Jump to content

Advice on TrojanDropper removal?

Sue

By Sue
in The Lounge

 Share

Recommended Posts

ianr

ianr

Posted
Posted

Here's a very short and clear officialish forum thread concurring in the belief that it's a false positive. http://answers.microsoft.com/en-us/protect/forum/mse-protect_scanning/microsoft-essentials-shows-trojan-dropper-on-dell/2134f8e4-9b89-406c-a672-2f94bc6f7dc4


I can see why MSE isn't putting a 3.5GB file into its quarantine folder. Embedded within that is one small file, uninst.exe, for uninstalling the AOL Connectivity Service (ACS), that triggered the alarm.

Sue

Sue

Posted
  • Author
Posted

Loz Wrote:

-------------------------------------------------------

>

> Can you actually see your D drive from explorer?

> On my Dell, I can only see the C drive and the E

> drive (my dvd drive). The recovery partition is

> not actually mounted, so it's not accessible (and

> therefore my AV doesn't scan it).

>



Yes I can see the D drive. Never actually looked at it very closely before :) or indeed at all :)


I think ianr may be right.


Though I have no idea what the AOL Connectivity Service is.


I still have two AOL email accounts which I occasionally check, but I haven't used AOL as a browser for some years. Do I still need ACS or could I just uninstall it and then delete the uninst.exe file?


Also, given that the PC status is now showing as protected, am I OK or not?

Loz

Loz

Posted
Posted

As I said, Sue, that partition is just to reinstall the operating system. You can't delete an individual file from it, as it's all packaged up into one big file.


And deleting the corresponding file from the C drive would almost certainly cause other issues, and not solve this one.

Twoddle

Twoddle

Posted
Posted

Latest version of CCleaner has some startup items management. You can research the items and disable/delete them if they look suspicious. 'Experts' will use tools like Autoruns in the Sysinternals Suite or do a scan with Malwarebytes.


A common way you get these things in the first place is from visiting bootleg websites eg. live sports channels, that trick you into installing a 'required plugin' which of course is infected with said trojan.

DulwichFox

DulwichFox

Posted
Posted

Twoddle Wrote:

-------------------------------------------------------

> Latest version of CCleaner has some startup items

> management. You can research the items and

> disable/delete them if they look suspicious.

> 'Experts' will use tools like Autoruns in the

> Sysinternals Suite or do a scan with

> Malwarebytes.

>

A common way you get these things in the first place is from visiting bootleg websites

eg. live sports channels, that trick you into installing a 'required plugin' which of course is infected with said trojan.


This is very true... Watch Live Football for FREE is a classic example...


DulwichFox

Loz

Loz

Posted
Posted

AVG is not the worst AV out there - I just find it a bit naggy, as it keeps pestering you to buy the non-free version. That was the big reason I switched to MSE.


Not sure what you mean by for 'online banking / purchasing'. An AV (should) protect you at all times.


Ditto with browsers - I don't think any of them is better/worse in terms of security. I use Firefox as a rule, but often switch to Chrome simply because I don't have any add-ons there, which can seriously reduce your security. The big one is not to let your browser store any login/passwords for anything you want to keep secure. It's a trivial job to see them.

pipsky2008

pipsky2008

Posted
Posted

Loz Wrote:

-------------------------------------------------------

> AVG is not the worst AV out there - I just find it

> a bit naggy, as it keeps pestering you to buy the

> non-free version. That was the big reason I

> switched to MSE.


I does pop up and pester, I agree, but would, on balance, prefer to be pestered by something that worked than something that didn't.


Thank you for mentioning MSE, I hadn't previously heard of it but will look into it.

>

> Not sure what you mean by for 'online banking /

> purchasing'. An AV (should) protect you at all times


By online banking I mean giving passwords, answering security questions, where there are bogus websites that say they are rated as 'official' when amending standing orders or setting up direct debits or merely sighning in to check an account balence


by purchasing I mean buying on ebay or amazon etc

>

>

> Ditto with browsers - I don't think any of them is

> better/worse in terms of security. I use Firefox

> as a rule, but often switch to Chrome simply

> because I don't have any add-ons there, which can

> seriously reduce your security. The big one is

> not to let your browser store any login/passwords

> for anything you want to keep secure. It's a

> trivial job to see them.


I never let a browser store my password even for an email address password, however for some sites, even my bank, my browser doesn't automatically ask me, as does yahoo for example when signing into email. I am awaiting a written response from my bank regarding this.


