Page 1 of 1

ntload32.dll

Posted: 2006-07-15 02:41pm
by Jason von Evil
AntiVir keeps popping up and saying that ntload32.dll is really a trojan called TR/Dldr.Agent.SO.1. I've moved them to quartine and denied them access repeatedly, but it keeps popping up.

So is this really a trojan or is AntiVir just crazy?

Edit: Yes, it is a trojan/spyware. Fuck.

Posted: 2006-07-15 02:50pm
by Einhander Sn0m4n
It's called 'Virtumondo'. Did you install something recently?

Posted: 2006-07-15 02:55pm
by Jason von Evil
Only the flock browser, but I seriously doubt that would've been it.

Posted: 2006-07-15 04:49pm
by Jason von Evil
Anyone know how to remove this thing? Neither AntiVir or Hijack This have succeeded.

Posted: 2006-07-15 06:01pm
by RedImperator
Jason von Evil wrote:Anyone know how to remove this thing? Neither AntiVir or Hijack This have succeeded.
Throw the computer away and replace it with a Mac.

Posted: 2006-07-15 06:57pm
by Jason von Evil
RedImperator wrote:
Jason von Evil wrote:Anyone know how to remove this thing? Neither AntiVir or Hijack This have succeeded.
Throw the computer away and replace it with a Mac.
I plan to, eventually.

Now I really do need help on this. This thing just caused a BSOD (not *the* BSOD, but a BSOD).

Posted: 2006-07-15 10:31pm
by Glocksman
RedImperator wrote:
Jason von Evil wrote:Anyone know how to remove this thing? Neither AntiVir or Hijack This have succeeded.
Throw the computer away and replace it with a Mac.
And when enough people do this, the Mac loses its 'security through obscurity' and the malware writers will move to it en masse. :P

As for an AV program, once you clear this off, I recommend and use NOD32 from eset because it's both effective and minimally intrusive on your system.
In that link Einy posted this guy managed to get if off after a somewhat trying ordeal.

Posted: 2006-07-15 10:35pm
by Datana
Restart in Safe Mode and try to remove it from there (make sure to manually delete it after removing the Registry entry with HJT). You will not be successful in any removal attempts from normal Windows.

Posted: 2006-07-16 12:50am
by Netko
Glocksman wrote:
RedImperator wrote:
Jason von Evil wrote:Anyone know how to remove this thing? Neither AntiVir or Hijack This have succeeded.
Throw the computer away and replace it with a Mac.
And when enough people do this, the Mac loses its 'security through obscurity' and the malware writers will move to it en masse. :P

As for an AV program, once you clear this off, I recommend and use NOD32 from eset because it's both effective and minimally intrusive on your system.
In that link Einy posted this guy managed to get if off after a somewhat trying ordeal.
I personally recomend AVG Free. It's free (duh) and pretty good, with all the features you could want and I've yet to run into something that I would find annoying.

Posted: 2006-07-16 01:02am
by Jason von Evil
Oh yeah,

IT

IS

FIXED!

Praise Jebus! :D

Edit: Unfortunately, Avant is still plagued by popups that won't stop, well popping up. =\

Posted: 2006-07-16 01:12am
by RedImperator
Glocksman wrote:
RedImperator wrote:
Jason von Evil wrote:Anyone know how to remove this thing? Neither AntiVir or Hijack This have succeeded.
Throw the computer away and replace it with a Mac.
And when enough people do this, the Mac loses its 'security through obscurity' and the malware writers will move to it en masse. :P
And they can have a fine time banging their head against an OS that doesn't spread its legs like a $3 whore for every cracker and every line of malicious code that comes along.

Posted: 2006-07-16 01:15am
by Jason von Evil
RedImperator wrote: And they can have a fine time banging their head against an OS that doesn't spread its legs like a $3 whore for every cracker and every line of malicious code that comes along.
Quick, someone get John Hodgeman in here! :P

Posted: 2006-07-16 01:20am
by Netko
RedImperator wrote:
Glocksman wrote:
RedImperator wrote: Throw the computer away and replace it with a Mac.
And when enough people do this, the Mac loses its 'security through obscurity' and the malware writers will move to it en masse. :P
And they can have a fine time banging their head against an OS that doesn't spread its legs like a $3 whore for every cracker and every line of malicious code that comes along.
You mean Windows since SP2?

Posted: 2006-07-16 03:56am
by Glocksman
RedImperator wrote:
Glocksman wrote:
RedImperator wrote: Throw the computer away and replace it with a Mac.
And when enough people do this, the Mac loses its 'security through obscurity' and the malware writers will move to it en masse. :P
And they can have a fine time banging their head against an OS that doesn't spread its legs like a $3 whore for every cracker and every line of malicious code that comes along.
While it's not as open as Windows is, Mac OS X is neither hacker nor virus proof and you are deluding yourself if you think it is.

Linka, as Shep would say
Many Mac users have been somewhat smug about the existence of virii for the Mac, but French anti-virus vendor Sophos says it is very real. "Some owners of Mac computers have held the belief that Mac OS X is incapable of harboring computer viruses, but Leap-A will leave them shellshocked, as it shows that the malware threat on Mac OS X is real," said Graham Cluley, senior technology consultant for Sophos. "Mac users shouldn't think it's okay to lie back and not worry about viruses."
Linka the second
A researcher published details and proof-of-concept code on Tuesday for a critical security flaw in Mac OS X that could allow a malicious Web site to automatically install code on Apple's flagship computers running in their default configuration.

The flaw, found by German researcher Michael Lehn, occurs in how the Mac OS X processes file-association meta data for ZIP files. A malicious Web site could use the flaw to run a program automatically on a visitor's Mac with the context of the user.

