Ack, anyone know about this virus?

For system help, all hardware / software topics NOTE: use Coders Corner for all coders topics.

Moderators: Krom, Grendel

Post Reply
User avatar
DBB Defender
DBB Defender
Posts: 3512
Joined: Mon Dec 20, 1999 3:01 am

Ack, anyone know about this virus?

Post by []V[]essenjah »

Ok, the other night I caught some sort of virus. It appears to be a trojan of some sort. AVG didn't see it and AntiVir found it but wouldn't delete it, wipe it, or quarantine it permanently. It kept coming back! I couldn't figure out for a long time what it was doing until I noticed that my resources started dissapearing rather quickly. Windows kept asking me to free up space. I would free up space and only a couple of minutes later it would be full again until I completely ran out of space and my computer slowed to a crawl. The thing apparently hogged so many resources that I couldn't even restart windows so I ended up reloading onto a 10GB partition. So, right now I have very little access to my machine and I'm attempting to rescue various 3D models. Then I'm going to zero my drive and re-instal everything.

Anyway, I can't seem to find any information on the virus. The sites I found information about it on are all in a different language. Anyway, does anyone know what this virus is?

User avatar
DBB Habitual Type Killer
DBB Habitual Type Killer
Posts: 4929
Joined: Thu Apr 20, 2000 2:01 am
Location: Huntsville, AL. USA

Post by Iceman »

New trojan ... not recognized by most AV yet ... ... &product=0
User avatar
Top Wop
DBB Master
DBB Master
Posts: 5104
Joined: Wed Mar 01, 2000 3:01 am
Location: Far from you.

Post by Top Wop »

What is it with you and viruses? :P
User avatar
DBB Admiral
DBB Admiral
Posts: 1498
Joined: Sun Jun 06, 2004 2:44 am
Location: California

Post by Xamindar »

He must visit too many porn sites. :P
User avatar
DBB Defender
DBB Defender
Posts: 3512
Joined: Mon Dec 20, 1999 3:01 am

Post by []V[]essenjah »

LOL, I just didn't update my windows security like i should have nor my antivirus for a while. I'm on a 56k modem. I hate downloading anything. :\
Defender of the Night
Defender of the Night
Posts: 13477
Joined: Thu Nov 05, 1998 12:01 pm
Location: Olathe, KS

Post by MD-2389 »

I'm glad I back my ★■◆● up on CD-R....
User avatar
DBB Benefactor
DBB Benefactor
Posts: 4198
Joined: Tue Aug 24, 1999 2:01 am
Location: Dallas Texas USA

Post by BUBBALOU »


LilMessy says " DBB, I have been infected again!!, sigh "

DBB Says " Well Mess have you been taking your vitamins and watching what you eat like we told you?.. you know keeping your O/S and AV shiz up to date! "

LilMessy says " No way DBB, I'm on 56k and I don't have time for that!!1!! "

DBB says " If you don't have the time, why are you on the internet?... That's like having the time to bang a prostitute multiple times, but not the time to put on a jimmyhat, serves you right!!! "
User avatar
DBB Master
DBB Master
Posts: 9996
Joined: Sun Dec 09, 2001 3:01 am
Location: Brisbane, Australia

Post by roid »

messenger needs to eat his meat if he doesn't want to get tainted pudding
User avatar
DBB Captain
DBB Captain
Posts: 717
Joined: Fri Jul 20, 2001 2:01 am
Location: US

Post by Asrale »

Damn, do you not have a Ghost image on CD/DVD R always at the ready for situations like this? :P
User avatar
DBB Database Master
DBB Database Master
Posts: 16159
Joined: Sun Nov 29, 1998 3:01 am
Location: Camping the energy center. BTW, did you know you can have up to 100 characters in this location box?

Post by Krom »

MD-2389 wrote:I'm glad I back my **** up on CD-R....
DVD+R here, 700 MB is too small to work with. And I keep on top of Windows Update, I would spend even more time keeping on top of Windows Update if I was on a non-firewalled internet connection like dialup.
User avatar
Top Wop
DBB Master
DBB Master
Posts: 5104
Joined: Wed Mar 01, 2000 3:01 am
Location: Far from you.

Post by Top Wop »

For God's sake Messenger use common sense. If I were you and had sensitive data I would install AVG in a heartbeat regardless if I was even on a 14.4 modem!!! Being on 56k is no excuse. And I told you ONE HUNDRED TIMES about GetRight. Mayby this time you will get it, I dont know...

