HOW COME Trojans found In NVIDIA driver files, .bik files ..



Archived from groups: (More info?)

I just scanned my system with PestPatrol and strangely I found these

1/ 15/03/2005-10:31:12 AM , Quarantined , Remote KeyLogger ,
Key Logger , File "C:\NVIDIA\Win2KXP\66.93\" , -1

2/ 15/03/2005-10:30:45 AM , Excluded , I-Worm.MTX.corrupted , Worm ,
File "D:\Program Files\Call of
Duty\uo\pakuo04.pk3|xmodel\mp_ctf_flag_br60" Certainty "Suspected" , -1

3/ 15/03/2005-10:08:09 AM , Detected , 123 Write All Stored Passwords
2.01 , Password Cracker , File "D:\Program Files\Activision\True
Crime\Data\Sounds\GNvic_03.bik" , -886543164

I wonder how a trojan, worm, pest could get into a NVIDIA driver file, a

game model file inside a .pk3 file or a movie .bik file and how they
will be execute if they are inside those files?

The NVIDIA driver I got it from a cover disk of my gaming magazine.

The 2 games are all legit retail bought from Electronic Boutique and
installed freshly from CDs.

Do you think PestPatrol could misdiagnose my system or indeed I have an

I have ZoneAlarm firewall, Antivir, ADAware SE, Spybot Search and
Destroy, Bazooka... I update and Scan my pc on a daily basis.
I do not know why I still get these pests?


Archived from groups: (More info?)

The simple fact is that you should only download and install files
directly from the vendor. Sites, magazine, CD, etc., that offer files
may modify them. This results in people thinking the vendor is the
problem, when it is really the distributor.

For example, I had one PC become infested with trojans and spyware
after installing DIVX from a site other than the official site.
Recovered fine. On a second system, I installed DIVX from the official
site, and had no problems whatsoever.

Of course, this behavior is no guarantee that you won't trojans via
downloads, but it will help. This is especially true of popular
downloads like nVidia drivers, where people would start screaming
right away about problems, and you would be able to learn about it
relatively easily, assuming you are not among the first to install

Please replace the "NoSpam" with "MCI" in my email address in order to
Joe Granto Joe.Granto@NoSpam.Com
Senior Engineer Intel Engineering,MCI