VIRUS QUESTION

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View


My PC has become infected with the "trojan-downloader.agent.bnz"
virus.

The reviews I have been reading call it a "high risk" virus, which,
among other things, will transmit information back to the invader.
One review said to consider all of your online banking information
completely compromised. The virus simply assaulted my Mcafee virus
software, dropping the firewall faster than a hooker's panties on New
Year's Eve.  I cannot access my virus software.  I cannot run scans or
put my firewall back up.  My computer is completely trashed, which is
the least of my concerns.  I'm more worried about identity and
information theft-related issues.  Anyway, I have three questions
regarding this and would appreciate any and all comments from those in
the group with informed answers:

1- Does the aforementioned virus transmit information back to the
invader by reading your key strokes as you type or does it take
previously entered information off the hard drive, even if you're
not   actively on the 'net, typing?

2- I routinely clear out my cache after entering passwords.  Would the
virus be able to access passwords that were entered before the virus
attacked if the cache had been cleared?

3- Is my router infected?  it appears to be working, but I don't want
to leave a potentially infected router in place with a brand new
computer.  It kind of defeats the purpose of buying a new system.

I don't want to start canceling credit cards and more than 20
different passwords unless I'm reasonably sure I need to.  Again,
would appreciate informed answers to these questions.  Thanks in
advance -- Brian.

Re: VIRUS QUESTION



BrianInNY wrote:
Quoted text here. Click to load it
[...]
Quoted text here. Click to load it

There are several ways such trojans work, from the thief's POV the best
way is to log key strokes as you type. That way your defensive measures
such as cache clearing are pointless. Searching the drive for relevant
data is also a favourite trick, since most people do not encrypt their
data, and passwords are stored in various places. Clearing the cache
will not remove passwords unless you have set "clear private data" to
include this.

As long as your on line connection is open, a trojan can and will
transmit data. If you have DSL/broadband, your connection is open soon
after you boot your machine, and stays open until you shut down. (This
is one reason you should not leave your machine turned one 24/7.)

Quoted text here. Click to load it

Good idea, but of limited value.

Quoted text here. Click to load it

Not likely, but possible. You don't need a brand new computer, just
flatten and rebuild.

Quoted text here. Click to load it
+

Well, IMO the hassle of cancelling cards etc is worth it. For all you
know, some charges have already been made - have you contacted your
credit card issuers? Unsolicited advice: reduce the credit card count to
two or three. I've had to get new cards twice now, which is one reason I
have only two cards. I only carry one, the other one provides overdraft
protection on my bank account.

I would suggest:

a) flatten and rebuild;
b) communicate with your bank(s) etc, and get new passwords, account IDs
etc.
c) reset the router to factory setting first, then reconfigure your network.
d) set your system to encrypt all files/data;
e) rebuild your online account(s).
f) never leave passwords on your machine (ie, do not set "automatic log
on" or anything similar for any account.)

Good luck
wolf k.

Re: VIRUS QUESTION



Wolf K wrote:

Quoted text here. Click to load it

So ... it's ok to have it spewing/relaying spam, catching keystrokes,
etc for, oh, 16 hours a day, but not 24?   <g>

Mine's on all the time.

--
   -bts
   -Four wheels carry the body; two wheels move the soul

Re: VIRUS QUESTION




Quoted text here. Click to load it

Damn... That's just... so rude, I had to save it. :)


--
"Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge
this boulder right down a cliff." - Goblin Warrior


Re: VIRUS QUESTION





Quoted text here. Click to load it





| Damn... That's just... so rude, I had to save it. :)


BTS usually has an almost poetic POV.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: VIRUS QUESTION



David H. Lipman wrote:

Quoted text here. Click to load it

There once was a girl from Keating...

--
   -bts
   -Four wheels carry the body; two wheels move the soul

Re: VIRUS QUESTION




| David H. Lipman wrote:

Quoted text here. Click to load it





| There once was a girl from Keating...

Whose virture was quite fleating ?


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: VIRUS QUESTION



David H. Lipman wrote:

Quoted text here. Click to load it

What???  You knew her, too???

--
   -bts, who is fleeting
   -Four wheels carry the body; two wheels move the soul

Re: VIRUS QUESTION




| David H. Lipman wrote:

Quoted text here. Click to load it



| What???  You knew her, too???

ROFLOL

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: VIRUS QUESTION



From: David H. Lipman---? To: Beauregard T. Shagnasty
Subj: Re: VIRUS QUESTIONSat, 20 Mar 2010 22:01:38 -0400

Hello, David!

You wrote on Sat, 20 Mar 2010 22:01:38 -0400:


 ??|> What???  You knew her, too???

 DHL> ROFLOL


<BIG SMILE>

--
K Klement

Enhance your marketing at   http://www.gypsy-designs.com
                           mailto:info@gypsy-designs.com
Gypsy Designs                        Fax: (403) 242-3221



Re: VIRUS QUESTION



Beauregard T. Shagnasty wrote:
Quoted text here. Click to load it
Did you or [she] know a fellow from Nantucket by chance?

...just asking...

Re: VIRUS QUESTION




| My PC has become infected with the "trojan-downloader.agent.bnz"
| virus.

How many groups do you Multi-Post this to ?

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: VIRUS QUESTION



wrote:

Quoted text here. Click to load it

IMO, passwords should be changed on a regular basis anyway, so
changing them now shouldn't be any kind of problem.

As for credit cards, I have 'fraud alert' or whatever they call it on
mine. When I make a big purchase, an unusually large number of
purchases, or purchases outside of my home area, basically things that
are outside of my normal shopping habits, it triggers a phone call to
me to verify that everything is alright. Maybe your cards have
something similar.

I wouldn't cancel any cards at this point, but notifying your card
issuers of a potential identity theft will likely prompt some
activities on their end, which would be good.


Re: VIRUS QUESTION



wrote:

Quoted text here. Click to load it
snip

I have the same type of 'purchase protection'.  It's a pain sometimes
when I forget to tell my wife I ordered software from the web, and she
gets a call and doesn't know if the purchase was mine..  Small
purchases of $20 have triggered a phone call questioning a purchase
via the web.  Twice it caught 2 fraudulent purchases with our card
number.  Each time it was due to an employee of a software outfit I
had dealt with over the Web.

It's a worthwhile service.

Re: VIRUS QUESTION




Quoted text here. Click to load it

[...]

Quoted text here. Click to load it

The aforementioned non-viral malware (a trojan) downloads and executes
*unknown* malware. When unknowns are involved, the most drastic measures
are often the *only* good choice.



Site Timeline