The Trojan Virus from Hell

[BlindedByScience]

….no, not the kind of virus you'd get if you went to the strip club on the bad side of town and took one of the 'ladies' out back for some slap and tickle, this one got into my computer through Firefox and really went to town. It was the "Gadcom" trojan and Google is all over it, if you're interested. It's a nasty one; it shut off my Windows update, the Windows firewall, and Windows monitor of my virus scanner. Stopped the virus scanner from communicating with the web. Prevented me from installing "Hijack This". Wow…..a really pestilent one. It appears that Firefox 3.0.4 was vulnerable, and the new 3.0.5 is not. First step, if you're a FF user is to get that upgrade.

The surprising news is that after trying a bunch of tools to get rid of it, Microsoft's new "Windows Defender" did the trick splendidly. Took a little finagling as the damn trojan wouldn't let Windows Defender update its signature files, but that's easy enough to do manually (instructions on the web page). Best part about this is that it's FREE for XP and Vista users. You can get it here:

http://www.microsoft.com/windows/products/...er/default.mspx

Even if you have a virus scanner (which I do), I can strongly recommend getting a hold of this and installing it. The price is right and it nailed the trojan, dead in its tracks and successfully cleaned it off my hard drive.

Let's be careful out there, folks - B.B.S.

 

[junkman_56]

Thanks for the info BBS.

Firefox is now upgraded.

 

[ChiTown_Huck]

Thanks for the heads up! I am updated as well.

 

[jlada]

Here's a few free geeky tools I if you ever run into hassle, some of which need no install:

Stinger
StartupList
Avast Virus Removal Tool
Dr. Delete
Process Explorer
Unlocker

There's a plethora of others. Enjoy.

 

[Aeroscott]

Thanks for the heads up, I just downloaded the Defender, seems pretty straight forward, Norton expires soon and will be shopping for 4 computers, I will probably go with Norton again as I've had no problems with it. defender is added security! thanks for the link.

 

[jkuzi]

Thanks for letting us know! Apparently Microsoft Internet Explorer is having problems with hackers and viruses also.

http://www.cnn.com/video/#/video/tech/2008...et.explorer.cnn

 

[Macion Grey]

Hey man, nice one. That virus was shitting me.

 

[BobbyRitz]

Sorry to hear this, Tom...and thanks for the good information.

 

[MrErskine]

Thanks for the info

 

[Yodascroty]

Thanks for the info BBB. I just went a few rounds with "intervalhehehe" This one didn't do too much damage. It's just really annoying.

 

[KeyserSoze]

I got hit with one a month back. I had to reinstall everything and what do you know, two weeks later it came back. Found out what site it was from. Be sure to set those restore points. Saved me the second time around.

 

[Dsav101]

Thanks for the info. FF now updated.

Don

 

[themoneycollector]

You guys should just stay away from the n00die sites until you're updated :laugh: :laugh: :laugh:

 

[tone-ny]

Sorry to hear about this Tom, glad you were able to resolve.

 

[Keystone_Raider]

Thanks. Just updated.

 

[mrrt]

WOW...sorry you got slammed with that little nasty. I have found that in todays world of computing that the little virus of the past were like kindergarten stuff compared to todays. Todays nasties seem to have evolved to a new level of nastiness.
I would definitely agreee that the only way to combat these guys is with a 'toolbox of removers'. It just seems that no one manufacturer has come up with the ultimate solution for cleaning, so its good to run a couple of cleaners.

M$ has Defender, AVG mades a decent cleaner, HiJack This is another good one to look for rogue processes, ESET does a decent job.

You really should run a couple of the cleaners to make sure its squeaky clean, but hey no worries there will be a new nasty next week. Disheartening, but sadly true.

Art

 

[uptown_isy]

Thanks for sharing this Tom.

 

[BlindedByScience]

Figured since we're on the subject I'd share something else I found. I posted this on several of the "bithead" forums I follow, and more than one person highly recommended the software from Malwarebytes. I like this comment; "...Using Malwarebytes Anti-Malware suite is like bringing an M4 to a knife fight....".... :laugh: As mrrt says, you have to have a couple of tools in your toolbox when this crap lands on you.

Regards - B.B.S.

 

[BrewMeister]

I'd have to agree, no matter the protection used, often you are a victim of the being on the wrong site at the wrong time. I try to make certain I back up data constantly, which the two Mirra servers have done nicely over the past few years. And at least monthly I make a mirrored image to an external HD (which is turned off after the image back-up) of my OS drive with Acronis True Image. Last time I had a RAID failure is was my savior.

Thanks for the heads up on the FF update.

 

[NullSmurf]

Good advice that I'm implementing now - mine wouldn't update either. How did you detect the trojan?