FileFront Forums

FileFront Forums (http://forums.filefront.com/)
-   Tech Discussion (http://forums.filefront.com/tech-discussion-398/)
-   -   Possible virus problem (http://forums.filefront.com/tech-discussion/332255-possible-virus-problem.html)

CyberRaptor September 24th, 2007 05:23 PM

Possible virus problem
 
Yeah, you read that right. It's been such a long time since I've had a serious infection on my home PC that I had almost come to believe it could never happen again. Well, here's the problem:

I've been experiencing repeated errors with Explorer. It would either terminate unexpectedly, or fail to load when logging in. I am able to launch it manually, but sometimes the screen goes black and the OS freezes solid.

Examples of these errors as they appear in the Event Log are as follows:

Faulting application explorer.exe, version 6.0.2900.3156, faulting module comctl32.dll, version 6.0.2900.2982, fault address 0x00010aec.

Faulting application explorer.exe, version 6.0.2900.3156, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x0003426f.

I didn't suspect a virus until later, when Ad-Aware found traces of it.
Also, when I started Internet Explorer (I normally use Firefox), Avast! popped up with a message saying:

Sign of "Win32:Trojano-1165 [Trj]" has been found in "C:\Documents and Settings\Venom\Local Settings\Temp\vista.exe" file.

I am running Windows XP Pro SP2. No part of Windows Vista has ever been on this machine in any form.
Clearly, such a file has no business being there. My first action was to "Move to chest", the option advised by Avast!
However, it seemed no matter how many times Avast! removed it, the file continued to replace itself. After opting to permanently delete the file and remove on startup if necessary, it appears to have stayed gone for the time being. I've run a thorough scan now with Avast! and there doesn't appear to be any further trace of malware, but I'm not entirely sure.
Bottom line: I need information, and advice on what to do next, if anything.

Edit: Hijackthis log
Spoiler:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 7:26:41 PM, on 9/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\Venom\Desktop\Hijackthis\HiJackThis_v2.ex e

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5E9755A1-314A-4ae6-99E1-B9F7DC7C7CF0} - C:\WINDOWS\system32\17.tmp
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1188365400203
O20 - Winlogon Notify: 17 - C:\WINDOWS\system32\17.tmp
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\RpcSandraSrv.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

--
End of file - 5141 bytes

-Slick-cRiSsI September 24th, 2007 05:46 PM

Win32: Trojano - 1165...Please Help! - PC Pitstop Forums

Not sure it's exactly the same Virus / Trojan.. but the topic name is Win32: Trojano - 1165

Hope it helps.. especially that the issue was solved in that case.
Good luck

>Omen< September 24th, 2007 05:52 PM

Good that you're using Ad-Aware, Avast, and HighjackThis, though I recommend as well CCleaner (Slim version only!), Spybot (has trojan detection support now), Windows Defender (don't use Explorer without it!) and of course a decent firewall with a backtrace feature, I use Sygate Personal (free). Make sure SpyBot is updated and immunized BEFORE you scan with it. This is good practice of course with ANY security program and ones such as SpyBot and Windows Defender that run in the background realtime should be set to update themselves.

I ran a quick check of your HjT log in this auto analyzer and there are only two entries in it that are flagged, though one with an X, which is cause for concern. This is the more suspect of the two:

"O2 - BHO: (no name) - {5E9755A1-314A-4ae6-99E1-B9F7DC7C7CF0} - C:\WINDOWS\system32\17.tmp
Must be fixed! **.tmp (* = random char or digit) - Unidentified parasite - should you have any information about this application, [xs4] - if you actually have a copy of the file, please attach it to your email for analysis. Thanks!"

As you can see, the 17.tmp appears to refer to a temp file that may have come with a download. I suspect it may have been associated with the vista.exe reference. It could be just a false positive, meaning no actual spyware. It could even be something MS uses for those upgrading from XP to vista. Try Googling vista.exe and 17.tmp and see if there have been any files with those designations asssociated with malware. My guess is if there has it was false positives, mere glitches in the security programs not updated fully for vista and/or vista related features compatibility.