Thank you for your reply Loz

Loz

Loz

Posted
Posted

pipsky2008 Wrote:

-------------------------------------------------------

> Thank you for mentioning MSE, I hadn't previously heard of it but will look into it.


MSE is Microsoft Security Essentials, their version of antivirus. Normally I shy away from MS stuff like this, but MSE is pretty damn good and ties in quite nicely with the Windows Firewall. And it's free.


> > Not sure what you mean by for 'online banking / purchasing'. An AV (should) protect you at all

> > times

>

> By online banking I mean giving passwords, answering security questions, where there are

> bogus websites that say they are rated as 'official' when amending standing orders or

> setting up direct debits or merely sighning in to check an account balence


Ah. Whilst some AV's can help, that's not really what they do. The usual advice is NEVER go somewhere like that via clicking on an email or similar. Keep the links in your bookmarks. Personally, I use KeePass, which allows me to store and use a known URL/link to my banking/ebay/paypal/etc.


Malware can, however, redirect even a real URL to a bad site. That's where AV usually should help.


If in doubt, check the security certificate. When you are on the banking site, the URL should start with 'https://' If it doesn't, get out of there. If it does, you should be able to click on the padlock to the left of there and the security certificate details should come up. The Common Name on the certificate should be the expected URL.


Although I don't use it myself, I understand the Trusteer Rapport software that most banks offer to you helps weed out such things.


> I never let a browser store my password even for an email address password, however for some

> sites, even my bank, my browser doesn't automatically ask me, as does yahoo for example when signing into email.


That sounds like something's wrong. I have never encountered that. You can go into the browser's password area and delete them.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
  • Advertise Here

  • Latest Discussions

    • malumbu
      Oh David / Is David Lammy Toast?

      By malumbu · Posted

      The current wave of xenophobia is due to powerful/influential people stirring up hatred.  It;'s what happened in the past, think 1930s Germany.  It seems to be even easier now as so many get their information from social media, whether it is right or wrong.  The media seeking so called balance will bring some nutter on, they don't then bring a nutter on to counteract that. They now seem to turn to Reform at the first opportunity. So your life is 'shite', let;s blame someone else.  Whilst sounding a bit like a Tory, taking some ownership/personal responsibility would be a start.  There are some situations where that may be more challenging, in deindustrialised 'left behind' wasteland we can't all get on our bikes and find work.  But I loathe how it is now popular to blame those of us from relatively modest backgrounds, like me, who did see education and knowledge as a way to self improve. Now we are seen by some as smug liberals......  
    • Dogkennelhillbilly
      Dell Autos is closing tomorrow

      By Dogkennelhillbilly · Posted

      Kwik Fit buggered up an A/C leak diagnosis for me (saying there wasn't one, when there was) and sold a regas. The vehicle had to be taken to an A/C specialist for condensor replacement and a further regas. Not impressed.
    • HeadNun
      Oh David / Is David Lammy Toast?

      By HeadNun · Posted

      Yes, these are all good points. I agree with you, that division has led us down dangerous paths in the past. And I deplore any kind of racism (as I think you probably know).  But I feel that a lot of the current wave of xenophobia we're witnessing is actually more about a general malaise and discontent. I know non-white people around here who are surprisingly vocal about immigrants - legal or otherwise. I think this feeling transcends skin colour for a lot of people and isn't as simple as, say, the Jew hatred of the 1930s or the Irish and Black racism that we saw laterally. I think people feel ignored and looked down upon.  What you don't realise, Sephiroth, is that I actually agree with a lot of what you're saying. I just think that looking down on people because of their voting history and opinions is self-defeating. And that's where Labour's getting it wrong and Reform is reaping the rewards.   
    • malumbu
      The economy, a sensible debate in advance of the budget

      By malumbu · Posted

      @Sephiroth you made some interesting points on the economy, on the Lammy thread. Thought it worth broadening the discussion. Reeves (irrespective of her financial competence) clearly was too downbeat on things when Labour came into power. But could there have been more honesty on the liklihood of taxes going up (which they have done, and will do in any case due to the freezing of personal allowances).  It may have been a silly commitment not to do this, but were you damned if you do and damned if you don't?

East Dulwich Forum

Established in 2006, we are an online community discussion forum for people who live, work in and visit SE22.

Home
Events
Sign In

Sign In



Or sign in with one of these services

Search
×
    Search In
×
×
  • Create New...