Trojan True Internet Hi Speed

[piiguy]

I have been having lots of problem with my computer lately and did a scan with Kapersky anti virus tool ( I have AVG on my computer) I found about 20 trojans. I have a problem

with my navigator connection at times - at present I cannot disable my Broadcom connection. So I uninstalled my True connection and before I reinstalled it I scanned the

disc that True gave me when I signed up. Kapersky tells me that there is a Trojan.Win32.Vilsel.tkj on the disc, Trend Micro House Call says it has a Trojan.generic and

ASquaredfree says I have Trojan.BackdoorWin32.hupigon.ws.

Can anyone tell me what is going on here? Is True giving out discs that have a trojan intstalled?

[opalhort]

Yes, there was a time a few years ago where TRUE gave out CDs which had a Trojan, but I think this is no longer the case unless they gave you an old disk.

opalhort

[Phil Conners]

Why do you need an installation disk from an ISP? What's there to install?

[welo]

Might be a false alarm. Upload the infected file on the CD to virustotal.com. It will check the file against 40 antivirus engines.

However, 3 major antivirus engines reporting an infection should not be taken lightly!

Kaspersky doesn't provide a detailed description of Trojan.Win32.Vilsel.tkj other than it was reported on 19 Feb 2010.

Since your PC was heavily infected I wouldn't rely on a single antivirus software alone (here: Kaspersky) to clean your PC. Others would even recommend a reinstall.

Get Malwarebytes Anti-Malware, Hitman Pro, and one of the free on-demand scanners (e.g. ESET NOD32 which is available as a downloadable version).

Malwarebytes is an often-recommended scanner with a very complete malware database.

Hitman Pro is very fast and uses a slightly different approach for scanning (upload to a PC cloud)

NOD32 has good detection rates and is available as a convenient install version that can be updated and re-run, however, it only allows full system scans.

If you don't have a full version of Kaspersky installed I recommend Avira Antivirus, which includes real-time protection even in the free version and has one of the best overall detection rates.

Forget about AVG! If you haven't removed it yet I recommend to do so, but AFTER running full-scans with Malwarebytes, Hitman Pro, and Eset. Then install Avira (or another respectable antivirus solution) - uninstalling AVG might cause issues on infected PCs.

Don't be lazy. You might run into more troubles.

welo

[siamect]

Might be a false alarm. Upload the infected file on the CD to virustotal.com. It will check the file against 40 antivirus engines.

However, 3 major antivirus engines reporting an infection should not be taken lightly!

Kaspersky doesn't provide a detailed description of Trojan.Win32.Vilsel.tkj other than it was reported on 19 Feb 2010.

Since your PC was heavily infected I wouldn't rely on a single antivirus software alone (here: Kaspersky) to clean your PC. Others would even recommend a reinstall.

Get Malwarebytes Anti-Malware, Hitman Pro, and one of the free on-demand scanners (e.g. ESET NOD32 which is available as a downloadable version).

Malwarebytes is an often-recommended scanner with a very complete malware database.

Hitman Pro is very fast and uses a slightly different approach for scanning (upload to a PC cloud)

NOD32 has good detection rates and is available as a convenient install version that can be updated and re-run, however, it only allows full system scans.

If you don't have a full version of Kaspersky installed I recommend Avira Antivirus, which includes real-time protection even in the free version and has one of the best overall detection rates.

Forget about AVG! If you haven't removed it yet I recommend to do so, but AFTER running full-scans with Malwarebytes, Hitman Pro, and Eset. Then install Avira (or another respectable antivirus solution) - uninstalling AVG might cause issues on infected PCs.

Don't be lazy. You might run into more troubles.

welo

With all respect to your and other peoples knowledge....but

I wonder why people are so sure about what anti-malware programs are good/bad etc... The plain truth is that we have no clue!

I have seen computers with NOD32 being completely soaked in viruses and I have seen others being functionally fine. I have used AVG and Sophos for a number of years and I have never had a problem with AVG but Sophos has failed to stop massive infection twice since 2002 in the place I work, and that is only what we know... Still i think Sophos is the better of them... And don't know why!

I cannot say my (Windows) computers has been free from viruses or other malware. I just know that the thing works as expected, that there are to my knowledge no strange network communication if I use common tools to find out. .And that performance is predictable, memory is used in a decent way and so on. Nothing in the "run keys" in system registry...

But that means basically nothing... How do I know? I don't, and neither do you or anybody else!

After all these years I have never met anyone who can support their choice of anti-malware software with any relevant motivation. For ex Kaspersky was successful in some test and sailed ups the number one.Others look at the user interface and think that nice colors mean it is good.

Most opinions comes from someone who has seen an obvious case of an infected computer and just because of that, they ditch that anti virus program that was installed but maybe not maintained properly.

They fail to see that a computer that works well and causes not obvious problems for the user can still be infected and infect other computer every day...

