Just a heads-up to let you know that there’s a new virus that was first detected March 11. This site talks about it:
http://virusinfo.prevx.com/pxparall.asp?PXC=c25714551327
It tried to install itself on my PC today. Freakin’ Spybot saved me, again!
If you don’t have Spybot or a similar program that detects registry changes, you might want to think about installing Spybot. It has saved me twice in the last 2 months. Once on my daughter’s PC, and now once on mine.
Spybot has a feature where it detects registry changes and asks you if you want to allow the change or not. When you install software, you see this spybot registry change box(s) popping up wanting to know if you want to allow changes or not. This can be a little bit of a pain, and my mother had me take Spybot off her PC because of it. Well, the good outweighs the bad.
I usually leave my PC on all night and when I turned on my monitor this morning, there was a Spybot notice about a program called Taskdir.exe trying to make changes to my registry. I left the message there while I searched the net and found all sorts of posts about this being a virus. It said it tries to install 5 things.
I tell it to deny the change and to remember that decision and sure enough 4 more notices pop up about registry changes. I say ‘NO’ to all of them and to “remember this decision.” Well, then my screen fills with notices from Spybot telling me it’s denying attempts to write to the registry because I told it to remember this decision. It’s doing its job, but it’s filling three-quarters of my screen with notices because the virus is relentless and keeps trying to install itself.
Anyway, so now the virus is being blocked from installing, but I need to stop the ‘attempt’ to install. I just went into system restore and restored back to March 1 and that fixed it. Spybot stopped the virus from installing, and system restore got rid of the attempt to install.
Same thing happened a couple months ago to my daughters PC and we denied the registry changes and did a system restore. It must have taken care of the problem because her PC has been fine for 2 months now.
The problem is antivirus programs can be “reactive” instead of “proactive.” A virus will come out first, then antivirus code is written to detect it. So, you might get a virus before any code is written to detect it. I know some virus programs look for patterns that might indicate a virus, but that isn’t fool-proof.
Here is what it tried to write to or make changes to:
Taskdir.exe to the sys32 directory.
HPDJ Taskbar Utility to my sys32/spool/drivers/w32 directory.
Then 3 more changes that I took pictures of. See pics.
http://virusinfo.prevx.com/pxparall.asp?PXC=c25714551327
It tried to install itself on my PC today. Freakin’ Spybot saved me, again!
If you don’t have Spybot or a similar program that detects registry changes, you might want to think about installing Spybot. It has saved me twice in the last 2 months. Once on my daughter’s PC, and now once on mine.
Spybot has a feature where it detects registry changes and asks you if you want to allow the change or not. When you install software, you see this spybot registry change box(s) popping up wanting to know if you want to allow changes or not. This can be a little bit of a pain, and my mother had me take Spybot off her PC because of it. Well, the good outweighs the bad.
I usually leave my PC on all night and when I turned on my monitor this morning, there was a Spybot notice about a program called Taskdir.exe trying to make changes to my registry. I left the message there while I searched the net and found all sorts of posts about this being a virus. It said it tries to install 5 things.
I tell it to deny the change and to remember that decision and sure enough 4 more notices pop up about registry changes. I say ‘NO’ to all of them and to “remember this decision.” Well, then my screen fills with notices from Spybot telling me it’s denying attempts to write to the registry because I told it to remember this decision. It’s doing its job, but it’s filling three-quarters of my screen with notices because the virus is relentless and keeps trying to install itself.
Anyway, so now the virus is being blocked from installing, but I need to stop the ‘attempt’ to install. I just went into system restore and restored back to March 1 and that fixed it. Spybot stopped the virus from installing, and system restore got rid of the attempt to install.
Same thing happened a couple months ago to my daughters PC and we denied the registry changes and did a system restore. It must have taken care of the problem because her PC has been fine for 2 months now.
The problem is antivirus programs can be “reactive” instead of “proactive.” A virus will come out first, then antivirus code is written to detect it. So, you might get a virus before any code is written to detect it. I know some virus programs look for patterns that might indicate a virus, but that isn’t fool-proof.
Here is what it tried to write to or make changes to:
Taskdir.exe to the sys32 directory.
HPDJ Taskbar Utility to my sys32/spool/drivers/w32 directory.
Then 3 more changes that I took pictures of. See pics.
