Tuesday, August 26, 2008

Trojans, Back door bots, and all that good stuff

I have spent most of the day tinkering with the main comp after I had issues and discovered somewhere I picked up a nasty little trojan package. One folder showed it to be yesterday afternoon that I was struck. I recall clicking on several links from two different trusted sites-not on blogger-web sites I visit regulary. but one is a forum, so most likely the culprit.

Just in case, if you are running windows, you can check to see what is running on your comp. "Control-ALT-Delete" pressed simultaneously will bring up your running processes. If you see one of the following:
AFinding.exe
WServing.exe
wsldoekd.exe
svchoct.exe ( not host)
routing.exe
sobicyt.exe
roxtctm.exe
noxtcyr.exe

Just shoot yourself now, it's easier.

*EDIT* I thought I would say what I did since these are so new and there is not a lot of info out there. Please, I am NOT an expert!!! But if you get in a jam, as I did, this is what I did.

Download Malwarebyte's anti malware. It's free. Google a download location. I had to use my older back up computer as the main one wouldn't stay online for it. I downloaded it to a flash (usb) drive. I could not install it on the older comp due to OS incompatibility, so I installed it plain to the troubled computer and ran it without updating it. If you don't have a backup computer, try a friend or your local library. It is not a big file-could use a CDRW disc . Not sure if it will fit on a floppy. Would be close.

Then through the task manager, I quit the remaining suspect programs that remained. I was then able to get online to download the update, and I ran Malware bytes again. I also had to download another program called LSP fix and unchecked one thing, mmchost.dll which I found on googling yahoo answers, via firefox, since explorer was still not connecting.

That seemed to get my explorer connection back.

Then I downloaded and updated Spybot(free) and ran that.

I am also a firm believer in the program CCleaner-but running it everytime I closed the internet didn't stop this...but still is a good free program.

The current situation is that I still have a couple things that have not been removed-unknowns-roxctm.exe, and noxtcyr.exe, and wlsoekd.exe. I am watching google on those items waiting to find a way to get rid of them-they are new and if you are here then you know there is not a lot of info out there on them!

I just quit the process tree on them through task manager every time I reboot and so far they don't come back while surfing the net. That does NOT get rid of them, though! I had one last night that kept coming back, but a new update to Malware bytes took that out.

Or start googling the names of what you don't know in your task manager and find one of the good helpers out there if you need help removing them. Good luck-they are all new this month.

That will mean downloading a program called Hijackthis and posting the results on a computer forum. I have had good luck with that in the past on the older computer. I might have to go that route with this one, but since none of the forums seem to be posting solutions for them yet, I am going to wait .

I should have just rebooted from scratch, except I have so many photos I need to get off before I dump the lot. Hopefully I can get them off. :(

1 comment:

Tonia said...

I have had trouble since last night!! One scan says there is nothing but then strange things keep popping up!Iget real paranoid about that stuff!!