Temporary absence

Discussion in 'Off Topic' started by grazr, Oct 11, 2010.

  1. grazr

    aa grazr Old Man Mutant Ninja Turtle

    Messages:
    5,436
    Positive Ratings:
    3,570
    I'm gonna be out of commission for a while due to a bloody trojan infection that sophos is being a pussy about.

    It's being pretty destructive, having made me clean up well over 2 thousand files with no end in sight.

    I'm upgrading my computer this week so i'm gonna leave it at that, this C drive is 8 years old anyway.

    I'll catch you around on the uni machines when i can.

    Man, what a hassle.

    Hope there are no further ramifications due to leaked personal information.

    Fucking Flash adverts....
     
  2. drp

    aa drp

    Messages:
    2,254
    Positive Ratings:
    2,555
    :( sorry to hear.
     
  3. Pc_Madness

    Pc_Madness L4: Comfortable Member

    Messages:
    164
    Positive Ratings:
    48
    Hang on, what OS and what browser were you using? :\ 8 years old = XP without any service packs? :S
     
  4. Godslayer57

    Godslayer57 L8: Fancy Shmancy Member

    Messages:
    573
    Positive Ratings:
    221
    Activate Malwarebytes' Anti-Malware!
     
  5. REEJ

    REEJ L7: Fancy Member

    Messages:
    437
    Positive Ratings:
    167
    high5 for a fellow 8 year old HDD
    my frodo is still rolling, hardly.
     
  6. matou

    matou L2: Junior Member

    Messages:
    86
    Positive Ratings:
    10
    Sorry to hear about that, should perhaps try firefox with NoScript next time. It'll hopefully stop scripts like that.
     
  7. Lancey

    aa Lancey Currently On: ?????

    Messages:
    3,076
    Positive Ratings:
    1,314
    This. Or Super.

    NoScript more like NoFunctionality
     
  8. matou

    matou L2: Junior Member

    Messages:
    86
    Positive Ratings:
    10
    NoScript works lovely. Simply enable what you need.
     
  9. Grim Tuesday

    aa Grim Tuesday

    Messages:
    1,257
    Positive Ratings:
    371
    What pr0n sites were you looking at when you got it?
     
  10. StickZer0

    aa StickZer0 💙💙💃💙💙

    Messages:
    664
    Positive Ratings:
    667
  11. Rexy

    aa Rexy The Kwisatz Haderach

    Messages:
    1,795
    Positive Ratings:
    2,367
    grazr, if it's a common trojan, chances are there are plenty of other people having the same problem. When I get tough malware or trojans like this, typically none of the anti-malware, spybot or anti-virus softwares do anything at all. It's usually find the problem specifically and deal with it head on, instead of those 'scan-my-computer' methods that have no results. I find that other smarter people have already written small executables that terminate the specific trojan at work so it can be eliminated manually.

    Anyway, I hope you get it taken care of. If worse comes to worse, a complete OS reinstall never hurts anyone.
     
  12. Wilson

    aa Wilson Burial by Sleep

    Messages:
    1,256
    Positive Ratings:
    841
  13. Pc_Madness

    Pc_Madness L4: Comfortable Member

    Messages:
    164
    Positive Ratings:
    48
    Once you get a trojan its just easiest to reinstall. You don't know what Windows files its fiddled with to add another vulnerability or in case you end up missing something.

    Nuke from orbit, as Valve would say.
     
  14. grazr

    aa grazr Old Man Mutant Ninja Turtle

    Messages:
    5,436
    Positive Ratings:
    3,570
    Well what's happened was the thing infected all my .dll's .exe's .htm's and .html files; basically it was copying itself faster than sophos could handle (or some similar business that kept it alive). Even in safe mode it was doing its business, and sophos couldn't find the source beyond it residing in the memory and the explorer.exe.

    It infected upwards of over 6,000 files and after culling 2,000 thousand it re-infected 1,500 of what had just cleaned on the move. By the time i ran another scan, all the files were infected again.

    Oh well, the benefit was it finally got me around to buying a new system (even though the store gave me the wrong M-B and wasted half my day as the CPU wouldn't fit).

    I got a GTX-460 with an i7 930, 2x 500GB HD's, 750W PSU and 4GB RAM. Hopefully settling for the cheapest compatable M-B wont put me out, it's still a pretty decent piece of hardware i suppose.

    I still got my old computer... i need some data off it, such as my FF bookmarks, level design and uni work etc. Once i've done that i'm just gonna re-format the bitch and flog it to a needy mate to ease my sore wallet. Nothing wrong with it besides a GPU that's seen better days and a bit of dust.

    Will be a while before i have the system up and running with all the required software. I had £3k sitting in my current account, now it's 800 less, plus i wanna get Adobe CS-5. So much for chilling out on those saving for a few more months, gotta get me a job ASAP.

    @ Rexy

    Sophos listed the threat as low, even though Semantec said its damage is high. Even though it wasn't damaging my system per se, it was eating a lot of memory and was generally annoying, supposedly it hunts after banking information, so it's a major security risk. It appeared to be a hybrid of a much larger trojan from 2 years ago. So this was a pretty significant problem for me to deal with.

    The last infection i had i managed to cull by finding the source (by purposefully crashing my computer, as the fucker was managing to close my task manager so i couldn't stop the process), even though sophos wouldn't/couldn't touch it as it was active i managed to manually remove it (somehow). This one however persisted in the memory and infected my registry. I'll have to admit defeat to this one and just blitz it with a format.
     
    Last edited: Oct 12, 2010
  15. Acumen

    aa Acumen Annoyer

    Messages:
    704
    Positive Ratings:
    594
    Had to do the same thing last week.
    I'm starting to wonder again, that this might have something to do with the tf2m forums :(
    Cause the computer at my kindergarten office had the same symptoms and I was checking out only tf2m in the office as well. Kinda vague, I know, but yeh, shit happens.

    Got all the updates now and hope the computer works for another 1/2 year as usual :)
    Still gotta install my Steam :D

    Acumen gives grazr a compassionate hug