Jump to content

'Antique' Trojan Found in USB Drive


Recommended Posts

Hi All!

I have what I think is an unusual problem...

I need advice on both procedural questions and re-transmission issues. :excl:

Here's the overall situation, I will try to be as clear as I can:

I've just replaced NIS '08 with Norton 360 2.0 '09 on my XPsp3 computers. My usual SOP keeps everything updated & scanned.

The new 360 tends to run quick scans and find nothing. Over the years I have downloaded quite a few programs, mostly just utilities & trials from sourceforge or cnet- nothing from the 'underworld'. Never had a virus in the machine before...

I got a big 500G USB hard drive for Christmas, and finally started on something I've long wanted to do- transfer all those old backup CDs and organize them down into a single set of 'keepers'.

I'd gone thru quite a few CDs, and stuff from the smaller HDs on my computers. Some of the CDs (mostly with Stomper-attached adhesive labels) refused to read, but I don't know if that is relevant to this prob.

When I thought to run a full scan on the USB drive, Norton 360 found two .zip files that were 'hiding' Trojan.Killfiles & had quarantined them.

To be totally clear: Both the infected .zip files had the same name; back in 2000 and then again in 2001 the original file had been manually stuck in a backup folder.

Those folders sat inside other folders as backups- never opened or extracted- and eventually were copied off the hard drive onto a CD (as I recall, using the native Windows burner).

While they were on that machine, I had either McAfee or Norton running and nothing was detected.

When I copied off that CD onto the big USB drive, with 360 running, nothing was detected.

When I ran 360 specifically on that drive, it found 2 problem files which it quarantined.

I went to Norton Support online chat, where I was '87 in que' and after a couple hours got somebody in India who was (lets say) unable to help, or even understand.

OK, again to clarify: on the G: USB drive there is a nest of folders... say BACKUPS>OLD BACKUPS>UTILITIES which contains 2 folders BACKUPS 2000 & BACKUPS 2001, each of which contains a folder containing the identical allegedly infected .zip file {oe.exe}.

I've found lots of information & misinformation about the variously named Trojan.Killfiles, which apparently goes back to at least 2003 according to sites like Trend, McAfee, & Norton.

I've disconnected the USB drive, and scanned the computer itself with Trend Housecall, again 360, and now Malwarebytes- nothing is finding evidence of infection.

My Qs include:

* 360 quarantined the files, but apparently has no way to delete them. If I overwrite them with a scrubber program, will that make things better or more difficult to track?

* I use flashdrives to move things between computers. How can I be sure they are clean? Can they infect a computer just be being plugged in? Do different brand have different vulnerabilities?

* Are data files on a CD or DVD scannable while still on the disc? Does ' Close sessions' lock files?

* Is there a possibility I don't have a real problem? :D

This trojan isn't marked with a .u or anything, unlike modern versions, so I think it is a vintage 'Mark 1' and not something that got in over the net.

No programs seem to find anything to report in RAM or Registry. (However... 360 both 'optimizes' files & 'cleans' the registry, new features over NIS)

* What should I do next? :)

Thanks guys!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.