Prev: "Antivirus Suite" malware
Next: Ping: Dustin
From: David W. Hodgins on 10 Apr 2010 02:43
On Fri, 09 Apr 2010 23:19:03 -0400, russg <russgilb(a)sbcglobal.net> wrote:

> I found 'snapshot viewer' trojan by checking my startups with
> Codestuff Starter.
> I got an e-mail today, spam, said I got a free something and just
> download the
> file and open/run it to print my mailing label. Checking that was
> Bredo trojan.

You ran the download recommended from a spam email?

Assuming this was new malware that your current antivirus did
not fully detect, you can no longer trust any program on the
system.

Unless you know exactly what malware has been run, and what it
did to the system, the only safe option is to wipe the drive,
and reinstall.

You might want to consider using more a secure operating system
such as linux.

Regards, Dave Hodgins

--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)
From: FromTheRafters on 10 Apr 2010 07:06
"David W. Hodgins" <dwhodgins(a)nomail.afraid.org> wrote in message
news:op.vaxoys13a3w0dxdave(a)hodgins.homeip.net...
> On Fri, 09 Apr 2010 23:19:03 -0400, russg <russgilb(a)sbcglobal.net>
> wrote:
>
>> I found 'snapshot viewer' trojan by checking my startups with
>> Codestuff Starter.
>> I got an e-mail today, spam, said I got a free something and just
>> download the
>> file and open/run it to print my mailing label. Checking that was
>> Bredo trojan.
>
> You ran the download recommended from a spam email?

It sounds to me like he downloaded and scanned the resulting file.

> Assuming this was new malware that your current antivirus did
> not fully detect, you can no longer trust any program on the
> system.
>
> Unless you know exactly what malware has been run, and what it
> did to the system, the only safe option is to wipe the drive,
> and reinstall.
>
> You might want to consider using more a secure operating system
> such as linux.

....and even if you do go to Linux, it is a good idea to make the 'wipe
and reinstall' option less daunting. Use disk imaging software in
addition to your regular data backup strategy.


From: FromTheRafters on 10 Apr 2010 19:07
"russg" <russgilb(a)sbcglobal.net> wrote in message
news:d4999d74-6417-44c0-b2f4-0c9f2fa2c129(a)r1g2000yqb.googlegroups.com...
On Apr 10, 7:21 am, "FromTheRafters" <erra...(a)nomail.afraid.org>

[...]

> I am reluctant to wipe and re-install, I believe I have removed them.

That is, of course, up to you.

(did I forget to suggest changing *all* of your passwords?)

> About making a backup.

[...]

> I believe a lot of people have trojans or other malware and
> don't realize it.

I agree!

> I don't know how I'm getting infected, wherefrom comes these trojans.

Nor do I.


From: FromTheRafters on 11 Apr 2010 18:29
"Steve" <Steve(a)Wrong.duke> wrote in message
news:2nt3s5d21ap2sbrfc8e445m2g8slbp213j(a)4ax.com...

[...]

> if someone else have the similar problem then
> there is a chance that someone already came
> up with the solution, and all you have to do is
> GOOGLing for the answers. And you should
> have a much better chance to get answer than
> here, because with Google you wilol be looking
> for the answer from millions of people world wide,
> when Usenet you may be looking at dozen(s).

Googling is very helpful, but can lead you down the wrong path. For
instance, googling on a legitimate system filename may get you many
different HJT logs from people trying to rid themselves of some
infestation or another. I'm willing to bet that there have been
unwarranted instances of 'wipe and reinstall' based on this type of
misleading information.

Recommendation? Use Brain 1.0 (tech version) plug-in when googling. :o)

....or ask someone here to advise you.

Opposing opinions are not censored here, so you may instigate side
discussions. You can choose to ignore those if desired.


 | 
Pages: 1
Prev: "Antivirus Suite" malware
Next: Ping: Dustin