Ok, I just re-read your post. So you have 2 levels of anti-v. Great. But how in the hell do you get a virus in the first place? ANd yet get such a virus that it seems to defeat both of them??? Im currently running without any anti-v for 2 months as a result of a re-install and lazyness and I have not yet contracted a single virus. Never in my life even when most of the time I never had an anti-v installed! Except once when I was really stupid, but that was because I never seen a script file before (who knew that mayby some obscure file extension might have been a new format for a picture file? That was the last time I downloaded nude pics on Kazaa. :P )
User avatar
Posts: 7940
Joined: Sun Jun 03, 2001 2:01 am
Location: Christchurch, New Zealand

Post by Mobius »

It's not often I agree with Bubbalou here - but this time he has hit the nail squarely on the head.

Mess, I bet you are still using IE too - in which case you deserve everything which happens to your box, your OS and your files.

Being a 56Ker is NO EXCUSE for not keeping up to date. That's what those magic hours when you are asleep are for!! YES! Your PC can continue to not only run - but maintain itself in tip-top shape WITHOUT YOU HAVING TO DO ANYTHING AT ALL!

If you insist on carrying on this way - can I suggest you take a drive image after a full reinstall, so that when it happens again (as it surely will) it will take 30 minutes to fix, rather than 30 hours.
Defender of the Night
Defender of the Night
Posts: 13477
Joined: Thu Nov 05, 1998 12:01 pm
Location: Olathe, KS

Post by MD-2389 »

Mobius wrote:If you insist on carrying on this way - can I suggest you take a drive image after a full reinstall, so that when it happens again (as it surely will) it will take 30 minutes to fix, rather than 30 hours.
Or just yank the modem out, and do the rest of us a favor by being one less carrier for ★■◆● like this. If you aren't going to be responsible for your own computer, you don't deserve the privilege of having one at all.

Hell, AVG has updates all the damn time dude. Hell, they even offer the entire update package on their site, which you can just unzip to a folder and update that way. Its what, 6MB? Thats 10 - 15 minutes of your time, tops. I'm on 56k too, so don't give me this "I don't have time" bull★■◆●. You're just being lazy.
User avatar
DBB Master
DBB Master
Posts: 9996
Joined: Sun Dec 09, 2001 3:01 am
Location: Brisbane, Australia

Post by roid »

we yell at you because we love you
User avatar
DBB Alumni
DBB Alumni
Posts: 8826
Joined: Wed Mar 15, 2000 3:01 am
Location: Seattle

Post by DCrazy »

While MD has gone a bit, *ahem* overboard, it is a fact that unprotected computers are one step away from being drones that ruin the Internet for the rest of us. PLEASE take care of your computer and you help out everyone's Internet experience.
User avatar
DBB Defender
DBB Defender
Posts: 3512
Joined: Mon Dec 20, 1999 3:01 am

Post by []V[]essenjah »

LOL, man you guys sure jumped on me.

Ok, what am I running on?

Windows XP Service Pack 2. I hadn't updated in maybe.... a week.

AntiVir was out of date for maybe about 3 days or so. I actually updated it just before the virus struck so it was up to par.

Yes I HAVE AVG and it is consistantly running. I also consistantly clean my cache and fix errors with Norton. I didn't do this for maybe a couple of weeks.

I was also running Kerio which had a trial period that ran out.

And I had Microsoft's version of antispyware which was up to date but Annoying me with it's nightly scan so I shut it off just prior to when the thing struck. I was working in Gmax and it was slowing down it's processes by an excessive ammount.

BTW, AVG which should have updated itself didn't see it!

AntiVir actually caught it but everytime I would tell it to quarantine or wipe it, the virus would pop up seconds later and it would do this even after I disconnected.

I honestly have no idea how I got this virus other than having my antivir out of date for a few days and not updating windows for maybe being a week late on the windows update and not cleaning my cache and fixing errors.

BTW, TW, I don't know how you don't get any virus's without protection. I have heard from various students and computer companies and all the time on the news around here, taught as a standard, that you can be on logged onto the net for 4 minutes and allready have a virus. Many local computer companies around here, including one that my brother works at have been hit with a rather nasty onslaught of virus attacks.

What was I doing when I noticed it?

I was sitting at my computer connected to the net by my 56k modem, with Gmax open, AntiVir Guard scanning, Kerio, Antispyware annoying me due to slowing down Gmax and Miranda. Might have had the DBB open but I can't really remember being that I wasn't really paying attention to it.