The only sane advice to give to people if they want to minimize the unknown or unwanted stuff in their computers is: " Don't use any proprietary OS or other proprietary software". At least then you have sources that are free for the public to review... If you still think it is good idea to run proprietary software then try to minimize it to what you really need. Every line of unknown code is a risk. the less you have of it the better.

I read in this forum a lot of recommendations like "download this", "install that" from people who has absolutely no clue what the software they recommend are really doing...It's not that these people are stupid, it' just that with proprietary software, there is no way to find out!

Be careful!

Martin

Edited June 15, 2010 by siamect

[selftaopath]

Might be a false alarm. Upload the infected file on the CD to virustotal.com. It will check the file against 40 antivirus engines.

However, 3 major antivirus engines reporting an infection should not be taken lightly!

Kaspersky doesn't provide a detailed description of Trojan.Win32.Vilsel.tkj other than it was reported on 19 Feb 2010.

Since your PC was heavily infected I wouldn't rely on a single antivirus software alone (here: Kaspersky) to clean your PC. Others would even recommend a reinstall.

Get Malwarebytes Anti-Malware, Hitman Pro, and one of the free on-demand scanners (e.g. ESET NOD32 which is available as a downloadable version).

Malwarebytes is an often-recommended scanner with a very complete malware database.

Hitman Pro is very fast and uses a slightly different approach for scanning (upload to a PC cloud)

NOD32 has good detection rates and is available as a convenient install version that can be updated and re-run, however, it only allows full system scans.

If you don't have a full version of Kaspersky installed I recommend Avira Antivirus, which includes real-time protection even in the free version and has one of the best overall detection rates.

Forget about AVG! If you haven't removed it yet I recommend to do so, but AFTER running full-scans with Malwarebytes, Hitman Pro, and Eset. Then install Avira (or another respectable antivirus solution) - uninstalling AVG might cause issues on infected PCs.

Don't be lazy. You might run into more troubles.

welo

Thank you for your post. I have been using AVG for many years, and always felt confident in their product. After reading your post I scanned my PC using ESET NOD 32. It found and eliminated 115 threats. Yes 115 while I've had AVG running full time and updated automatically. WOW. Honestly I'm still reluctant to remove AVG. I will - hopefully find- and run the other programs you suggest. This virus battle seems to never end.

Sincerely thank you and others who share experience with us less knowledgeable.

Keoki

[siamect]

Since your PC was heavily infected I wouldn't rely on a single antivirus software alone (here: Kaspersky) to clean your PC. Others would even recommend a reinstall.

welo

Thank you for your post. I have been using AVG for many years, and always felt confident in their product. After reading your post I scanned my PC using ESET NOD 32. It found and eliminated 115 threats. Yes 115 while I've had AVG running full time and updated automatically. WOW. Honestly I'm still reluctant to remove AVG. I will - hopefully find- and run the other programs you suggest. This virus battle seems to never end.

Sincerely thank you and others who share experience with us less knowledgeable.

Keoki

This adds substance to my thinking that a computer that works fine can be as heavily infected as one that shows all signs of bad health.

Maybe if you had used NOD32 for a long time and then scanned with AVG it would be another 115... and maybe Kaspersky would give you another all time high...

I think Welo's advice not to rely on just one product is the most intelligent advice in this thread by now. Having said that, I will just warn people not to install several anti-virus program at the same time. At least the on-access scanners tend to conflict...

Martin

Edited June 16, 2010 by siamect

[welo]

Siamect, I agree with much of what you said, but I'm afraid you've got the wrong guy! I guess your critique wasn't necessarily meant to address me in particular, but nevertheless you answered in response to my post. So without getting too pissed and feeling personally attacked, I want to set a view things straight

After all these years I have never met anyone who can support their choice of anti-malware software with any relevant motivation. For ex Kaspersky was successful in some test and sailed ups the number one.Others look at the user interface and think that nice colors mean it is good.

I my posts on this forum I repeatedly stated two things:

1. There is no 'THE ONE' best antivirus solution

2. No antivirus solution catches 100% of malware

My opinion is mostly based on the test results of av-comparatives.org. And while I can't be sure that the test setup there isn't rigged or otherwise manipulated or 'influenced', this test lab seems to apply professional methods and appears to me as a valid basis for a recommendation.

The published test results contain information about the test procedure, how they should/could be interpreted and in what ways they are limited or prone to misinterpretation.

This is what I wrote to someone on the board in a PM just a view hours before your post.

Antivirus software has detection rates of 98% and up, but only for KNOWN MALWARE. That is malware that has been reported to the antivirus labs as such and then be added to virus definition database.

Attackers release new malware every day, and your PC might be vulnerable to those for the time period until the signature of this specific malware is added to the database.

All respectable antivirus solutions include measurements that fight such 'unknown' malware, but don't come anywhere close to the 98% detection rates mentioned for 'known' malware. Rates are maybe at 50%ish.

And while browsing only respectable websites will protect you from most of the attacks, you might still come across a website one day that has been hacked and unknowingly distributes malware.

Your antivirus sofware should pick up the intruder after a few hours or days, when the malware has been added to the database. This is why you should still run a weekly system-scan even if your AV shield/guard is running all the time.

