| Page 1 of 1 |
Dunge
Posts: 1201
Location: Québec
|
 Posted: Fri, 12th Sep 2008 20:30 Post subject: What's going on with public torrent and virus contamination? |
|
 |
Hi there,
I know we should never really download things from public torrents trackers (like TPB, minin**a, etc) since it can't be trusted like a true scene release and it's full of fake crap like old crappy p2p softwares. I usually don't use it but sometime I need to.
The problem seems to be worst than ever. EVERY single release you can find of Daemon-Tools Pro is infected, most Nero releases are infected, and it's always the same (or some variant) virus called Vundo (or virtumonde or something). That mean there is a single guy who upload true cracked software, infected with his virus, multiple times per hour under different nicknames. He already infected like 6 persons I know of, so a bell is ringing in my head, something is wrong with that guy and nobody do nothing about it. I don't know what the virus eventually do on the infected computer, but I know it's a bitch to take out. NOD32 can't fix it, and most other anti-virus/anti-spyware simply remove half of it.
Another thing (probably not the same guy) are the fake movies who ask to download a fake trojan codec to play them (Dom-X player/ 3x player). This is a bit rarer, but still there.
I know you should look for torrent comments/quality before grabbing them, and it was possible before, but now it's more than half of the release who are infected. My goal is simply to find the one guy/society/company behind this and what are THEIR goals.
|
|
| Back to top |
|
|
nouseforaname
Über-VIP Member
Posts: 21306
Location: Toronto, Canada
|
|
| Back to top |
|
|
|
|
| Posted: Fri, 12th Sep 2008 21:21 Post subject: |
|
|
I got infected with that Virtumondo crap, too. My second infection ever. My first was one of the common varieties of Jerusalem, back in the DOS days.
Kaspersky totally destroyed it by the way.
|
|
| Back to top |
|
|
Hierofan
Banned
Posts: 3807
Location: Internets
|
| Posted: Fri, 12th Sep 2008 21:28 Post subject: |
|
|
i had both versions of virtumundo and found small apps that instantly killed it
it usually maked some dll's with funny names like : asdYUAQ.dll , can delete them manually from Safe Mode , i suggest using msconfig and deactevating everything that's not windows related , cause you'll find one or more entries of dll's that are being used @ startup from vundo .
seeing as the threat aint that complex to run in safemode it'll be deletable from there .
here are the things i used (just google them if you need them , they work 100% )
FixVundo.exe
VirtumundoBeGone.exe
VundoFix.exe
|
|
| Back to top |
|
|
Dunge
Posts: 1201
Location: Québec
|
| Posted: Fri, 12th Sep 2008 21:37 Post subject: |
|
|
Yeah well VundoFix wasn't doing anything for me, it was for very old variants. I managed to get it out of my computer using OneCare and MalwareBytes together. Anyway, I think what I got yesterday on my friend computer while trying to get Nero isn't even Vundo, but it was reacting the same way (creating random named .dll files in system32).
Anyway, I was not asking for ways to get rid of the virus, but more a way to get rid of the virus uploader..
|
|
| Back to top |
|
|
|
|
| Posted: Fri, 12th Sep 2008 21:47 Post subject: |
|
|
case of nero , download the trial from their official site and use a serial which are easy to find.
|
|
| Back to top |
|
|
|
|
| Posted: Fri, 12th Sep 2008 21:57 Post subject: |
|
|
I use to use public torrents all the time I still do for comic books. I never once got infected by anything. I always examine the file type and size before opening anything. I also only get things that were released by groups that I trust and even then I read and examine the .nfo because fakes or viruses often make errors in their fake .nfo
|
|
| Back to top |
|
|
|
|
| Posted: Fri, 12th Sep 2008 22:21 Post subject: |
|
|
Well the mpaa have been known to hire people to flood torrent sites with fakes of new movie releases and set-up honey-pots to gather evidence so spreading viruses through torrents is not that big a step from there.
|
|
| Back to top |
|
|
|
|
| Posted: Fri, 12th Sep 2008 23:11 Post subject: |
|
|
d-tools pro is useless and nero suxx anyway
use free d-tools and get imgburn from official sources
|
|
| Back to top |
|
|
Cohen
Posts: 7155
Location: Rapture
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 13th Sep 2008 12:07 Post subject: |
|
|
 good one...
btw I'm not using torrents since I find the beautifull world of rapidshare 
"Quantum mechanics is actually, contrary to it's reputation, unbeliveably simple, once you take the physics out."
Scott Aaronson | chiv wrote: | | thats true you know. newton didnt discover gravity. the apple told him about it, and then he killed it. the core was never found. |
|
|
| Back to top |
|
|
Karmeck
Posts: 3350
Location: Sweden
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
Lutzifer
Modzilla
Posts: 12740
Location: ____________________ **** vegan zombie **** GRRAAIIINNSS _______
|
| Posted: Sat, 13th Sep 2008 18:35 Post subject: |
|
|
with the other p2p proggies at least you got pron instead of what you wanted. Virii are much worse in that regard, even compared to the more visceral gay porn one could encounter on the never-ending quest for teh warez 
|
|
| Back to top |
|
|
| Page 1 of 1 |
All times are GMT + 1 Hour |