Let's see... I have been hit by two trojans in a year and everyone starts yelling at me. :D

BTW, I never liked IE. I'm using it now while I'm trying to get Firefox back which is my normal browser. :)
User avatar
DBB Defender
DBB Defender
Posts: 3512
Joined: Mon Dec 20, 1999 3:01 am

Post by []V[]essenjah »

BTW, as for doing updates during sleepy time.... that doesn't really work well for me. My computer is a few feet away from my bed and sounds like a jet engine with all the cooling fans I have in it. :D

Besides, there is a rule in my house that I have to abide by... computer goes off when you go to bed, you are out of the house for a long period of time, or you are not planning to use it for a while. This is not my rule but it is one I have to follow or I can always have all my limbs pulled out and be smackethed down as I get kicked out so I can be homeless. :


I know it is a stupid rule but I have to deal with it for 3-5 more months.
User avatar
DBB Defender
DBB Defender
Posts: 3512
Joined: Mon Dec 20, 1999 3:01 am

Post by []V[]essenjah »

BTW, I run on Firefox as well. I don't touch IE. Never have, never will.

*Sigh* the DBB proves that is once again still full of arogant asses who can't stay on topic. Life is normal.

BTW Top Wop, I remember telling you multiple times that I HAVE AVG. I also had Getright but I also remember getright being full of extra junk and it is just another thing to slow my system startup down.

Also, to add to the sleeping issue, we also have nasty powerbumps here all the time so I also prefer to keep my computer OFF whenever possible.

So, I was lazy for a week or two. Hmmm gee, what could have have been doing during those two weeks? Lets, see, I have been spending a lot of time in real life. Yes, it's this thing you do when your not on your computer. I was going through a very stressfull period in my life.

For the majority of the time, I usually dedicate one day of the week to cleaning up my system. I do this by running each antivirus program one at a time, scanning through for major problems. I also clean the cache and fix errors using Norton. I use AVG, AntiVir, Antispyware and Norton during this process.

As far as, how do you get a virus?

You can pretty much get them by sitting at your computer doing nothing. I had them hit when my computer was sitting on idle a few times. During the past year I've had 3 in total. 1 was when I was still using Windows 2000 with nothing but Antivir running. I then updated to XP. I've had one hit but wiped it out before it could do any damage (it was one that I thought damaged my computer but actually I later found out that it didn't even touch my system before it was wiped). This last one hit and I couldn't do jack about it, even with AntiVir fully updated. It saw it but it couldn't permanently quarantine, delete, or wipe the file.

Remember, this post was originally intended to ask if anyone else had seen or knew of this virus.
User avatar
DBB Database Master
DBB Database Master
Posts: 16159
Joined: Sun Nov 29, 1998 3:01 am
Location: Camping the energy center. BTW, did you know you can have up to 100 characters in this location box?

Post by Krom »

My main computer has been running for 10 days without a reboot. I'll probably have to reboot it soon for an update or because I installed something or other. Fortunately I put a reasonable amount of money into making my PC STFU while it's running, water cooling and all it is quieter then most PCs overclocked to this level.
User avatar
DBB Captain
DBB Captain
Posts: 717
Joined: Fri Jul 20, 2001 2:01 am
Location: US

Post by Asrale »

If yer PC is loud at night throw a carpet over it! :P
User avatar
DBB DemiGod
DBB DemiGod
Posts: 6460
Joined: Sat Oct 24, 1998 2:01 am
Location: Calgary Alberta Canada

Post by fliptw »

Here's a question: did anyone send you something over your IM/IRC service before the virus struck?

Does anyone else use your computer?
User avatar
DBB Defender
DBB Defender
Posts: 3512
Joined: Mon Dec 20, 1999 3:01 am

Post by []V[]essenjah »

Nope and nope. :

I know the first one came from a wierd webpage. The second one that struck my system hit due to me opening an e-mail claiming it was sending me a greeting card that opened up to a blank page. :\ It was a backdoor program that I quickly got rid of.

Not sure where this 3rd one came from unless I got it off from one of my old backup CD's that I was taking files off from. But I would imagine my anti virus software would have put an end to that by now with all the updates that have taken place since then.

It could be that I had that virus on my system for a while and I just didn't see it until then.

I've noticed that AntiVir seems to detect many virus's that AVG doesn't.

I do know that a virus can bounce off from IM and people sometimes don't even know it until the damage is done. All you have to do, pretty much, is talk to a person over it.

BTW, I decided to zero my drive because I wanted a fresh start anyway. There were a few BIG programs I couldn't get to uninstall correctly and I decided at least for now I would rather have a smaller number of partitions and I wanted to backup my important files. I also need to re-organise my files anyway so I figured, why not? :D

I'm starting to wonder if it was in fact the same virus as I had before this time and I managed to get it off one of my old disks?
User avatar
DBB Material Defender
DBB Material Defender
Posts: 4689
Joined: Sun Nov 11, 2001 3:01 am

Post by Testiculese »

No router? No protection. All the antiviruses in the world can't really help you. I've gone online for 6 years and have never got a virus or malware or adware.

