Yet Another Journal

Nostalgia, DVDs, old movies, television, OTR, fandom, good news and bad, picks, pans,
cute budgie stories, cute terrier stories, and anything else I can think of.


 Contact me at theyoungfamily (at) earthlink (dot) net

. . . . .
. . . . .  

 
 
» Wednesday, June 17, 2009
The Trojan War
As I said, this morning I was in Firefox when AVG alerted me about a possible Trojan attack. I told AVG to kill the file, but apparently it had already installed itself. Thank God my work connection stayed stable, but some connections disappeared. I could get into my bank, my 1and1.com connection, and a couple of other things. Some websites came up blank and only came up if I reloaded, and reloaded, and reloaded, sometimes coming up in text format.

Once I finished up work, I attempted again to get AVG to update. It was saying it was missing a control file. So I uninstalled AVG, then reinstalled it, asked it to update—and it again said I was missing the control file.

Since Avast helped the time I had a Trojan on the laptop, I tried to download that. But whatever this thing was, it was keeping tight control on my web access. It kept saying I had a 404 (File not found) error. James finally had to download the file on his computer and put it on a thumb drive.

I installed Avast, ran its scan—and it found nothing!

I went looking around online and there was a suggestion to use Windows' scanner. Unfortunately, it only works in Internet Explorer (thanks a lot, Bill!) and I couldn't get that site to come up in Internet Explorer. IE couldn't even find microsoft.com. Gah.

In the meantime AVG did do its nightly scan, and found nothing. That told me these Trojans were brand new and were blocking the update of the virus definitions so I wouldn't be able to kill them.

One more solution presented itself: on a blog I found a reference to this problem. It directed you to go to AVG's website and find the two .bin files that were missing, manually download them, and then direct AVG to update using a directory rather than online. So I downloaded them via the laptop and saved them on my computer via the network connection, told it to update via directory...and it did.

When I ran the scan again, I found ten instances of Trojan infection, including the one AVG had warned me of this morning. There were two .exe files in Windows, Id09.exe and freddy(some number).exe, and something with the name of BIUK and one with ALYW at the end. With its new update, AVG killed them all, or at least it looks like it when I rebooted. Firefox appears to be working again. I didn't try IE.

I just hope this thing wasn't able to harvest any info from the sites I could get to, like my bank!

I wonder where it came from. James said just because it triggered in Firefox doesn't mean the file came from Firefox; he went to the same website (Comics.com) and wasn't affected. It's possible it was something downloaded from e-mail. My sister-in-law sends me these cute little e-mails with singing and dancing graphics...I wonder if the trigger was hidden there. I'd better warn her tomorrow about what happened.

Labels: