[bcab] Smitfraud-C Trojan
- From: "Vince Thacker" <vince@xxxxxxxxxxxxxxxxxxxxx>
- To: "B C A B" <bcab@xxxxxxxxxxxxx>
- Date: Thu, 26 Jul 2007 02:46:29 +0100
Thanks again for more input, everyone. Why did I send a post while I had a
virus? Well, that was when I needed to pick people's brains, obviously. This
is plain text e-mail, no attachments, no HTML or even any special funky
characters, so it should be perfectly safe.
Frank, please don't put yourself down like that - actually you gave me the
best idea of all. You mentioned that there could be threads all over the
place, which made me do a simple disk search for anything called Smitfraud.
I didn't know what I'd be searching for exactly, but hey presto, I found not
one, but 18, zip files called smitfraud something-or-other in one of my
folders. I didn't mess with them but going by the names they were harbouring
several versions of this thing. So I've been able to get rid of them and the
last (I hope the last) incidence of the bug using Spybot. I know I'm not
ocmpletely out of the wood yet, because I don't know what was activating the
zip files. Still, research goes on.
I also got rid of mIRC, which had something with a malware type of name
attached to it (riskware or something like that). It might have just
attached itself to mIRC to remain hidden, but I uninstalled the whole thing
so as not to take any chances. Same applies to a program called Chronograph
which synchronises the PC clock. It had its own phone dial module, so I
didn't want to keep that.
I found these other bits using a program called A-Squared Free (not to be
confused with Zoomtext!). It dug out a number of suspicious-looking objects
that all the other programs had missed. It's only partly accessible, but I
could find the buttons and carry out the important bits OK.
So thanks again, listers.
Vince.
I'm protected by SpamBrave
http://www.spambrave.com/
*** BCAB List administration ***
If you wish to unsubscribe, set vacation,, request a digest or carry out
routine maintenance on your subscription to the list then go to:
http://www.bcab.org.uk/mailing-list.html
Alternatively, send an email to bcab-request@xxxxxxxxxxxxx with the word faqin
the subject line. You'll receive an email with advice on managing your
subscription to the list.
If you wish to discuss the administration of the list then contact:
bcab-moderators@xxxxxxxxxxxxx
Other related posts:
- » [bcab] Smitfraud-C Trojan