I have an anti-virus, I just never use it (it's disabled) unless someone brings over a CDR or something, I'll scan that...
User avatar
DBB Defender
DBB Defender
Posts: 3512
Joined: Mon Dec 20, 1999 3:01 am

Post by []V[]essenjah »

Yep, I would love to have a router but no broadband period in my area. Well we have wireless but it is crap, rarely ever works and there are too many trees around my house. :(
User avatar
DBB Master
DBB Master
Posts: 6542
Joined: Sun Sep 05, 1999 2:01 am
Location: ❄️❄️❄️

Post by Jeff250 »

Replace Getright with...
User avatar
DBB Master
DBB Master
Posts: 9214
Joined: Thu Nov 22, 2001 3:01 am
Location: Beaverton, Oregon USA

Post by Duper »

imho, AVG is crap. I use it, but i'm not that impressed. It's "ok". :) Take the time to goto Pc-Cillin (top right menu bar) and run the "house call" option. It's a free scan. As with spyware, it's always good to have more than one program watching your back. Between Pc-cillin, AVG, Ad-Aware (1.06 is out yesterday), and Spybot; along with ZoneAlarm Pro, I pretty much have no trouble. :)

Runs like a well lubed machine.
User avatar
DBB Master
DBB Master
Posts: 9996
Joined: Sun Dec 09, 2001 3:01 am
Location: Brisbane, Australia

Post by roid »

Jeff250 wrote:Replace Getright with...
ta, my old download manager was getting a bit long in the tooth.
User avatar
DBB Benefactor
DBB Benefactor
Posts: 17865
Joined: Tue Jul 06, 1999 2:01 am

Post by woodchip »

Mob have you ever checked to see how well your comp. is stealthed? Even though you may have AV soft ware, carelessly open ports can be doors for all kinds of crap sneaking in
User avatar
DBB Master
DBB Master
Posts: 9214
Joined: Thu Nov 22, 2001 3:01 am
Location: Beaverton, Oregon USA

Post by Duper »

woodchip wrote:Mob have you ever checked to see how well your comp. is stealthed? Even though you may have AV soft ware, carelessly open ports can be doors for all kinds of crap sneaking in

P.s. When i installed my router, I figured I was safe, and for all intensive purposes, I'm invisible if you don't know I'm there. But, left my firewall running just outta lazyness. What surprised me was that there were a number of programs trying to access the net that got blocked. This was after i had gotten rid of all spyware etc. hrm.
Defender of the Night
Defender of the Night
Posts: 13477
Joined: Thu Nov 05, 1998 12:01 pm
Location: Olathe, KS

Post by MD-2389 »

And if you're having power issues, I really suggest you invest in a UPS pronto. Nothing kills electronics faster than bad power conditions...other than lightning that is. ;) APC is the way to go IMO. $50 - 70 will get you a decent setup that should keep your rig running for a good 15 - 20 minutes, and (depending on the model) comes with a kickass warranty for anything plugged into it. Mine, albiet its four or five years old) covers anything upto $25,000 plugged into it. (and yes, I did read the card very carefully. There were no exceptions.)
User avatar
DBB Benefactor
DBB Benefactor
Posts: 4198
Joined: Tue Aug 24, 1999 2:01 am
Location: Dallas Texas USA

Post by BUBBALOU »

MD-2389 wrote:...(and yes, I did read the card very carefully. There were no exceptions.)
Except 1:
The warranty is not valid until the registration card is received by the manufacturer within 60 days of purchase with a valid receipt!!
User avatar
Top Wop
DBB Master
DBB Master
Posts: 5104
Joined: Wed Mar 01, 2000 3:01 am
Location: Far from you.

Post by Top Wop »

Mess: I think that so called study is bullcrap. Mayby cus im behind a firewall/router now, but before (up till 6 months ago) I was on 56k as you know and I have minimal security, and I hardly contract anything except the common cold when I have someone sick next to me.

Mayby you have a script-kiddie for a neighbor...
Defender of the Night
Defender of the Night
Posts: 13477
Joined: Thu Nov 05, 1998 12:01 pm
Location: Olathe, KS

Post by MD-2389 »

Top Wop wrote:Mess: I think that so called study is bullcrap. Mayby cus im behind a firewall/router now, but before (up till 6 months ago) I was on 56k as you know and I have minimal security, and I hardly contract anything except the common cold when I have someone sick next to me.

Mayby you have a script-kiddie for a neighbor...
You just got lucky. I've had to mess with numerous computers that had NO security at all, and had more adware/malware installs than Bush has lies.
Post Reply