Jump to content
Chinese-Forums
  • Sign Up

new virus: txomou.exe


Recommended Posts

Posted

A friend's computer's just got this - despite having Rising (瑞星)installed, though I'm not sure he had it 100% up to date. Seems pretty nasty, and not much info about it available, so probably new.

If anyone's dealt with it before, it'd be good to hear how...

Posted
despite having Rising (瑞星)

despite?

running an anti-virus software does not protect you from viruses

If anyone's dealt with it before, it'd be good to hear how...

what you should do is google it (i.e put "txomou.exe" in google)

i did and here is what I found. It appears that "360safe" will take care of it.

Posted
running an anti-virus software does not protect you from viruses

What? What do you think they do?

Running a constantly updated (at least daily) anti-virus program does just that. Next you'll be telling me Word processors don't process words.

Posted

A more general way to clean up any virus is to boot into safe mode and prevent it from starting automatically when windows starts. There are stubborn viruses that would bind to your legit programs and libraries, those would require special removers. But, you can always try doing the following first:

1. Power down the compouter

2. Power up and keep hitting F8 (no need to be fast, if you time it right once is enough) until you see an option to go into safe mode

3. choose safe mode and let it boot up

4. When you are at desktop, press the windows flag key and R at the same time, then type msconfig and hit enter or click ok

5. go through the startup tab list and uncheck any suspicious programs

6. go through the services list and uncheck any suspicious services (be careful here, don't disable required services).

7. click apply

8. reboot your computer and reinstall/rerun your antivirus program, update definitions, and scan your computer again

(you may not be able to uncheck services on xp, in that case, press winflagkey and R together, then type services.msc you can disable services there by right clicking and selecting properties)

PS: if you do see "txomou.exe" in the startup list, you can attempt a manual removal:

1. note its location, go there and find it

2. hit ctrl+alt+del, choose task manager if it doesn't pop up automatically (vista) / or right click on start menu bar and select task manager

3. make sure txomou.exe is not a running process, if it is, select it and click on end process/task

4. delete txomou.exe by holding shift and pressing "delete"

5. press winflagkey+R, and type "regedit" enter/ok

6. Using the menu on the left, browse to the location that you saw "txomou.exe" listed in the msconfig startup list.

7. delete that entry

Posted
running an anti-virus software does not protect you from viruses

:roll:

what you should do is google it (i.e put "txomou.exe" in google)

:roll: Of course I googled it. On 21st Dec. Very few results then. The posts you linked to were made on 22nd... (But thanks Battosai for doing a bit of googling on my behalf.)

Quest - thanks for the detailed info. My friend just completely reinstalled windows - perhaps if he'd followed your instructions he could have saved some time.

Posted
running an anti-virus software does not protect you from viruses

What? What do you think they do?

Just came across this article from heise-security that mentions a c't study that found anti-virus software is becoming less effective thanks to the increasing sophistication of malware. Money quote from the article:

the way these programs cope with new and completely unfamiliar attacks is more important. And that's where almost all of the products performed significantly worse than just a year ago. The typical recognition rates of their heuristics fell from approximately 40-50 per cent in the last test - at the beginning of 2007 - to a pitiful 20-30 per cent
Personally, I agree partly with Battosai, in that anti-virus software alone will not protect you, you also need to make sure you don't do stupid things like installing random software you downloaded from the internet, or clicking on attachments people send you in email. Another good way to avoid most viruses is to use a limited user account rather than an administrator one.
Posted

Ok - I guess Battosai meant "running an anti-virus software does not completely protect you from viruses".

Posted

Following the article in Imron's post, I read an even more disturbing article here, which says, "the danger of protective software, of all things, mutating into a gateway for pests is still largely underestimated." Not only won't most AV software protect you from the majority of new viruses ("The typical recognition rates of their heuristics fell ... to a pitiful 20-30 per cent."), but the AV software, itself, is vulnerable to being body snatched. :help

Posted

http://www.heise-security.co.uk/news/100900

the way these programs cope with new and completely unfamiliar attacks is more important. And that's where almost all of the products performed significantly worse than just a year ago. The typical recognition rates of their heuristics fell from approximately 40-50 per cent in the last test - at the beginning of 2007 - to a pitiful 20-30 per cent

You have to realize these rates refer to recognition of completely new viruses. For known viruses, the recognition rate of most programs is probably around 100%. And it's just as important to protect against known viruses, as it is to protect against new ones.

Only NOD32, with 68 per cent, still delivered a good result, while BitDefender, with 41%, could be called satisfactory.

NOD32 is what I use.

Posted
You have to realize these rates refer to recognition of completely new viruses.
Yep, I realise that completely, and that's the reason why this article is so appropriate, because it was a new virus that was causing the problem.
Posted

Many of my friends in Beijing got viruses (virii?), as did the BNU computers, by sharing dodgy USB memory sticks. These often have autorun viruses in them so your PC gets infected as soon as you plug it in.

Best is to disable auto-run for all USB drives.

Posted

I disabled auto-run for USB devices and CD, which does seem to prevent viruses from infecting me at insertion, but I've had mixed results once opening the drive to browse it or open files from it (even Word docs). You can do a permanent "disable autorun" through the run terminal/gpedit.msc, or you can just hold Shift while inserting a drive.

I agree with muyongshi. The only way to be SURE is to browse the USB drive on a mac/linux machine, delete offending files/viruses (it's pretty obvious which ones, look for *.EXEs and AUTORUN.INIs) and then you know you're good to go. Just be sure to go through all of your folders.

Another option is to only use Bluetooth/IR for file transfers, then you know exactly what you're getting/sending. I guess email would work, too.

Posted

Usually, even if you disable auto-run in Windows, if you simply double-click the drive in "My Computer" it'll do an autorun anyway. You need to right-click and "open" or "explore".

A decent virus-checker should stop a dodgy auto-run from running though.

Posted

Although there are a tonne of viruses on Chinese websites, what always gets me are "dirty" USB keys. Hehe that sounds so... dirty. :mrgreen:

Disabling autorun is a really good suggestion.

  • 2 weeks later...
Posted
Ok - I guess Battosai meant "running an anti-virus software does not completely protect you from viruses".

true

thats what i meant

also

running on a limited-rights user (if using Windows XP)

using firefox+no-script for web browsing or another safe browser

updating regularly

alternatively - buying a Mac or installing Linux

Posted
The moral of the entire story.... Get a Mac!

The Mac is a less popular target because it enjoys a smaller market share, including the "market share" of hackers attention. However, the Mac has been gaining market share in both ways, recently.

In the end, the only security is a false sense of security -- it enables us to go on computing.

A security researcher has unearthed a buffer overflow remote code execution vulnerability that affects QuickTime on both the Windows and Mac platform.

See: "Another QuickTime code execution flaw surfaces"

Posted
The Mac is a less popular target because it enjoys a smaller market share, including the "market share" of hackers attention.
It also has a more strict security model, meaning it's much harder to write viruses for.

Join the conversation

You can post now and select your username and password later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Click here to reply. Select text to quote.

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...