Announcement

Collapse
No announcement yet.

virus, again

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • virus, again

    i just got hit with a new form of the 32/klez.h@mm virus....which means many of you will be mailed it as well....i usually get mailed virus' daily but my firewall deletes them....this virus has a program that automatically runs when you try to delete and takes down your protection so it can attach the klez virus......macafee has a free tool called stinger that removes several of the w32 virus'.....email if you need it or more info and do not even try to do anything with a email w an attachment like

    Subject: A very funny website
    or Subject: Undeliverable mail--
    or Subject: Returned mail--
    or Subject: A WinXP patch
    or Subject: A IE 6.0 patch
    or Subject: W32.Elkern removal tools
    or Subject: W32.Klez.E removal tools

  • #2
    Re: virus, again

    That is Strange, Thanks for the heads up

    Comment


    • #3
      Re: virus, again

      1st Thing to do is get rid of Macfee. I run a internet base store and we get about 400-500 mails a day, Macafee was nothing but promblems,we went with Norton and been great nothing has gotten though since. Also if yo can use a free e-mail service like yahoo and then download it to outlook, Norton will get em everytime. I was geting so sick of redoing my comps all the time. Good Luck
      www.kiddhavok.com
      www.youtube.com/kiddhavokband

      Comment


      • #4
        Re: virus, again

        i have both macafee and norton....i like macafee much better.....it has nothing to do with your brand of virus protection, the trojan disables them all

        Comment


        • #5
          Re: virus, again

          Virus scanners are virtually worthless against most of the current Trojans - because Trojans are not Viruses. It's not that McAfee or Norton don't have the tech - they simply cannot automate the sophistication without sacrificing the simplistic interface (and rock-bottom pricing) necessary for the general Windows user-base.

          Some of the new Remote Access Trojans appearing are technically very well written, and can hide themselves so well, that on Win9x and ME systems are not visible as a process. Most scanners will NOT find these trojans by conventional methods as there is little indication of their presence.

          I've used both McAfee and Norton for years (home and industrial-strength versions), and find very little difference in their detection capabilities. The main diffs (IMO) are in how frequently they screw up your system.

          Now, I'm a NUT about keeping my scanners current and 'hot'. My home systems do full, detailed scans - followed by Definition updates - every night. But after reading a couple of articles discussing what Virus Scanners don't do... I decided to see for myself.

          I downloaded a prog called Trojan Hunter, installed and ran it - found nothing. I promptly lost interest, and forgot about it. About a week later, my system started booting with the virus scanner disabled - but the settings seemed correct. So I restarted Trojan Hunter..

          " -ALERT!- Trojan Detected!"

          But the freaking program couldn't even tell me what it was, let alone do anything about it. [img]images/icons/mad.gif[/img]

          So I d/l a prog called 'Trojan Defense Suite (TDS-3) - wow! Not only did it find it - it ID'd the bugger, showed me the memory processes it was attaching to (allowing me to adjust my firewall to disrupt the comm link), and detailed exactly which registry-keys, system files, and boot processes my 'Visitor' was hiding behind. It took me about 3-4 hours (and about 4 reboots)to manually eliminate any trace of the bugger.

          My virus scanner just hummed along - oblivious to the direct attack on my system - sucking up ram and resources, waiting for something it was good at.

          Now, TDS-3 is not a virus scanner - I still need to have that. The point seems to be... Trojan defense cannot be done automatically - because Trojans are controlled by humans, not a few lines of code. I had to manually edit...
          - several registry keys
          - system.ini
          - win.ini
          And I had to do it 4 times, because the Trojan's source file kept squirting around my file system before I finally caught the master attached to an Internet Explorer background image in an area so deep in the file system that I never even knew it existed. [img]images/icons/cool.gif[/img]

          McAfee and Norton can't do that. Only humans can.

          Don't rely on mass-consumer technology to protect you from a specially-crafted, focued, and human-directed intrusion. 'Cause the human wins, every time.
          750xl, 88LE, AT1, Roswell Pro, SG-X, 4 others...
          Stilletto Duece 1/2 Stack, MkIII Mini-Stack, J-Station, 12 spaces of misc rack stuff, Sonar 4, Event 20/20, misc outboard stuff...

          Why do I still want MORE?

          Comment


          • #6
            Re: virus, again

            The trojan has never gotten though our norton system,but I also run a real firewall not a program one,just trying to help, macafee was nothing but promblems for us.
            www.kiddhavok.com
            www.youtube.com/kiddhavokband

            Comment


            • #7
              Re: virus, again

              same here, almost everyday

              Comment


              • #8
                Re: virus, again

                I'll run that by my IT guy,see if we have that. Maybe we have just been lucky,but we get tons of mail every day, and since the switch nothing has gotten though. Thanks for the tip.
                www.kiddhavok.com
                www.youtube.com/kiddhavokband

                Comment


                • #9
                  Re: virus, again

                  Just by coincidence I loaded up TDS-3 last night. I found a worm in my registry. It is pretty cool.

                  Comment


                  • #10
                    Re: virus, again

                    You guys are just using the 30 day trial of TDS-3?

                    It has my interest quite high...

                    Comment


                    • #11
                      Re: virus, again

                      Yea I am using the 30 day trial(I am gonna buy it though) and I also loaded up Sygate firewall(free one). Took me 3 times to get rid of some stuff in my registry.

                      Comment


                      • #12
                        Re: virus, again

                        Now, my reboot startup scan, shows it has a Mutex... doesn't tell me where.. When I do a system scan, it shows nothing... Aghh..

                        And I don't know what to do when I find it... Doh... Not good...

                        Comment


                        • #13
                          Re: virus, again

                          Cool, I got the 30 day, it found nothing so far, other than a few (legit) suspicious file extensions...

                          I have to look through the program again and make sure I did all the scans, I'm pretty sure I did.

                          Cool program for sure.

                          Thanx guys!

                          Comment

                          Working...
                          X