I would say it is most likely safe to remove that entry containing the 17.tmp though. If HjT cannot do it you can probably do an Edit\Find search in the registry to do it manually.

The only other flag in the HjT log bearing the lowest ? warning is a one involving Winlogon Notify. However as you can see it also has the 17.tmp designation, so they appear to be related somehow.

O20 - Winlogon Notify: 17 - C:\WINDOWS\system32\17.tmp




I seriously doubt removing either of these entires will cause any harm but if you want reassurance of that from techs consult the WhatTheTech forum to get your log analyzed by experts. http://forums.whatthetech.com/forums.html

CyberRaptor September 24th, 2007 06:33 PM

Yeah, I also use, Spybot, ccleaner, and Spywareblaster. I've never used Windows Defender, but I'll give that a try now.

Quote:

I ran a quick check of your HjT log in this auto analyzer and there are only two entries in it that are flagged, though one with an X, which is cause for concern. This is the more suspect of the two:

"O2 - BHO: (no name) - {5E9755A1-314A-4ae6-99E1-B9F7DC7C7CF0} - C:\WINDOWS\system32\17.tmp
Must be fixed! **.tmp (* = random char or digit) - Unidentified parasite - should you have any information about this application, [xs4] - if you actually have a copy of the file, please attach it to your email for analysis. Thanks!"
I actually noticed that one before too, and tried to remove it in fact, but it didn't seem to work. I decided to overlook it for the moment, but after reading this about it, I'm now determined to get rid of it.

On the subject of Firewalls, is it really necessary to use a third party one, or is the Windows Firewall sufficient? I use Kerio Firewall on my older computer, but I never bothered to put one on this machine because I'm an avid gamer and firewalls seem like such a resource hog, as well as being a hassle to configure.

CyberRaptor September 24th, 2007 08:48 PM

Quote:

Originally Posted by -Slick-cRiSsI (Post 3942636)
Win32: Trojano - 1165...Please Help! - PC Pitstop Forums

Not sure it's exactly the same Virus / Trojan.. but the topic name is Win32: Trojano - 1165

Hope it helps.. especially that the issue was solved in that case.
Good luck

Good find. Turns out I had the same infection as the one talked about in that thread. It's a really nasty virus called Virtumonde (AKA Vundo) that embeds itself in Explorer, and I had to use a special tool to get rid of it. Now I'm just going scan with some various other programs to make absolutely sure that it is completely gone, and also check for traces of any other files or registry entries added by the virus, and remove them with with manually if I have to.

>Omen< September 24th, 2007 09:51 PM

Quote:

Originally Posted by CyberRaptor (Post 3942712)
On the subject of Firewalls, is it really necessary to use a third party one, or is the Windows Firewall sufficient? I use Kerio Firewall on my older computer, but I never bothered to put one on this machine because I'm an avid gamer and firewalls seem like such a resource hog, as well as being a hassle to configure.

The Windows firewall even after it was beefed up a bit is practically nothing campared to most any stand alone. Sygate isn't very inrtrusive at all and as mentioned has a backtrace feature.

Though I doubt it would really be hogging any noticable resources you can always disable it while online gaming and of course it's not necessary gaming offline if you disable your net connection.

marvinmatthew September 24th, 2007 10:17 PM

You might want to try to boot into Safe Mode and run some more scans.

World in Conflict September 25th, 2007 12:42 AM

This is all nice,I use some of the above mentioned programs but donīt you think having all together 50 anti-malware,adware,spyware,virus programs can actually prevent you from gaming ?

Itīs good to have this if you have some really important information/data on your PC....most of these viruses are yet unknown to me....where did you pick them up anyway ? Heavy porn sites ? :Puzzled:

Um...more then 3 anti-virus programs are a potentional threat of having your PC completely erased.

Protection is good,but donīt overdue it.

>Omen< September 25th, 2007 07:20 AM

No one here is advocating 50 security programs and certainly not more than one AV on a system at a time. The programs I recommend, only 4 of which run in the background and only 2 of which are needed as startup programs (Avast and Sygate), are as follows:

CCleaner
Ad Aware
SpyBot
HijackThis
Windows Defender
Sygate
Avast

If you're familiar with and trust the server you're gaming on you can disable the AV and firewall and leave only SpyBot and Windows Defender running realtime, or just SpyBot if you're not using Explorer. Neither of them are anywhere near being resource hogs and even Avast and Sygate rarely conflict with any software or do any noticible resource hogging in my experience. There are actually some game browsers and anticheat software that are far more intrusive, such as Xfire and Securom.

