Plethora of nasties

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
The intergoogles and Facetubes seem to be infested with nasties finding
their way onto my pc at the moment. It started with the printer churning out
blank pages all by itself which turned out to be a large spool file which
you couldn't delete created by something icky. Shifted that in Recovery
Console plus what appeared to be a randomly named dll file in the windows
directory and it all went quiet for a while until everything came back. The
spool file filled all available space on the C drive and a new one popped up
as soon as you deleted the last one.

Ran MBAM which found Vundo, Downadup, Sysvxd.exe and several registry
entries. Got rid of the lot but bugger me it's all back plus even more this
morning. Anyway just spotted the bloody thing had turned the firewall off so
it had a nice little backdoor every time I went online.

Note to self and others. Check the firewall settings haven't been tampered
with BEFORE you run anti malware progs or it'll be a waste of time. Anyway
fingers crossed for now. Hijack This seems to indicate nothing unusual
running anyway.
--
Dave Baker



Re: Plethora of nasties

wrote:

Quoted text here. Click to load it

If your system is repeatedly getting infected, it might indicate user
behavior that is less than safe. No firewall can save you from
yourself.


Re: Plethora of nasties


Quoted text here. Click to load it

I get the occasional thing every now and then but nothing too drastic. This
looks like a single infection which turned off the firewall and let the rest
in. To answer someone else's question I run XP, all the service packs and
updates and just the XP firewall. I find constantly resident antivirus
software too intrusive on a pc as old and slow as this one so I just fix
whatever gets through as and when. It's rarely much of an issue to kill it
all off either in the Recovery Console or with MBAM. Anyway it's all clean
again since I turned the firewall back on. I was really just making the
point to check that every time you spot a nasty before deleting it.
--
Dave Baker



Re: Plethora of nasties



On 02/22/2010 03:12 PM, Dave Baker wrote:
Quoted text here. Click to load it

In XP SP3 there is a Windows Security Center that alerts you whenever
the firewall is down. Did the malware turn off the security center alert?


Re: Plethora of nasties




Quoted text here. Click to load it

Yes it had switched that off too and I turned it back on. MBAM also picks
that up as a registry warning.
--
Dave Baker



Site Timeline