CWSMsConfig and Trojan backdoor...I thought my computer was secure.

Discussion in 'malware problems & news' started by suebaby41, Dec 24, 2004.

Thread Status:
Not open for further replies.
  1. suebaby41

    suebaby41 Registered Member

    Joined:
    Nov 9, 2004
    Posts:
    17
    I opened an email (not an attachment) from Hill Science Diet food, supposedly, and the subject was something about cats. Anyway, when I opened it, my computer went wild. Things were opening all over the page. I was able to get AdAware running and AVG antivirus program running. Somehow, these two programs stopped the pages opening all over my screen and I was able to close the pages. The first thing I did was delete the email. Then I came to this forum and used the "General Virus and Trojan removal instructions". Thank you so much for this information. I followed the instructions and CSWMsConfig and a Trojan backdoor was found and fixed/removed.
    I have AVG, ZoneAlarm, Previx, Spyware Guard, SpywareBlaster, MRU Blaster, CWS Shredder as well as using Privoxy and Tor. I was told by someone on another forum that I had many security programs; I think he thought I was a little bit paranoid. I thought I was well protected but alas, none of these prevented the operator, me, from opening a seemingly innocent email (it was not an attachment). :(
    Again thanks for the information. I was able to clean up my computer.
     
  2. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    That is why it is a good practice to scan all mail before opening, As you found out it isn;t very much fun to get a surprise like that ;)

    bigc
     
  3. Ga1tar

    Ga1tar Registered Member

    Joined:
    Apr 11, 2004
    Posts:
    118
    Location:
    U.K
    Sometimes we have to learn the hard way, not to open emails from an unknown source.
     
  4. Starrob

    Starrob Registered Member

    Joined:
    Apr 14, 2004
    Posts:
    493
    Wow, I really thought PReVX could block something like that. I wonder how something like that could get thru.

    I know sometimes I annoy some people when I point out potential flaws in a product but I think the real flaw is installing a security product and then thinking that your indestructible.

    Merry Christmas,


    Starrob

     
  5. FanJ

    FanJ Guest

    Hi,

    First of all: I'm glad Suebaby41 that you were able to clean things !!! :)

    I might be completely wrong (I'm not familiar with all the programs mentioned :oops: ), but I was wondering a few things:

    Suebaby41, you mentioned that you were using the following programs:
    - quote -
    I have AVG, ZoneAlarm, Previx, Spyware Guard, SpywareBlaster, MRU Blaster, CWS Shredder as well as using Privoxy and Tor.
    - end quote -

    Is that Previx the same program PReVX as mentioned by Starrob?

    In case you use InternetExplorer and OutlookExpress, have you put OE in the restricted zone of IE and put everything in that zone on the highest security?

    Are you using ZA Free or ZAPro?
    ZAPro can rename a lot of dangerous extensions.

    You said:
    "I was able to get AdAware running and AVG antivirus program running.".
    Does that mean that your antivirus program was not running resident?

    Would it perhaps not be a good idea also to use an anti Trojan program resident?


    Well, it were only a few thoughts.
    It could really well be that I didn't understand things right; I'm really sorry in that case!!!

    Merry Christmas !
    Cheers, Jan.
     
  6. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Hi Sue, you may want to take a look here for further discussion on security and how to make your system that much stronger and here for more.

    This is what works really well for me, very simple to use and maintain.

    Hope this helps...

    Let us know how you go.

    Cheers :D
     
  7. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    I got to tell you that I've received Junk-email from this so-called Hill Science Diet Food, I just report it immediately and delete it without even opening it.
    You should NOT open this Junk-email or else you will get hit by viruses.
    You're just one of those computer users who open Junk-email without thinking. Please don't open any Junk-email in future.
    Most viruses spread via Junk-email. Most computer users just open Junk-email without even thinking of the consequences.
     
  8. Ga1tar

    Ga1tar Registered Member

    Joined:
    Apr 11, 2004
    Posts:
    118
    Location:
    U.K
    Of even bigger concern is that it was not detected by AVG.
     
  9. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    Of course AVG will not detect it, only TDS-3 will do it. Anti-virus programs cannot detect trojans like TDS-3 can.
    If suebaby41 had TDS-3 installed on his/her computer, the TDS-3 would've been able to detect the trojan and get rid of it.
     
  10. Ga1tar

    Ga1tar Registered Member

    Joined:
    Apr 11, 2004
    Posts:
    118
    Location:
    U.K
    I agree with you about TDS-3, from my own experience in recent weeks NOD has stopped certain trojans from getting through. Therefore we are all learning the hard way.
     
  11. suebaby41

    suebaby41 Registered Member

    Joined:
    Nov 9, 2004
    Posts:
    17
    Yes, I learned my lesson about junk mail and the worst part was, the email was in the spam folder which should have been my first hint.

    Gaiter
    I am using a resident anti-virus program, AVG did not detect it even though it scans the emails. I thought at least it would have detected the CWS. I thought that Prevx would have stopped the trojan.

    Nadirah:
    Don't worry, I will not do it again. I have cats and was interested in anything about cats, which, of course, is what they were counting on.

    FAN:

    I do not use IE, I use Mozilla Firefox. I use ZoneAlarm free because of my being on a limited income. I am disabled. I thought that Previx was a Trojan preventer. I have Trojan Hunter on a trial basis now but when the trial ends, I will have to hunt a free one.

    Blackspear: Thanks. I will check into those areas.

    And thanks, everyone, for all your help.


    :D
     
  12. suebaby41

    suebaby41 Registered Member

    Joined:
    Nov 9, 2004
    Posts:
    17
    Sorry. The program is PREVX not PREVIX.
     
  13. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    U might want to give Ewido a try,

    http://www.ewido.net/en/download/

    I don't use it but a lot of the people who visit this forum have and from what i've read, it seems to be quite effective.



    snowbound
     
Loading...
Thread Status:
Not open for further replies.