World in Conflict September 25th, 2007 07:26 AM

Hm,maybe I will download some of those/or buy them if I must.

So far I only have AOL active virus shield,AVG,Spyware Begone.
Blocks most of the harmfull things.

Damn, I must get informed...;)

>Omen< September 25th, 2007 07:46 AM

All of what I mentioned is free, and for the record, I personally would never pay AOL for anything. I've heard too many horror stories about how they don't stop billing you when you cancel service with them. They are also heavily ad based and don't give any better protection than you can get free. I've never heard of Spyware Begone but AVG is pretty good.

What I don't get is if AOL is giving you an "active virus shield" why you have AVG? As I said AVG can be had free and you should NEVER have more than one antivirus program installed. Maybe they're just packaging AVG with their ISP if that's what your connection is. Wouldn't surprise me that they'd try and make that look like a great deal.

Anyway, as long as you have some kind of protection and it's keeping the junk away, better than nothing. I did help a friend once though that had Trend Micro AV/Firewall and a Registry Pro registry cleaner. He had it all paid for and updated but had lots of junk it wasn't catching.

I uninstalled it all after verifying myself that it's manual scans weren't helping and installed all the above I mentioned and caught over 200 items it had missed. He now uses that same set of freeware on the new rig I built for him and even the old email address he had that I advised him not to and still he's had no more problems.

Don't be fooled into thinking a good set of security progs is all it takes though. Once you start downloading stuff you leave yourself vulnerable to what you allow on your system. The one type of security progs that remain pay only are dedicated anti-trojan software.

Trojans are some of the nastiest bugs you can get. It often takes a specific tool written just for each bad trojan to get rid of them and if it's a complex bug it can take a while for such a tool to be written. Some of the worst trojans are called "polymorphic". These are rare but highly advanced trojans that can change code with each server mutating into thousands or even millions of states making them very hard to detect.

World in Conflict September 25th, 2007 07:55 AM

Really ? I downloaded AVG myself just in case AOL avs doesnīt catch something.

Check out Spyware Begone,itīs also a good progy.

I once got Trojan Downloader.I have read something about it that he " keeps the gates opened " letting hundreds of other Trojans on my PC.
Is this what Trojan Downloader does ?

P.S. Why in gods name do people make Trojans ?!?!?!?!
Get a life you scumbags ! Do not make viruses ! :mad:

>Omen< September 25th, 2007 08:09 AM

I think I just found out why AOL's "Active Virus Shield" is not conflicting with AVG, it no longer exists, LOL: http://www.activevirusshield.com/antivirus/freeav/index.adp? Smart of you to install AVG then. Just don't get sucked into McAfee. Avast or AVG are probably better protection and free.

Trojan Downloader does indeed do what you asked and big names such as Symantec and others have issued alerts about it. If you are using a p2p service and\or surfing porn sites, etc, that is likely how you got it.

I agree that the ones that write such crap are scum. You never can tell if it's someone just playing pranks, someone paid by those trying to push their ads, or some lunatics thinking they can save the world from sin by putting little "booby" traps in certain places.

We'll never be totally rid of them, but we can to some degree minimize their success by taking precautions. The more that don't know how to protect themselves the easier it is for them.

World in Conflict September 25th, 2007 11:53 AM

Indeed.My worst nightmare was when I first got Trojan Downloader and few minutes after that I got hundred of pop-ups and those little anoying messages in my bottom right corner of my desktop " Threat detected ! " .Omg I was scanning and scanning and no matter what I did more and more of those came onto my PC.But,that was a year ago when I had nothing that could protect my data.;)

Just a second off the topic here,that movie with Angelina Jolie and that guy(forgot his name) where they compete who will do " nastier sh** " is just utter bull****.I mean,leave the half of the city without light/electricity,messing with bank accounts......those hard core hackers/or any other possible threat.should be cought by police and higher authority,taken to interogation room and there beat the crap out of them.

