$sh!t I got a virus :(

MrHappyMonkey · Dec 28, 2001

I aparently got a backdoor.trojen virus from an HTML e-mail (no, I didn't open an attachments) on My Windows XP Pro machine. I just ran Norton AntiVirus 2002 on it and it wants to quarentine the following files: Explorer.exe (C:\WINDOWS\explorer\Explorer.exe ), dlder.exe (C:\WINDOWS\dlder.exe), and installer.exe (C:\Documents and Settings\Lee Chakov\Local Settings\Temp\installer.exe).

Will this successfully ged rid of the virus, or will I have to do a complete format?

gsaldivar · Dec 28, 2001

Man I suspect that I have the same CRAP. Running W2K here.

I ran NAV 2002 and it didn't find anything?! I deleted the hidden file at C:\WINNT\explorer\Explorer.exe, and everything *seems* OK...

Bish · Dec 28, 2001

Me too on a 2000 Pro machine. Only got two dlder.exe and Norton Antivirus 2002 quarantined them then I deleted them. Subsequently did a full system scan with no problem detected.

Good Luck

Bish

sml · Dec 28, 2001

incident response best practice dictates never trust a machine or its data after a compromise; if there was in fact a trojan on your system, someone could've connected to it, planted other goodies [cmd32.exe bound to a high port via netcat, etc] on your box. don't blindly trust an AV scanner with your system security. the best way to go about restoring is a clean format / reinstall of your OS, implement proactive security measures such as a personal firewall, antivirus software, etc. check out AVG for real-time email scanning with its nifty OE plugin. HTH.

gsaldivar · Dec 28, 2001

I *JUST* updated the virus defs and rescanned - dlder.exe is infected !!

Damn... now to reinstall

Nothinman · Dec 28, 2001

HTML e-mail (no, I didn't open an attachments)

You don't have to, nice feature, eh?

Dimitri · Dec 28, 2001

I found the exact same thing today in WinXP running NAV2001. I deleted the explorer.exe and dlder.exe files (the only 2 infected), rebooted and reran a scan and am supposedly clean now. Lately I have been randomly getting 'program has encountered and error and will be shut down' in ExPlorer.exe. Yes, with the P capitalized. Also, when it shutdown it didn't appear the 'real' explorer.exe shutdown cuz I was still able to do everything. This seemed suspicious to me, I wonder if it was related to this backdoor trojan.

Nothinman · Dec 28, 2001

I wonder if it was related to this backdoor trojan.

Just as SML says the only way to be totally sure you're rid of the trojan or virus is to format/reinstall or restore from a known good backup.

StuckMojo · Dec 28, 2001

Seriously....WTF IS WRONG WITH YOU PEOPLE?!?!??!

why?!?!? why do you still use SH*THOLE outlook to read mail? haven't you had enough of this?

i keep mozilla installed just to read mail. guess what? you can turn off javascript in mail! how novel!

MrHappyMonkey · Dec 28, 2001

<< why?!?!? why do you still use SH*THOLE outlook to read mail? haven't you had enough of this? >>

this is actually the first time i have been attacked. I use outlook XP becuase it is the simplest way to sync my iPaq to my email/calendar. Eurdora or Netscape email client blows ass.

But, thats just my opinion.

Dimitri · Dec 28, 2001

First virus I've ever gotten myself. How did you know where it came from though?

MrHappyMonkey · Dec 28, 2001

<< First virus I've ever gotten myself. How did you know where it came from though? >>

I was checking my email this morning and Norton AV 2k2 pops up and says "you have a virus". It was from some piece of spam.

F%CK$N SCRIPT KIDDIES WITH NOTHING ELSE TO DO IN THEIR LIVES THEN FCUK WITH PEOPLES COMPUTERS!:|:|:|:|:|:|

gsaldivar · Dec 28, 2001

"...WTF IS WRONG WITH YOU PEOPLE?!?!?? why do you still use SH*THOLE outlook to read mail?!..."

Look man - we don't need your sh!t.

I wasn't born yesterday - I use a virus scanner, a hardware firewall, and I don't use Outlook for my e-mail.

This is my first virus on the PC as well.

Norton *just* released a virus def to detect what I had, because a full scan earlier this week didn't detect squat.

Think before you type next time.

Nothinman · Dec 28, 2001

I use outlook XP becuase it is the simplest way to sync my iPaq to my email/calendar. Eurdora or Netscape email client blows ass.

They may not look as pretty, but they're a helluva lot safer. Would you drive a car that randomly swerved to the left without warning because it was prettier?

F%CK$N SCRIPT KIDDIES WITH NOTHING ELSE TO DO IN THEIR LIVES THEN FCUK WITH PEOPLES COMPUTERS!

