Trojan.peacomm

2007-01-22 12:16:13

#1

justice: OctoPoster; +978|6742|OctoLand

http://news.bbc.co.uk/1/hi/technology/6278079.stm

"As of January 19, 2007, Symantec Security Response is advising users to be cautious of any unsolicited email which contains attachments that claim to be legitimate or interesting, due to a recent trojan horse named Trojan.Peacomm. The Trojan horse arrives as an attachment to an email purporting to contain a video of one of several different recent news stories. The attachment may be one of the following: FullVideo.exe, FullStory.exe, Video.exe, ReadMore.exe, FullClip.exe.

The attachment is actually a trojan horse that will install itself on the system and download other malicious programs from various computers on the Internet. The attachment and the trojan horse it contains will be detected as Trojan.Peacomm. Other malicious programs that are commonly downloaded by this threat include Trojan.Abwiz.F and W32.Mixor.Q@mm.

Once installed and running, this threat attempts to establish communication with other infected systems on the Internet via a custom peer-to-peer network. This network is used as the distribution source from which the other malicious programs are downloaded.

Symantec Security Response has analyzed the threat and has provided protection for it via LiveUpdate and Intelligent Updater. The latest antivirus (AV) definitions will detect all known variants of the Trojan.Peacomm trojan horse."

Norton just picked this up and it doesn't know how to fix it, I opened no e-mail or anything and it is still saying it is spreading on my PC, thousands of people are getting this virus since the storm in Europe, I need suggestions and fast! I need to do something becuase Norton is doing fuk all!

What should I do!?

Last edited by justice (2007-01-22 12:18:20)

I know fucking karate

2007-01-22 12:18:14

#2

naightknifar: Served and Out; +642|6562|Southampton, UK

Get AVG

2007-01-22 12:20:03

#3

Varegg: Support fanatic :-); +2,206|6811|Nårvei

This is why i only read my email on the internet and never opens anything from people i don`t know and seldom if i know them !

Google it every day until you find a solution, update you virus program !

Last edited by Varegg (2007-01-22 12:20:57)

Wait behind the line ..............................................................

2007-01-22 12:22:35

#4

Executiator: Member; +69|6422

if you're stupid enough to think a video file with .exe on it is actually a video, then you deserve to get a virus.

On a serious note, thanks for the heads-up. Spread the word.

you will probably have to wait until norton comes out with a patch to contain or destory the virus, or find another means of destroying it. Other wise, do what above poster said and google it every day.

Sorry cant help more

Last edited by Executiator (2007-01-22 12:25:08)

2007-01-22 16:55:20

#5

UON: Junglist Massive; +223|6654

If it can get in without you doing anything (unlikely) then there should be a custom removal tool published by the AV companies, and critical patches from Microsoft. Go down this route first.

But if that doesn't work, you can always go down the manual route. Here's how I'd kill a virus which had knocked out the AV:

1 Get the latest AV patches as the .exe or offline installation. Then pull then network cable. If you need to look up system process names, pull the cable at stage 4. Most virus allow hackers to remote control PC's, so there is always the chance that your actions can be undone as fast as you can do them whilst connected to a network/internet.
2 The virus may have disabled various tools such as taskmanager, regedit and command prompt. If so then copy and rename the exes (eg C:\windows\system32\taskmgr.exe -> c:\tsk.exe, etc.). Most of the virus close the program when they see a specific exe name running, so that one should beat the blocks.
3 Use the various process identification websites and check each process one by one, if you don't know every single process which should be running (you will after a while). Make sure you tick processes from all users. Although viruses could replace the system exe files, most want to leave everything as crisp as possible, so as to be reliable. Nothing worse than a virus which doesn't give you full control. Besides Windows should pick up the files are modified and nuke them automatically (to stop people cracking activation etc.)
4 When you identify the processes you will need to kill them in very rapid succession, as each will undoubtedly start up the ones you kill again. Think pushing bubbles out of a plastic sheet. You might need to look at grabbing the "kill" command line utility if you can't do it fast enough from taskmanager.
5 Remove all the startup links to the exe's. Regedit HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run*. If you don't know what something is kill it. If it's something you wanted then you can reinstall later. If it's really lame it might put something in the startup folder on the start menu, so check just in case.
6 Reinstall offline update the antivirus, and hopefully when it goes to reboot the system after the installation, the virus won't be able to instantly knock it out before it can start. Run full scan to clean up all the viral exes. If nothing get detected after updates find the viral exe's by sorting your system folder by date (virus will usually be newest) and send them to the AV company.

Anything the AV can do, you can do better with a little practice...

Last edited by UON (2007-01-22 16:56:26)

2007-01-22 16:57:27

#6

Bertster7: Confused Pothead; +1,101|6582|SE London

OMG! A virus! Panic! Blow up all computers and send the army on a war against hackers and malware coders!

That's how the US seems to deal with other insignificant threats.

2007-01-22 16:58:26

#7

Cheez: Herman is a warmaphrodite; +1,027|6440|King Of The Islands

Who the fuck opens attachments without using their brain?

Oooh! I got a mysterious email in my spam, oh wow an exe! Those things are more than likely a game or other clean application. I must get!

*CA-LICK*

My state was founded by Batman. Your opinion is invalid.

2007-01-22 17:00:01

#8

Ryan: Member; +1,230|6844|Alberta, Canada

Knightnifer wrote:
Get AVG

Haha yeah.

Man, people are smart, viruses are getting more and more complex each day.

2007-01-22 17:10:21

#9

Havok: Nymphomaniac Treatment Specialist; +302|6676|Florida, United States

Bertster7 wrote:
OMG! A virus! Panic! Blow up all computers and send the army on a war against hackers and malware coders!

That's how the US seems to deal with other insignificant threats.

How the hell does a warning thread about a computer virus end up on an Anti-US topic? Please don't derail this and because you're British, please stick to your own country's affairs 'till our country interferes with yours, which they haven't.

2007-01-22 17:15:41

#10

commandochristian: Honda - The Power of Dreams; +293|6414|Michigan, USA

Yay for Norton on my computer: earlier today it was like "Your computer is protected against a new rapidly spreading threat," clicked for more details and it told me it was the Trojan.Peacomm virus... gotta love it when AV programs work! However, sorry to hear that your Norton didn't protect you in time.... which one do you have? I have Norton Internet Security 2006, which came with Norton's antivirus, personal firewall, antispam, privacy control, and parental control (he he glad it's my computer so that last one is pointless for me)... my suggestion is to go to Norton's producer's site aka Symantec and read what they have to say about: Symantec on Trojan.Peacomm virus

2007-01-22 17:17:17

#11

d4rkst4r: biggie smalls; +72|6454|Ontario, Canada

reformat ur comp

"you know life is what we make it, and a chance is like a picture, it'd be nice if you just take it"

2007-01-22 17:19:47

#12

sithao: Member; +63|6627|Los Angeles, California

forget about Symantec and go with NOD32

2007-01-22 17:22:46

#13

l41e: Member; +677|6649

Bertster7 wrote:
OMG! A virus! Panic! Blow up all computers and send the army on a war against hackers and malware coders!

That's how the US seems to deal with other insignificant threats.

Complete irrelevance much?

2007-01-22 17:24:46

#14

theit57: I am THE Frodo Baggins.; +124|6400|6 feet under

really bro.

WHO THE HELL OPENS E-MAILS/ATTACHMENTS/ANYTHING ELSE FROM SOMEONE THAT THEY DON'T KNOW!!!!

COME ON BRO, USE THAT THING INBETWEEN YOU EARS AND BEHIND YOUR EYES!!!! ALSO WHILE YOUR AT IT YOU MIGHT WANT TO PRACTICE SOME COMMON SENSE.

2007-01-22 17:25:29

#15

DesertFox-: The very model of a modern major general; +794|6686|United States of America

Bertster7 wrote:
OMG! A virus! Panic! Blow up all computers and send the army on a war against hackers and malware coders!

That's how the US seems to deal with other insignificant threats.

Help your countryman, scumbag!

Last edited by DesertFox423 (2007-01-22 17:26:52)

2007-01-22 17:25:58

#16

theit57: I am THE Frodo Baggins.; +124|6400|6 feet under

sithao wrote:
forget about Symantec and go with NOD32

amen

2007-01-22 17:31:05

#17

Ryan86th: Member; +14|6503|Ohio

Bertster7 wrote:
OMG! A virus! Panic! Blow up all computers and send the army on a war against hackers and malware coders!

That's how the US seems to deal with other insignificant threats.

Pretty sure he's from Great Britain, considering the link, his sig has a British flag, and he mentions Europe once or twice.