Canīt people just leave normally,make money as other people do ?
Whatīs the point in hacking ? If I want a money Iīll organise a proffessional bank robbery as in movie " Heat "(never going to do that).:nodding:

And I totally agree with the thing you said:
Quote:

You never can tell if it's someone just playing pranks, someone paid by those trying to push their ads, or some lunatics thinking they can save the world from sin by putting little "booby" traps in certain places.
I just feel sorry for people ,like my dad,who doesnīt have a clue about PC and when he turns it on,he sees 100 incoming viruses and dies out of a heart attack.:rofl:

-Slick-cRiSsI September 25th, 2007 12:58 PM

I am now using Kaspersky Internet Security Suite which is awesome IMO. I was looking for a good 3 in 1 (Anti Virus, Anti Spyware and Firewall) few weeks ago and a friend suggested Kaspersky. I haven't get any kind of virus or spyware since I installed it. I really suggest it to anybody looking to improve their security..
Unfortunately it's not free but there's a 30 days trial (which I am still using.. only 1 week left though :( ) and it's a bit annoying at first when it asks for permission for every program trying to access the internet.

CyberRaptor September 25th, 2007 05:53 PM

OK this thread has gotten derailed a bit, but I'd like to address a few things.

Quote:

You might want to try to boot into Safe Mode and run some more scans.
Done. They come up clean.

Quote:

This is all nice,I use some of the above mentioned programs but donīt you think having all together 50 anti-malware,adware,spyware,virus programs can actually prevent you from gaming ?
The only ones that can interfere with gaming are those that use real-time protection. Firewalls are an example of this type of thing, because they are constantly active, and may block key ports needed for online gaming unless you make a specific exception rule.
For all other programs you can choose to enable or disable real-time protection, but it's very important to keep it enabled for your main anti-virus program, such as Avast! or AVG.
Using multiple programs to scan for malware is not a bad thing, because each specializes in certain areas. Avast! is for the prevention and removal of viruses. Ad-Aware and Spybot for prevention and removal of spyware/adware. Spywareblaster takes measures to protect your browser(s) from things like dangerous websites (that perform drive-by downloads, for instance), tracking cookies, and ActiveX controls. CCleaner and Hijackthis are special tools used for a very specific purpose. What CCleaner does is instantly cleans up various stuff that is no longer needed or could be used to collect personal information about you: memory dumps, old logs and broken registry entries or files from programs that are no longer installed, and can clear MRU lists, browsing history and other temporary files. Lastly, Hijackthis is a tool mostly used to generate a log file listing such things as active processes and services so that you can immediately check for suspicious stuff, or upload it to a tech forum like the one at spywareinfo.com so that they can analyze it and assist you. Only attempt to remove something with it if you are instructed to do so by a professional or are an expert yourself.

Quote:

Itīs good to have this if you have some really important information/data on your PC....most of these viruses are yet unknown to me....where did you pick them up anyway ? Heavy porn sites
I have 156 GB of data on one of my hard drives alone, including some important documents I've saved and transferred to various computers for more than a decade. So yes, it's important to me, and it's worth protecting.

Quote:

Um...more then 3 anti-virus programs are a potentional threat of having your PC completely erased.
No legit program could do such thing. At worst, using multiple anti-virus programs with active scanning could cause a resource conflict and you would occasionally get errors and have to reboot until you resolved the issue.

Quote:

I am now using Kaspersky Internet Security Suite which is awesome IMO. I was looking for a good 3 in 1 (Anti Virus, Anti Spyware and Firewall) few weeks ago and a friend suggested Kaspersky. I haven't get any kind of virus or spyware since I installed it. I really suggest it to anybody looking to improve their security..
Yes, I've heard good things about Kaspersky, and although it offers good varied protection, but no program can do everything all at once, and to be safe it can still help to do an occasional scan with Spybot: Search and Destroy, or an online scan for viruses with Trend HouseCall.

