World's nastiest trojan fools AV software -

Author	All Replies
Noah Vail Son made my Avatar Premium join:2004-12-10 Lorton, VA kudos:1 Reviews: ·Bright House ·Sprint Mobile Br..	World's nastiest trojan fools AV software Seems like all I've been doing the last week is anti-rootkit-ing and treating malware infected machines. Wait. That IS all I've been doing. I've had more rootkits in the last week than in the previous year or two. I'd figure there'd be some tech coverage, as everyone I've asked today has come across the drive-by download in the last 24 hours or so. Lots of infections. One that I worked on, was especially nasty; aspects of several different worms. Most notable was it's inclination to launch out dozens of these hooks... Mount point destination : \Device\__max++>\^ ComboFix was only minimally helpful, at first. Took me a while to find that Win32kDiag.exe was the primary fix for the above. After that it was downhill. Reguarding Zeus, I had trouble finding anything other than a reprint of The Register article. Threatexpert.com came through with some real data on the bug. It was a good read. »blog.threatexpert.com/2009/09/ti···hty.html Interestingly, when I tried to download their Zeus-specific utility, my system blue-screened when the zip opened. Hmmmm. Must be that Chinese Anti-Virus I'm running. Well, here it is for you to have fun with.......... »www.threatexpert.com/blog/zbot/Z···oder.zip Any takers? NV -- In my perfect religion, a giant hole appears and sucks up all the lousy people. I call it the Crapture.
	to forum · permalink · 2009-09-18 21:09:45 ·
BosstonesOwn join:2002-12-15 Everett, MA	Im starting to see some of these in my personal life now. Seems like a lot of folks are seeing it slow down their system as well. -- "It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!"
BosstonesOwn join:2002-12-15 Everett, MA	to forum · permalink · 2009-09-19 09:45:43 ·
zod5000 join:2003-10-21 Victoria, BC Reviews: ·Shaw ·TELUS	said by BosstonesOwn: Im starting to see some of these in my personal life now. Seems like a lot of folks are seeing it slow down their system as well. My computer had a nasty trojan on it last weekend that both Spybot detected and Avira detect. They offered to fix it. But they actually didn't. Showed up in a scan the next day. I ened up having to use combofix to remove it completely. I'm usually pretty solid in avoiding places that give out virus', but i guess we can't avoid them all.
	to forum · permalink · 2009-09-19 12:08:27 ·
Noah Vail Son made my Avatar Premium join:2004-12-10 Lorton, VA kudos:1 Reviews: ·Bright House ·Sprint Mobile Br..	The ad rotations that are delivering this stuff seem to be everywhere. About half of my customers get it from places like Facebook or a click off of Yahoo images. But the other half are prudes and according to their histories are getting infected off of mainstream sites. DgB -- In my perfect religion, a giant hole appears and sucks up all the lousy people. I call it the Crapture.
	to forum · permalink · 2009-09-19 12:58:57 ·
BosstonesOwn join:2002-12-15 Everett, MA Reviews: ·Comcast	the ad sites are the main reason , the db's that are rotating those ads are getting compromised , the ad farms need to really stay ahead and try and head this off at the pass. -- "It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!"
	to forum · permalink · 2009-09-19 17:53:20 ·

Friday Evening Links > World's nastiest trojan fools AV software

World's nastiest trojan fools AV software