Web Hosting Forum | Lunarpages
News: July 14, 2008 - New Contest! - Submit Your WordPress Theme Designs, Win BIG!
September 1, 2008 - Submit Your Web Site for the Sept 2008 Site of the Month!
 
Home Help Search Calendar Login Register
*
Welcome, Guest. Please login or register.
Did you miss your activation email? 		September 07, 2008, 10:26:32 PM


Login with username, password and session length


Web Hosting Forum | Lunarpages > Lunarpages Web Hosting - Advanced Assistance > Lunarpages - Web Hosting, Email & PC Security > Trojan?
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Trojan?  (Read 259 times)
Bluelight
Jedi
*****
Offline Offline

Posts: 836
« on: November 26, 2001, 08:40:00 PM »
Recieved a mail today from someone i dont know with an attachment named setupdoc.scr and a text file called Att oooo2.txt.
 the text file was o byte and the setup file was something about 100 kb. Scanned it with no results and checked it with a Trojan seeker.

  When i closed down the machine i get an error beep same wnen i start it.

 If i connect to internet Kernel 32 says it wants to go enjoy itself on the net.This warning is given to me by Zone alarm.Now Kernel 32 never wanted to amuse itself on the net before so im suspicious.........


  Reformat or not thats the question.

   Trojan seeker Blue....s
Logged
Bluelight
Jedi
*****
Offline Offline

Posts: 836
« Reply #1 on: November 27, 2001, 12:08:00 AM »
Found that kernel 32 has been modified at the exact time that this bloody mail arrived.

  Coincidence?

  Going for a reformat tonight.

 See you`all tomorrow.
Hope i havent sent this bloody thing to anyone of you.Zone alarm asked for permission for Kerbel 32 to acess the net but i denied that so.....

    Blue
   
Logged
n2brand
Intergalactic Superstar
*****
Offline Offline

Posts: 129


WWW
« Reply #2 on: November 27, 2001, 12:26:00 AM »
Bluelight
 
Thanks for the headsup.. these are on Nortons or Macafee's site, Here is the latest reports from the two...
 
W32/Badtrans@MM
Medium On Watch  
 
W95/Toal@MM
Low  
 
W32/Klez.gen@MM
Low  
 
Rootcmd
Low  
 
W32/Redesi.gen@MM
Low  
 
W32/Magistr.a@MM
Medium

[ November 27, 2001: Message edited by: n2brand ]
Logged

« If we agree on everything, one of us is unnecessary »
Santos
Jabba the Hutt
*****
Offline Offline

Posts: 562


WWW
« Reply #3 on: November 27, 2001, 02:04:00 PM »
Blue get the latest virus defenitions for your scanner and KEEP them updated.

Kernel 32 is used by many trojans and that is DEFINATELLY a sign that you have been infectred with one.

There was no need for reformat however next time wait till i see yer post hehe. Togeather we can fix any nasty bud  

Look most trojans you will be able to dinf here

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices Under that registry most trojans will add a key there.

So if your suspicios check there first  

Hope ya be ok let us know how it went.
Logged
Smile, it makes people wonder what you're up to...
TWebMan
Quantum Encyclopedia Writer
*****
Offline Offline

Posts: 3112



WWW
« Reply #4 on: November 28, 2001, 02:57:00 PM »
Blue, sounds like the Badlands.  I got hit with one this morning, and I'm hearing it's spreading very quickly.  Mine didn't execute though.  However, Mcafee didn't catch it, though they claim it can. I put another topic here to that effect.  If you reformat, you should be okay.  If you clean it and you're running ME, don't forget the _restore folder!

[ November 28, 2001: Message edited by: TWebMan ]
Logged
"Computers cause people to make more mistakes than any other invention in history, with the possible exception of handguns and tequila."  - Unknown
"Liberty of any kind is seldom lost all at once." - D. Hume
Every day is an Ode to Joy
The planet will be fine... and so will your site
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.3 | SMF © 2006-2007, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks

Valid XHTML 1.0! Valid CSS! Dilber MC Theme by HarzeM