In the case of an infection it is a good thing to gather information about that specific malware to evaluate the potential damage it might have done. In most cases it will be rather harmless and not pose a thread to internet banking and such.

I also recommend to get one or two additional antivirus scanners that can run as on-demand scanners (meaning not as a pro-active shield/guard process that runs all the time and might conflict with your main AV software).

The easiest to handle is ESET NOD32 free scanner. http://download.eset.com/special/eos/esetsmartinstaller_enu.exe It only allows for full system scans, but this is enough as a second scanner.

Malwarebytes Anti-malware is a well-respected malware scanner, also 'on-demand'.

Third choice is Hitman Pro which uses a different technique and allows for very fast system scans.

Since none of these three solutions run permanently they will not slow down your system at all when not in use.

Avira has one of the best detection rates (both for known and unknown malware) but is a bit tricky to setup without shield/guard. I use it as my primary AV. But I don't necessarily recommend changing from Avast, since there is no 'THE BEST' antivirus solution IMHO and most of the well known AV programs are comparable (with the exception of AVG!)

I also posted a fairly long comment in December 2009 comparing three tests/reviews related to some popular anti-virus choices on the TV board.

A word on AVG

I discourage its use since its reputation as the best free antivirus solution are long over, and I've seen several tests where detection rates are below average (for a start check out av-comparatives). I assume that AVG's effectiveness further suffers from exactly this popularity which makes it a favorable target for malware - this is the opposite of 'security through obscurity', and why Windows and Internet Explorer are more often the target of attacks then other browsing platforms.

Other solutions that repeatedly show up in the bottom range (on av-comparatives) are: Sophos, Norman, Trend Micro, Kingsoft.

Disclaimer

The test results published on av-comparatives.org do have limitations, the major one I've spotted so far is that they don't include techniques like behavioral blocking, therefore probably underrating some tools in the pro-active tests.

Futhermore, the choice of malware samples will influence the outcome, this is where some regional tendency might come into play (Avira is German-based, av-comparatives is Austrian-based). I haven't found any obvious criticism of av-comparatives on the net yet, but it is often cited as respectable lab/source (together with av-test.org that didn't publish test results when I last checked)

I am no security expert, and I know there are much more knowledgeable people in this field, maybe some even on this forum. I will appreciate and encourage any substantiated criticism to my statements posted here. The reason I keep posting is that I don't see many well-informed posts on this topic and I really believe that I can help people obtaining a better level of knowledge than they had before.

peace

[siamect]

Siamect, I agree with much of what you said, but I'm afraid you've got the wrong guy! I guess your critique wasn't necessarily meant to address me in particular, but nevertheless you answered in response to my post. So without getting too pissed and feeling personally attacked, I want to set a view things straight

peace

Yes you are right it was not for you in particular, it just happened to be a reply to you this time.

You don't need to be pissed or feel bad about me writing junk... after all, I'm just another of those old wise-guys who still think I know better than the rest... well sort of...

I guess by now, you and other people already know that I'm heavily biased towards free software and I will always take the chance to express that... sometimes it doesn't fit in at all...

I respect your opinions very much because you are usually giving valid motivations to what you write and it is obvious you have a huge load of experience that you very generously share with other people. That is highly appreciated not only by me but I guess most people here.

I'm also very happy that you quoted this text "but only for KNOWN MALWARE" once again... In may opinion this is really important because I think that most threats are "unknown"... I don't really have a strong motivation for my opinion here except I have seen fully functional computers being found highly infected with no other symptoms than occasional traffic to some suspicions server somewhere.

So let's continue the interesting discussions in this and other forums. I will probably continue to write stuff that pisses people off from time to time... I may be a geek and that's what geeks do.

Please don't take it too seriously...

Martin

Edited June 17, 2010 by siamect

[welo]

Apology accepted - wasn't really that outraged anyway

I agree with you that some users let themselves lure into a false sense of security when anti-virus software is installed.

However, I wonder how well funded all the talking about increased security through Open Source really is. I agree that it is less likely that a developer DELIBERATELY includes malicious code into an Open Source software, but this is not really the scenario that affects the every day user.

The standard 'procedure' of virus/malware attacks is to exploit a program error (aka vulnerability) to infect a system. These program errors were not added by the programmer deliberately, but just happen because software development is a complex process and error-prone.

Those errors can be reduced by skill, focused work, and foremost establishing a quality management process and dedicating enough time and resources to it.

Looking at these aspects of software quality, I agree that Open Source has some advantages, namely that review by externals is possible and encouraged, however, just because it is Open Source doesn't make it better quality software. A software security audit process is a time-consuming task, and just because the source code is available doesn't mean that people actually DO review it. Many Open Source projects lack 'funding' (in terms of not only money but resources aka time and man-power). Of course the same applies to closed-source projects (commercial or not) as well.

I agree that successful Open Source projects (often those backed by one or more commercial companies) DO provide a better environment to ensure software quality.

welo