Apple's Mac OS X has become the focus of flaw finders and worm writers over the past month. In the last week, virus writers cobbled together two worms that attack Mac OS X and attempt to spread, one through the iChat instant messaging application and the other through Bluetooth connections. Both worms had programming issues and did not spread very successfully.

The latest exploit has not yet been confirmed in the wild, but it is trivial to reproduce, according to several analyses. An attack could be stopped by disabling the "Open safe files after downloading" option in Safari, according to the analyses.

A properly configured, patched, and AV'd Mac system is more secure than the average WinXP system, but they are by no means immune to threats and anyone who believes otherwise has seen too many of those insipid and inaccurate 'PC Guy' Apple commercials. :P

Frankly the biggest security hole for both OS'es is the person manning the keyboard, as the average user will click 'OK' on just about any popup that mimics a system dialogue box or spam email message offering a 'fix' for a nonexistent problem.

Posted: 2006-07-16 04:12am
by phongn
MacNN wrote:...the existence of virii...
ARRRG.

Posted: 2006-07-16 04:15am
by Glocksman
phongn wrote:
MacNN wrote:...the existence of virii...
ARRRG.
Perhaps you prefer 'viruses'? :D

Posted: 2006-07-16 04:35am
by RedImperator
Glocksman wrote:
RedImperator wrote:
Glocksman wrote: And when enough people do this, the Mac loses its 'security through obscurity' and the malware writers will move to it en masse. :P
And they can have a fine time banging their head against an OS that doesn't spread its legs like a $3 whore for every cracker and every line of malicious code that comes along.
While it's not as open as Windows is, Mac OS X is neither hacker nor virus proof and you are deluding yourself if you think it is.
You'll kindly point out where I said that. Of course no OS is immune to malware--if it's written by humans, there will be holes someone can exploit. The point is that Mac OS (and Linux, for that matter) is much more secure. Windows doesn't even take the basic step of asking the user for a password to install potentially harmful software. And there is the matter of the Mac's limited market share, which does limit the pool of victims for malware writers and isn't likely to surpass Windows unless Microsoft completely implodes (that feels like an odd thing to brag about, but 4% of the US market is still a fuckload of computers, and as long as the company is not in danger of going away I'm satisfied).
Frankly the biggest security hole for both OS'es is the person manning the keyboard, as the average user will click 'OK' on just about any popup that mimics a system dialogue box or spam email message offering a 'fix' for a nonexistent problem.
Yes, much of the malware problem can be laid directly at the feet of bimbo secretaries opening every e-mail attachment they get and 13 year olds looking for porn accidentally installing 17 different kinds of spyware. Even a password prompt before installation won't do shit if the user just types it in without wondering what it might be.

As an aside, I'm deeply amused when I get those imitation WinXP dialog boxes from time to time with grave warnings about the state of my Windows Registry that fortunately can be fixed if only I press "OK". Someone should teach those websites how to tell the difference between a Winblows box and a Mac, so at least the fake dialog box looks like it's from the same aesthetic universe as the operating system I'm using.

Posted: 2006-07-16 04:46am
by Glocksman
Well, 'banging their heads' implies that the effort would be a waste of time, and as those two (and a lot of other stories as well) stories point out, it's not, it's just harder than on the average XP system.

When I play around with various flavors of linux and surf the web, the XP style popup boxes are funny to see in Konqueror running under SuSE 10.

They're also a source of income as I charge my coworkers $30 to back up their data and reinstall the OS. :D

Added:
I don't want to turn this into a crapfest over which OS is best, as my intention was to simply point out that using OS X absent good AV software and exercising what Ars Technica calls 'skeptical computing' isn't much more secure than running a XP system under the same conditions, once OS X reaches 'critical mass' so to speak in terms of marketshare making it worth the while of the virus and malware writers.

In other words, trusting OS X alone to protect you from all of the nasties isn't very wise.

Posted: 2006-07-16 04:52am
by Spanky The Dolphin
Glocksman wrote:
phongn wrote:
MacNN wrote:...the existence of virii...
ARRRG.
Perhaps you prefer 'viruses'? :D
Why not, since that's the correct form? :P

Posted: 2006-07-16 05:12am
by RedImperator
Glocksman wrote:Well, 'banging their heads' implies that the effort would be a waste of time, and as those two (and a lot of other stories as well) stories point out, it's not, it's just harder than on the average XP system.
Well, yes, I was probably overstating the case there.
When I play around with various flavors of linux and surf the web, the XP style popup boxes are funny to see in Konqueror running under SuSE 10.
Even when I used XP, I never used the default theme because looking at it is like taking a cheese grater to my eyes. I have a hard time imagining those things fooling anybody, but I've been using computers since I was about six years old.
They're also a source of income as I charge my coworkers $30 to back up their data and reinstall the OS. :D
Never met a skinny vulture. :D
Added:
I don't want to turn this into a crapfest over which OS is best, as my intention was to simply point out that using OS X absent good AV software and exercising what Ars Technica calls 'skeptical computing' isn't much more secure than running a XP system under the same conditions, once OS X reaches 'critical mass' so to speak in terms of marketshare making it worth the while of the virus and malware writers.

In other words, trusting OS X alone to protect you from all of the nasties isn't very wise.
On any subject about which people start violent pissing matches that are never settled to anyone's satisfaction, it's a pretty sure bet most of the percieved disparities come down to personal taste. For me, part of it is that this iBook is the best computer I've ever owned--it runs better, it's built better, and it even looks better than all my Winblows boxes. And I admit to carrying a grudge against Microsoft. I have a simple policy as a consumer: you get to sell me crap once, and then I take my money elsewhere, and Microsoft has sold me a lot of crap over the years.