I’ve just spent the last 2 days fighting off the Trojan known as Downloader-AUX. It didn’t really do anything but the fact that it was on my computer and wouldn’t go away bothered the hell out of me. I admit I was doing something online that I shouldn’t have been doing and that’s how I got it, so it was my dumbass fault in the first place. Anyway It started in an instant, so I immediately went in to action. Time to flex that CS degree woo 🙂
At first I thought it was a couple of exe’s that were hiding in my temp folder so I deleted those, but unfortunately they kept coming back. Luckily my Norton’s was a great wall and picked off 90% of the Trojan trash that was being produced. After about an hour in to the infection I discovered I had a second virus called FakeAlert-B this one kept showing me windows dialogs that said I had spyware click ok to remove. Luckily I had enough common sense that when anything out of the ordinary in the slightest happens, to never click ok to anything on my computer. I realized this was a virus before it got out of hand as well. I ran a Dos program called SmitFraudFix, and after a bit of tweaking I got rid of the FakeAlert virus in no time.
I still had this annoying Downloader-AUX virus. I thought I had fixed it last night, but unfortunately the internet was down, so I was in capable of testing my success. This particular Trojan only activated while I was connected to the internet. After I got back from my bike ride this afternoon, I saw a get rid of spyware popup in IE open. I knew I had failed. After much snooping around, I went in to the System32 files, and looked for .DLLs that were created within the time frame of my virus’s first intrusion. Fortunately I found one, called WineByWindows or something like that, the creation time matched, and Google had never heard of it. I tried to delete it, but this damn DLL was like an itch I couldn’t get rid of. I eventually downloaded a program called Avenger, wrote a very simple delete script, hit the go button and for the past hour all has been well.
The moral of the story… Don’t be unethical and/or dumb on the internet, or you may download some STD equivalent for your computer. Also if you ever get a virus, go to the System32 folder first, find all the files created recently, figure out what they do, if you can’t figure that out, get rid of them. Hopefully I saw the last of this damn Downloader-AUX