Just be sure that whatever program(s) you use are from a reputable source. This site has a great list of known rogue anti-virus programs and other fraudulent products and websites. Everyone should see this: Spyware Warrior: Rogue/Suspect Anti-Spyware Products & Web Sites

>Omen< September 25th, 2007 08:40 PM

SpyBot also does some trojan and worm checking, though of course not as thoroughly as dedicated anti trojan programs. The main things that keep me from not recommending Kaspersky are the testimonials I've heard of software conflicts and being a bit harder to understand for beginners than some aside from no free version for extended trial purposes or those on a budget. Avast and AVG are easy to use, have minimal intrusion, and of course can be had free.

WiC, I read your PM, don't worry about the sig unless FF tells you it's too big. Looks pretty good btw. Don't worry about me offering help either, though I'm not sure if you were joking about that. I offer help to anyone whom asks if I can as long as they respect others on the forum. It's something more out of doing my part to keep the net communities I visit in the know rather than vulnerable and is in no way anything personal. The more we help one another the less a a feeeding frenzy for those writing bugs.

Anyways, back to the subject at hand. I just want to say one more thing about AV use. Some people I've met choose to use what they feel is one of the better AV progs in yet another way. Rather than buying one that cannot be had free they use their automated free online scan service regularly. I must say this is really a bad idea and tempting fate. It is ALWAYS best to have an AV prog installed on your system for real time protection.

World in Conflict September 26th, 2007 01:42 AM

Quote:

WiC, I read your PM, don't worry about the sig unless FF tells you it's too big. Looks pretty good btw. Don't worry about me offering help either, though I'm not sure if you were joking about that. I offer help to anyone whom asks if I can as long as they respect others on the forum. It's something more out of doing my part to keep the net communities I visit in the know rather than vulnerable and is in no way anything personal. The more we help one another the less a a feeeding frenzy for those writing bugs.
Iīm glad you like the sig.Oh about that P.S I mean donīt let my current account concieve you.I was banned permanently once.I got back and now I keep it clean.;)

Anyway,back to the subject.
I noticed that almost every anti-virus program after scanning puts all found infections to the Virus Vault.What happens if I remove them from the Virus Vault ? Do they get back to my PC or something........?

>Omen< September 26th, 2007 02:08 AM

This will help you understand it more in detail:

The AVG Virus Vault:

When AVG detects a virus that cannot be removed by healing, it uses a
special way of deleting the infected file - AVG moves it to the AVG Virus
Vault.

What is the AVG Virus Vault?

The AVG Virus Vault is a special directory that stores infected files. The
name of the files are changed and their content is encrypted so they cannot
be used and virus infection cannot spread. It is almost the same as ordinary
deleting techniques; however, the AVG Virus Vault gives you the ability to
restore the files, if necessary.

� Delete File � deletes � finally removes the file. It cannot be restored
later.

� The AVG Virus Vault has its own automatic maintenance - files stored in
the AVG Virus Vault are deleted automatically depending on the parameters
set.

World in Conflict September 26th, 2007 02:14 AM

OK,I see.
Thx.;)

I know when I was just a little kid I thought computer viruses are something like, " eats " all of your data/system files and your PC is practicly useless.
Is there a virus like this ? Lethal for PC ?
What is the maximum damage that new(todayīs) viruses can do ?

CyberRaptor September 26th, 2007 04:53 AM

Quote:

I know when I was just a little kid I thought computer viruses are something like, " eats " all of your data/system files and your PC is practicly useless.
Is there a virus like this ? Lethal for PC ?
CIH (computer virus) - Wikipedia, the free encyclopedia

One of the most deadly computer viruses ever created. It destroys data on the hard drive, and in many cases corrupts the BIOS, rendering the system completely inoperable. I was one of the many victims of the CIH (Chernobyl) virus when it made its "debut" on April 26th 1999. I'll never forget that day.

>Omen< September 26th, 2007 07:21 PM

Quote:

Originally Posted by World in Conflict (Post 3944976)
Is there a virus like this ? Lethal for PC ?
What is the maximum damage that new(todayīs) viruses can do ?

Oops, forgot to answer this last night. Though I haven't kept up on the latest virus news, I do know there have been cases where some of them start either duplicating or eating files on your HD. Some can lock you out from using your drive completely or even booting up.

