 |
|
|
|||||||
| View Poll Results: Are you infected with Downadup? | |||
| Yes, after scanning, I was infected and have removed the worm. |
   
|
2 | 2.02% |
| Yes, after scanning I was infected. I am having trouble removing the worm. |
  
|
1 | 1.01% |
| No, after scanning, I was not infected. |
  
|
96 | 96.97% |
| Voters: 99. This poll is closed | |||
 |
|
|
Thread Tools | Display Modes |
Jan 22, 2009, 12:20 PM // 12:20
|
#21 |
|
Lion's Arch Merchant
Join Date: Jun 2006
Location: Somewhere you can't see
Guild: Limburgse Jagers [LJ]
Profession: N/
|
<s>Hmm, i had the registery entry, and deleted it. Does this mean its gone?</s>
nvm on that, deleted something else that was familiar looking :P I also ran nod32 and the f-downadup program ran, and it didnt find anything, so i guess im clean. EDIT: F-Downadup Note: Computers infected by Downadup are blocked from reaching f-secure.com websites. just saw that on their site, was able to reach it fine so probably im just clean 
Last edited by Smurf Minions; Jan 22, 2009 at 07:54 PM // 19:54.. |
|
|
|
Jan 22, 2009, 01:31 PM // 13:31
|
#22 |
|
Grotto Attendant
Join Date: May 2005
Location: The Netherlands
Guild: Limburgse Jagers [LJ]
Profession: R/
|
Thanks for warning us, Rahja. No registry entry here, but I'm installing Avira at this moment and will perform a deep scan.
Results came up with a minor Trojan, other than that, I'm clear. Last edited by Arduin; Jan 22, 2009 at 04:48 PM // 16:48.. |
|
|
|
|
Jan 22, 2009, 02:11 PM // 14:11
|
#23 |
|
Jungle Guide
![[Morkai]'s Avatar](../Img/avatar144860_1.gif){kind=avatar}
Join Date: Oct 2007
Guild: Heroes of Elonia [HE]
Profession: W/Rt
|
Recently formatted because of other Trojans I had, and this time instead of installing AVG, (seeing as it let me down), my PC Driver CD came with Kaspersky, and that's registered until April.
Wondering, is Kaspersky strong enough to detect/remove these? It's Deep scanning as we speak, but i'll change it out if it's not a strong option. |
|
|
|
|
Jan 22, 2009, 03:15 PM // 15:15
|
#24 |
|
Frost Gate Guardian
Join Date: Mar 2008
Guild: [DL]
Profession: Mo/
|
Thanks for the heads up, one question though. Why do we need to disable System Restore ? All ways seemed like a handy idea to keep it turned on. Thanks.
|
|
|
|
|
Jan 22, 2009, 04:14 PM // 16:14
|
#25 |
|
Never Too Old
 
Join Date: Jul 2006
Location: Rhode Island where there are no GW contests
Guild: Order of First
Profession: W/R
|
System Restore saves the trojan/worm/virus also. So it is still there after removal from current system.
Thanks for the heads-up. I was clean today, but will keep a watch for it.
__________________
That's me, the old stick-in-the-mud non-fun moderator. (and non-understanding, also)  |
|
|
|
|
Jan 22, 2009, 04:57 PM // 16:57
|
#26 |
|
Lion's Arch Merchant
Join Date: Jun 2008
Location: Oklahoma City
Guild: Noble Order Of Valiant Angels
Profession: Me/
|
I have avast and Spybot S&D. I didn't run my spyware detector yet (I will tonight, though), but I did a boot scan of my computer overnight, and the scan didn't seem to have found anything, which is a good thing I guess.
On another note, I have been keeping up with the updates, and I'm currently under a fresh (installed just last night) installation of Windows XP Professional. I will keep my system updated regularly, too. |
|
|
|
|
Jan 22, 2009, 05:33 PM // 17:33
|
#27 |
|
Academy Page
Join Date: Jun 2006
Location: Holland
Guild: Ave
|
Updated MS08-067 Oct. last year and expected no problems. Ran full systems scan anyways, nothing found. Ran Symantec's removal tool, nothing found to remove.
tnx for heads up nevertheless 
|
|
|
|
|
Jan 22, 2009, 05:40 PM // 17:40
|
#28 |
|
Frost Gate Guardian
Join Date: Feb 2007
|
Hey guys.