If you want on the Internet you have to learn to accept the risks and deal with it.

Think before you type next time.

Think before you start Outlook next time.

Seriously, why do you keep defending programs that so easily propogate viruses? No other programs make it so easy for script kiddies to wreck your day, and you keep coming back for more, I don't get it.

gsaldivar · Dec 28, 2001

"...Seriously, why do you keep defending programs that so easily propogate viruses? No other programs make it so easy for script kiddies to wreck your day..."

Using your logic, I guess I'd better delete Internet Explorer and Netscape as well - because backdoor.trojan can be spread by simply opening a webpage.

"...Think before you start Outlook next time..."

I don't use Outlook, remember?

Nothinman · Dec 28, 2001

Using your logic, I guess I'd better delete Internet Explorer and Netscape as well - because backdoor.trojan can be spread by simply opening a webpage.

No, just IE, netscape doesn't download and run programs without asking you.

I don't use Outlook, remember?

I read that wrong, thought you said you did. What do you use then?

gsaldivar · Dec 28, 2001

Eudora Pro.

Truth be told - I'm pissed that NAV 2002 didn't do anything as far as warning or detecting backdoor.trojan. All of the Auto-Protect, E-mail Scanning, and Script Blocking features are turned on. NAV is also set to check for virus definition updates on its own.

I spent all week sitting here like an idiot with a suspected trojan on my computer, and only after manually updating the defs this afternoon were my fears confirmed.

I'm waking up to the fact that maybe NAV sucks ass after all. I just downloaded the AVG program Sml suggested. Can anyone else recommend any other good ways to prevent this from happening again?

HeinekinMan · Dec 28, 2001

In addition to Norton AV 2002, I run an anti-trojan program called BOClean 4.09 (one of the best out there for the money in my opinon). I'm not sure if BOClean would have picked this up or not (I didn't see it listed in the database; might have to check the nsclean forum). What's great about the BOClean licensing agreement is that it allows you to install it on ALL of the systems that you use plus free lifetime updates and s/w upgrades. The D/L version is $39.95; Check it out at:

BOClean anti-trojan program

Nsclean is a really great company; all of their products deserve merit. They provide fantastic products at very reasonable prices AND provide excellent customer service and support...

Nothinman · Dec 28, 2001

We use McAfee where I work and TrendMicro on the mail server, can't really speak for McAfee as most of the problems get stopped at the mail server or are too new to have definitions out.

NesuD · Dec 29, 2001

been using trend for a while now and it has caught everything thats come my way. Usually twice a month or so it catches something in my email and kills it. Auto updates definitions a couple times a week and it doesn't screw with the os like some others i have tried.

neuralfx · Dec 29, 2001

<< I was checking my email this morning and Norton AV 2k2 pops up and says "you have a virus". It was from some piece of spam. >>

<< F%CK$N SCRIPT KIDDIES WITH NOTHING ELSE TO DO IN THEIR LIVES THEN FCUK WITH PEOPLES COMPUTERS! >>

what is it about getting viruses. .. i have used computers for about 7 years .. on the internet pretty constantly .. and i have never gotten a virus, never used any AV .. and no i didnt "get any without knowing it" .. i just wonder why some people seem to get them all the time .. weird ..
-neural

NetGuySC · Dec 29, 2001

I got the explorer/explorer virus also....seems as though everytime my girlfriend uses my computer that I get a virus.

Well it disabled my Norton's 2002 so I reformatted just to be sure it is gone.

Not sure how she got...she said it the antivirus first sprang up when she downloaded and viewed a video from the net....

gsaldivar · Dec 29, 2001

I just found the source of my backdoor.trojan infection:

Trojan in Bearshare 2.4.0 Beta 7

Dreadogg · Dec 30, 2001

I got the same dam thing like 3 days ago first dam Trojan or virus I ever received in my life, I'm running XP it was causing a great deal of explorer crashes. Norton eventually caught the mysterious little guy only to lock it up and throw away the key! Still I get these crazy feelings and visions of some little thing bouncing around in some locked up folder getting more and more aggressive. I think I?m going to format, I?m a real paranoid person since this I?ve scanned my system 30 - 40 times searching for some of his mischievous friends!

gsaldivar · Dec 30, 2001

I've started a new thread for this issue.

Please post in the new thread instead of this one.

$sh!t I got a virus :(

Diamond Member

Diamond Member

Member

Member

Diamond Member

Elite Member

Member

Elite Member

Golden Member

Diamond Member

Member

Diamond Member

Diamond Member

Elite Member

Diamond Member

Elite Member

Diamond Member

Senior member

Elite Member

Diamond Member

Golden Member

Golden Member

Diamond Member

Golden Member

Diamond Member