Jump to content
Chinese-Forums
  • Sign Up

new virus: txomou.exe

onebir

By onebir
in Resources for Studying Chinese

 Share

Recommended Posts

onebir

onebir

Posted
Posted

A friend's computer's just got this - despite having Rising (瑞星)installed, though I'm not sure he had it 100% up to date. Seems pretty nasty, and not much info about it available, so probably new.

If anyone's dealt with it before, it'd be good to hear how...

Link to comment
Share on other sites
Battosai

Battosai

Posted
Posted
despite having Rising (瑞星)

despite?

running an anti-virus software does not protect you from viruses

If anyone's dealt with it before, it'd be good to hear how...

what you should do is google it (i.e put "txomou.exe" in google)

i did and here is what I found. It appears that "360safe" will take care of it.

Link to comment
Share on other sites
liuzhou

liuzhou

Posted
Posted
running an anti-virus software does not protect you from viruses

What? What do you think they do?

Running a constantly updated (at least daily) anti-virus program does just that. Next you'll be telling me Word processors don't process words.

Link to comment
Share on other sites
Quest

Quest

Posted
Posted

A more general way to clean up any virus is to boot into safe mode and prevent it from starting automatically when windows starts. There are stubborn viruses that would bind to your legit programs and libraries, those would require special removers. But, you can always try doing the following first:

1. Power down the compouter

2. Power up and keep hitting F8 (no need to be fast, if you time it right once is enough) until you see an option to go into safe mode

3. choose safe mode and let it boot up

4. When you are at desktop, press the windows flag key and R at the same time, then type msconfig and hit enter or click ok

5. go through the startup tab list and uncheck any suspicious programs

6. go through the services list and uncheck any suspicious services (be careful here, don't disable required services).

7. click apply

8. reboot your computer and reinstall/rerun your antivirus program, update definitions, and scan your computer again

(you may not be able to uncheck services on xp, in that case, press winflagkey and R together, then type services.msc you can disable services there by right clicking and selecting properties)

PS: if you do see "txomou.exe" in the startup list, you can attempt a manual removal:

1. note its location, go there and find it

2. hit ctrl+alt+del, choose task manager if it doesn't pop up automatically (vista) / or right click on start menu bar and select task manager

3. make sure txomou.exe is not a running process, if it is, select it and click on end process/task

4. delete txomou.exe by holding shift and pressing "delete"

5. press winflagkey+R, and type "regedit" enter/ok

6. Using the menu on the left, browse to the location that you saw "txomou.exe" listed in the msconfig startup list.

7. delete that entry

Link to comment
Share on other sites
onebir

onebir

Posted
  • Author
Posted
running an anti-virus software does not protect you from viruses

:roll:

what you should do is google it (i.e put "txomou.exe" in google)

:roll: Of course I googled it. On 21st Dec. Very few results then. The posts you linked to were made on 22nd... (But thanks Battosai for doing a bit of googling on my behalf.)

Quest - thanks for the detailed info. My friend just completely reinstalled windows - perhaps if he'd followed your instructions he could have saved some time.

Link to comment
Share on other sites
imron

imron

Posted
Posted
running an anti-virus software does not protect you from viruses

What? What do you think they do?

Just came across this article from heise-security that mentions a c't study that found anti-virus software is becoming less effective thanks to the increasing sophistication of malware. Money quote from the article:

the way these programs cope with new and completely unfamiliar attacks is more important. And that's where almost all of the products performed significantly worse than just a year ago. The typical recognition rates of their heuristics fell from approximately 40-50 per cent in the last test - at the beginning of 2007 - to a pitiful 20-30 per cent
Personally, I agree partly with Battosai, in that anti-virus software alone will not protect you, you also need to make sure you don't do stupid things like installing random software you downloaded from the internet, or clicking on attachments people send you in email. Another good way to avoid most viruses is to use a limited user account rather than an administrator one.
Link to comment
Share on other sites
Luobot

Luobot

Posted
Posted

Following the article in Imron's post, I read an even more disturbing article here, which says, "the danger of protective software, of all things, mutating into a gateway for pests is still largely underestimated." Not only won't most AV software protect you from the majority of new viruses ("The typical recognition rates of their heuristics fell ... to a pitiful 20-30 per cent."), but the AV software, itself, is vulnerable to being body snatched. :help

Link to comment
Share on other sites
gato

gato

Posted
Posted

http://www.heise-security.co.uk/news/100900

the way these programs cope with new and completely unfamiliar attacks is more important. And that's where almost all of the products performed significantly worse than just a year ago. The typical recognition rates of their heuristics fell from approximately 40-50 per cent in the last test - at the beginning of 2007 - to a pitiful 20-30 per cent

You have to realize these rates refer to recognition of completely new viruses. For known viruses, the recognition rate of most programs is probably around 100%. And it's just as important to protect against known viruses, as it is to protect against new ones.

Only NOD32, with 68 per cent, still delivered a good result, while BitDefender, with 41%, could be called satisfactory.

NOD32 is what I use.

Link to comment
Share on other sites
adrianlondon

adrianlondon

Posted
Posted

Many of my friends in Beijing got viruses (virii?), as did the BNU computers, by sharing dodgy USB memory sticks. These often have autorun viruses in them so your PC gets infected as soon as you plug it in.

Best is to disable auto-run for all USB drives.

Link to comment
Share on other sites
LaoZhang

LaoZhang

Posted
Posted

I disabled auto-run for USB devices and CD, which does seem to prevent viruses from infecting me at insertion, but I've had mixed results once opening the drive to browse it or open files from it (even Word docs). You can do a permanent "disable autorun" through the run terminal/gpedit.msc, or you can just hold Shift while inserting a drive.

I agree with muyongshi. The only way to be SURE is to browse the USB drive on a mac/linux machine, delete offending files/viruses (it's pretty obvious which ones, look for *.EXEs and AUTORUN.INIs) and then you know you're good to go. Just be sure to go through all of your folders.

Another option is to only use Bluetooth/IR for file transfers, then you know exactly what you're getting/sending. I guess email would work, too.

Link to comment
Share on other sites
adrianlondon

adrianlondon

Posted
Posted

Usually, even if you disable auto-run in Windows, if you simply double-click the drive in "My Computer" it'll do an autorun anyway. You need to right-click and "open" or "explore".

A decent virus-checker should stop a dodgy auto-run from running though.

Link to comment
Share on other sites
  • 2 weeks later...
Battosai

Battosai

Posted
Posted
Ok - I guess Battosai meant "running an anti-virus software does not completely protect you from viruses".

true

thats what i meant

also

running on a limited-rights user (if using Windows XP)

using firefox+no-script for web browsing or another safe browser

updating regularly

alternatively - buying a Mac or installing Linux

Link to comment
Share on other sites
Luobot

Luobot

Posted
Posted
The moral of the entire story.... Get a Mac!

The Mac is a less popular target because it enjoys a smaller market share, including the "market share" of hackers attention. However, the Mac has been gaining market share in both ways, recently.

In the end, the only security is a false sense of security -- it enables us to go on computing.

A security researcher has unearthed a buffer overflow remote code execution vulnerability that affects QuickTime on both the Windows and Mac platform.

See: "Another QuickTime code execution flaw surfaces"

Link to comment
Share on other sites

Join the conversation

You can post now and select your username and password later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Click here to reply. Select text to quote.

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...