I just went to try and update my pc (im on vista, so the things gotta search for updates before it can do anything) and i got this error: Code 8000FFFF: Windows Update a rencontré une erreur inconnue. Have had no trouble with this until now. Web search has come up with nothing, and im not a PC wizz so i was wondering whether you guys knew whats going on/if this is possibly the worm? Slightly worried, but im scanning and McAfee hasnt had any problems updating (i did it manually) and is scanning away now. Any ideas how to fix this would be brilliant, it was fine till now and it says last update was onnnn the 17th. Thanks ~Lies EDIT: Researched and got quite a bit, but nothing ive trieds worked so far :s And i forgot i was on a french PC and this is an english forum... Translation: Code 8000FFFF: Windows Update has encountered an unknown error. Thanks again. ~Lies Last edited by White Lies; Jan 22, 2009 at 05:46 PM // 17:46.. |
|
|
|
|
Jan 22, 2009, 08:56 PM // 20:56
|
#29 |
|
~ Retired ~
Join Date: Nov 2005
Location: Copenhagen, Denmark (GMT +1)
Profession: E/
|
Thanks Rahja! Ran a full system scan like suggested, just to be sure. Clean as a whistle!
According to the poll you have helped save two computers with this information (so far),- got to feel good about that! |
|
|
|
|
Jan 22, 2009, 08:59 PM // 20:59
|
#30 |
|
Ă¼ber tÄ›k-nÄsh'É™n
Join Date: Jan 2006
Location: Canada
Profession: R/
|
i wonder if this applies to the win 7 beta also...
|
|
|
|
|
Jan 22, 2009, 09:26 PM // 21:26
|
#31 |
|
Lion's Arch Merchant
Join Date: Feb 2006
Profession: W/Mo
|
This is the virus that crashed the hell out of my laptop, somehow we got it fixed but now my laptop is bluescreening
|
|
|
|
|
Jan 22, 2009, 09:54 PM // 21:54
|
#32 |
|
Wilds Pathfinder
Join Date: Jun 2006
|
http://www.cnn.com/2009/TECH/ptech/0...ref=newssearch
So... I'm a little confused. I read this article a week ago that states the downadup worm is engineered to spread through corporate networks and, for that reason, corporate networked computers are more at risk than home computers. The means of infection through networked computers described in the article seems different than the means of infection you describe, and it appears from this article that corporate networks are indeed in deep doodoo where this worm is concerned and that it spreads through corporate networks is the reason for the rapid rate of spread and concern to Homeland Security. But I can see how it might be easy to bring the worm home from work on a flash drive. What I don't see is how this is any more damaging to our home systems than any other worm or virus we can contract. I'm sure there's a lot more information out there about it that I can research when I have the time, but in the meantime I'd love if you'd explain. Btw, I did a manual scan on my work computer immediately after reading this article and then on my home computer as well. I think I'll do another on my work computer as soon as I finish this post *shivers* Thanks! Last edited by lakatz; Jan 22, 2009 at 09:57 PM // 21:57.. |
|
|
|
|
Jan 22, 2009, 10:22 PM // 22:22
|
#33 |
|
Jungle Guide
Join Date: Apr 2008
Location: Serbia
Profession: Me/
|
Scanning as we speak , searched for the registry but couldn't find it. Thanks for the heads up Rahja
|
|
|
|
|
Jan 22, 2009, 10:51 PM // 22:51
|
#34 | |
|
The Fallen One
Join Date: Dec 2005
Location: Oblivion
Guild: Irrelevant
Profession: Mo/Me
|
Quote:
Many businesses do not frequently update their network with Windows Updates as they should, because it does require a substantial investment in time and resources. They have to bring down the network, test the updates, make the updates live, and bring back up the network. It can take several hours, which at a corporation, is bad news. This is still no excuse though, so don't take it that way. But, say for example, CNET became infected (not saying they are). The virus could, in fact, spread to their content upload servers, that you download things from. You go to CNET and download, say, Spybot or AdAware etc. Now, you go to install the program, but little do you know, the sneaky little Downadup has already gone and imbeded itself in their uploads, because it infected their network previously, and spread like wildfire. Again, just a hypothetical example. The point is, this thing is hitting corporations more and more, which endangers home users that are the least bit lax on security. Those who run a good security suite and are concious of their actions on the net have far less to worry about (though it doesn't mean you still can't get it) Let's also have a look at the pole results so far. Based on 44 people voting, 2 were infected and removed the worm. That being said, that means by our numbers, 1 in every 22 PCs are infected. Now, Guru users are, for the most part, computer literate and know basic internet etiquite. This pretty much falls in line with the estimates coming in from around the world placing it at 1 in every 14-16 PCs. Standard, computer illiterate users are many times more likely to be infected than most of us. Keep that in mind. The results speak for themselves.