Some of the worst cases I've heard of, one in particular from a close chat friend from Australia, was a case of total identity theft. There are actually bots written that can do that too. He had to change all his accounts and start from scratch. Once something like that happens it changes the way you think about computers for life.

He is now armed with a myriad of security software piggy backed on top of one other, many of which I've never heard of. I tried to tell him in security software sometimes more is less, but he insists on going overkill after that traumatic experience.

I suppose in a way it is better to risk conflicts between security progs than risk having ones that will let something slip by, but I'd only recommend it in extreme cases.

marvinmatthew September 26th, 2007 09:14 PM

Quote:

Originally Posted by World in Conflict (Post 3944976)
OK,I see. I know when I was just a little kid I thought computer viruses are something like, " eats " all of your data/system files and your PC is practicly useless.
Is there a virus like this ? Lethal for PC ?
What is the maximum damage that new(todayīs) viruses can do ?

Most modern viruses are designed to take control of your computer and use it as a spam bot. Destructive viruses are more and more becoming a thing of the past.

-Slick-cRiSsI September 27th, 2007 04:21 AM

Quote:

Originally Posted by marvinmatthew (Post 3946450)
Most modern viruses are designed to take control of your computer and use it as a spam bot. Destructive viruses are more and more becoming a thing of the past.

Either that.. or they just get into your computer by an open port and install a keylogger. They wait and when you get on Paypal or something.. boom they see your password.
fortunately, most anti-virus detects Keyloggers and they aren't too hard to remove.

World in Conflict September 27th, 2007 04:29 AM

Seriously,do this guys have a life ?
What drives them to make viruses(which were in the past) to totally mess up your computer and even eats all data ? Do they have some benefit out of it ?
Except for admireing their sick acomplishment,that they made something lethal for PC.Sick bastards.

Chen Ing Hau should have been killed.

>Omen< September 27th, 2007 04:30 AM

Well there may not be as many destructive viruses but those aimed at identify theft can destroy much more than just your PC.

marvinmatthew September 27th, 2007 11:52 AM

Quote:

Originally Posted by World in Conflict (Post 3946758)
Seriously,do this guys have a life ?
What drives them to make viruses(which were in the past) to totally mess up your computer and even eats all data ? Do they have some benefit out of it ?
Except for admireing their sick acomplishment,that they made something lethal for PC.Sick bastards.

There's money to be made. Both from stealing credit card and financial information, and through spamming.

World in Conflict September 27th, 2007 01:25 PM

Thanks for the info.

Now,this Trojan Downloaders and other Trojans,what exactly is their effect once they manage to get onto our computers ?

-Slick-cRiSsI September 27th, 2007 01:32 PM

Quote:

Originally Posted by marvinmatthew (Post 3947324)
There's money to be made. Both from stealing credit card and financial information, and through spamming.

Yea.. 'Hackers' aren't stupid.. They don't spend their time making viruses just to destroy computers. They find ways to make money..

marvinmatthew September 27th, 2007 04:23 PM

Quote:

Originally Posted by World in Conflict (Post 3947597)
Thanks for the info.

Now,this Trojan Downloaders and other Trojans,what exactly is their effect once they manage to get onto our computers ?

As the name implies (named after the famous Trojan horse that was used to invade the city of Troy) their job is to tear a hole in your computers security, and allow other malware to get in your computer.

>Omen< September 27th, 2007 07:14 PM

What's ironic too is you can't count on ad based spyware to be merely malicious advertising. Often hackers use existing ads, without permission of course, to deliver bugs with other intentions, such as identity theft. Such types of masking are key elements clever hackers use to divert attention away from themselves. We are way beyond mere hardware destruction intent hackers whom use proxy servers.

Many are now using corporate disguises. This has caused quite a bit of concern in recent years about how ads are displayed because if used in this way by hackers it can hurt the reputation of those that don't encrypt them. The problem is not all businesses are big enough and/or willing to spend the money to do that.

When you add international circulation into the mix, it's really hard to make and enforce advertisement encryption laws globally.


All times are GMT -7.

Powered by vBulletin®
Copyright ©2000 - 2016, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 ©2011, Crawlability, Inc.