hope you get it taken care of. If worse comes to worse, a complete OS reinstall never hurts anyone.

Once you get a trojan its just easiest to reinstall. You don't know what Windows files its fiddled with to add another vulnerability or in case you end up missing something.

Nuke from orbit, as Valve would say.
 

grazr

Old Man Mutant Ninja Turtle
aa
Mar 4, 2008
5,441
3,814
Well what's happened was the thing infected all my .dll's .exe's .htm's and .html files; basically it was copying itself faster than sophos could handle (or some similar business that kept it alive). Even in safe mode it was doing its business, and sophos couldn't find the source beyond it residing in the memory and the explorer.exe.

It infected upwards of over 6,000 files and after culling 2,000 thousand it re-infected 1,500 of what had just cleaned on the move. By the time i ran another scan, all the files were infected again.

Oh well, the benefit was it finally got me around to buying a new system (even though the store gave me the wrong M-B and wasted half my day as the CPU wouldn't fit).

I got a GTX-460 with an i7 930, 2x 500GB HD's, 750W PSU and 4GB RAM. Hopefully settling for the cheapest compatable M-B wont put me out, it's still a pretty decent piece of hardware i suppose.

I still got my old computer... i need some data off it, such as my FF bookmarks, level design and uni work etc. Once i've done that i'm just gonna re-format the bitch and flog it to a needy mate to ease my sore wallet. Nothing wrong with it besides a GPU that's seen better days and a bit of dust.

Will be a while before i have the system up and running with all the required software. I had £3k sitting in my current account, now it's 800 less, plus i wanna get Adobe CS-5. So much for chilling out on those saving for a few more months, gotta get me a job ASAP.

@ Rexy

Sophos listed the threat as low, even though Semantec said its damage is high. Even though it wasn't damaging my system per se, it was eating a lot of memory and was generally annoying, supposedly it hunts after banking information, so it's a major security risk. It appeared to be a hybrid of a much larger trojan from 2 years ago. So this was a pretty significant problem for me to deal with.

The last infection i had i managed to cull by finding the source (by purposefully crashing my computer, as the fucker was managing to close my task manager so i couldn't stop the process), even though sophos wouldn't/couldn't touch it as it was active i managed to manually remove it (somehow). This one however persisted in the memory and infected my registry. I'll have to admit defeat to this one and just blitz it with a format.
 
Last edited:

Acumen

Annoyer
aa
Jun 11, 2009
704
628
Had to do the same thing last week.
I'm starting to wonder again, that this might have something to do with the tf2m forums :(
Cause the computer at my kindergarten office had the same symptoms and I was checking out only tf2m in the office as well. Kinda vague, I know, but yeh, shit happens.

Got all the updates now and hope the computer works for another 1/2 year as usual :)
Still gotta install my Steam :D

Acumen gives grazr a compassionate hug