__________________
|
|
|
|
|
|
Jan 22, 2009, 11:10 PM // 23:10
|
#35 |
|
Jungle Guide
Join Date: Jul 2006
Location: The edge of reason
Guild: I don't play any more.
Profession: W/E
|
*is running a thorough scan on Avast at this moment*
I can access F-Secure.com, so I think I'm good... right? o0 |
|
|
|
|
Jan 22, 2009, 11:14 PM // 23:14
|
#36 |
|
Ascalonian Squire
Join Date: May 2008
Location: Places
Guild: The Centre Path [TCP]
|
How do you disable System Restore if you have Vista? Also, I was looking in my Registry, and I couldn't find netsvcs. Is that ok? Or should I be worried?
|
|
|
|
|
Jan 23, 2009, 12:01 AM // 00:01
|
#37 |
|
The Fallen One
Join Date: Dec 2005
Location: Oblivion
Guild: Irrelevant
Profession: Mo/Me
|
No, if you don't have the registry entry, that is a GOOD THING. Still, do your scans and be extra cautious of who/where you download from.
__________________
|
|
|
|
|
Jan 23, 2009, 12:29 AM // 00:29
|
#38 | |
|
Academy Page
Join Date: Jun 2006
Location: Holland
Guild: Ave
|
Quote:
2: Click "View installed updates" on the left hand side. 3: Find the update KB929777 and uninstall it. 4: Attempt to install the update again in Windows Update 5: Once successful, restart your PC. Alternatively 1: Launch REGEDIT 2: Go into HKLM\COMPONENTS, and check if these three values exist under the COMPONENTS key: PendingXmldentifier NextQueueEntryIndex AdvancedInstallersNeedResolving 3: Providing they do exist, back up the Components key, then delete the three above values. 4: Restart the computer, and Windows Update should now be working fine. |
|
|
|
|
|
Jan 23, 2009, 12:33 AM // 00:33
|
#39 |
|
Lion's Arch Merchant
Join Date: Jun 2008
Location: Oklahoma City
Guild: Noble Order Of Valiant Angels
Profession: Me/
|
After running the spyware scan, I found 11 entries, but I easily removed them.
I was not infected with the virus (as I said, I do have a fresh install of XP Pro (love that Pro!)). Thanks for the heads up; I will spread the word. |
|
|
|
|
Jan 23, 2009, 12:45 AM // 00:45
|
#40 |
|
Frost Gate Guardian
Join Date: Feb 2008
Location: Cali
Guild: Trinity of the Ascended[ToA]
Profession: E/
|
Ok I use McAfee and don't see a deep scan button so I'm just wondering if these settings are fine:
 Also, is McAfee good enough to spot it and remove it if it's there? I'm currently scanning at the moment so I don't know how it'll end. Additionally, how true is it that if you can reach f-secure.com that you're safe? I have 3 laptops that all could reach it, but I want to be sure. |
|
|
|
|
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Desolation Sword | Icy DS | Sell | 4 | Sep 18, 2007 03:14 AM // 03:14 |
| virus | Wretchman Drake | Technician's Corner | 4 | Jan 26, 2006 11:37 PM // 23:37 |
All times are GMT. The time now is 05:49 AM // 05:49.
jQuery(document).ready(checkAds()); function checkAds(){if (document.getElementById('adsense')!=undefined){document.write("_gaq.push(['_trackEvent', 'Adblock', 'Unblocked', 'false',,true]);");}else{document.write("