Clue me in how this fits in with the US

2007-01-22 17:32:34

#18

Bertster7: Confused Pothead; +1,101|6582|SE London

Havok wrote:
Bertster7 wrote:
OMG! A virus! Panic! Blow up all computers and send the army on a war against hackers and malware coders!

That's how the US seems to deal with other insignificant threats.
How the hell does a warning thread about a computer virus end up on an Anti-US topic? Please don't derail this and because you're British, please stick to your own country's affairs 'till our country interferes with yours, which they haven't.

I was pointing out the subtle similarities between the over reaction to these minor virus warnings, which at worst pose a risk of a slight inconvenience, to the very similar situation with the media frenzy over terrorism. These things pose such minor, insignificant dangers that really no one should care. Be aware and take steps to prevent it, but don't panic about it all.

Irony is totally lost on some people.

2007-01-22 17:43:12

#19

wooly-back-jack: Jihaaaaaad!!!; +84|6741|England

Knightnifer wrote:
Get AVG

and the worst advice ever award goes to......

AVG is crud, It is worse than Norton for being useless. Only thing thats good about it is its free, whats so good about that if it doesnt do its job?

http://housecall65.trendmicro.com/ <---- free online scan, you AVGers do it aswell, you will be surprised.

http://home3.ca.com/Microsoft/ <---you can get that free for a year trial, better than Norton imo, AVG is pants, Friends of mine swear by Mcaffe but I have no experience apart from that free stinger.exe which is also a good little proggy

2007-01-22 17:45:28

#20

wooly-back-jack: Jihaaaaaad!!!; +84|6741|England

oh and turn off restore points before getting rid of the virus/scanning or you will just save it to a restore point lol, switch sytem restore back on later when you know it's gone.

2007-01-22 18:14:43

#21

Executiator: Member; +69|6422

ryan_14 wrote:
Knightnifer wrote:
Get AVG
Haha yeah.

Man, people are smart, viruses are getting more and more complex each day.

Virii.

2007-01-22 18:23:26

#22

wooly-back-jack: Jihaaaaaad!!!; +84|6741|England

offleroffle!

2007-01-22 18:23:37

#23

UON: Junglist Massive; +223|6654

Bertster7 wrote:
Havok wrote:
Bertster7 wrote:
OMG! A virus! Panic! Blow up all computers and send the army on a war against hackers and malware coders!

That's how the US seems to deal with other insignificant threats.
How the hell does a warning thread about a computer virus end up on an Anti-US topic? Please don't derail this and because you're British, please stick to your own country's affairs 'till our country interferes with yours, which they haven't.
I was pointing out the subtle similarities between the over reaction to these minor virus warnings, which at worst pose a risk of a slight inconvenience, to the very similar situation with the media frenzy over terrorism. These things pose such minor, insignificant dangers that really no one should care. Be aware and take steps to prevent it, but don't panic about it all.

Irony is totally lost on some people.

Also...

Free Gary McKinnon! http://freegary.org.uk/

The US government are fucking morons who should not be left in charge of a pencil, let alone a complex computer network!

"Oooo, we forgot to patch some well known vulnerabilities, who knows who the fuck has been in those system for the last year.... but let's not blame ourself... we'll find a patsy and jail him for life..."

IMO it should be whoever ran the network facing life for criminal negligence, not some nutbar who was just trying get evidence that Roswell was real....

Last edited by UON (2007-01-23 10:17:53)

2007-01-23 10:54:18

#24

justice: OctoPoster; +978|6742|OctoLand

To all the people who read my post and helped:

Thanks for the responses, it seemed to just disappear on its own...dno why, but YAY.

To all the people who said "omg use your brain and dont open obvious email viruses"

How about you fucking read my posts? I clearly stated I never opened anything, but still got the trojan. People like you are should (wont say cos will get banned)..../rant over.

I know fucking karate

2007-01-23 11:13:25

#25

ghettoperson: Member; +1,943|6650

Expecting Norton to protect you from virii is like expecting Republicans to protect you from terrorists.

BF2S Forums Trojan.peacomm

Knightnifer wrote:

Bertster7 wrote:

Bertster7 wrote:

Bertster7 wrote:

sithao wrote:

Bertster7 wrote:

Havok wrote:

Bertster7 wrote:

Knightnifer wrote:

ryan_14 wrote:

Knightnifer wrote:

Bertster7 wrote:

Havok wrote:

Bertster7 wrote:

Board footer