Virus-Trojan Protection

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Everyone has their favorite protection, but what is a good Virus-Trojan
protection program?
I thought I had a good one - Avast - , but I found a Win32:SdBot-gen44 on my
computer today.  Maybe its a new one out.
It was the free version.  Maybe I should pay for one and get full
protection.  I did get it out, but a lot of trouble.
thanks for any info.



Re: Virus-Trojan Protection

Bob aka roburt@grande.net in alt.comp.anti-virus
thought,came up with this jewel:

Quoted text here. Click to load it

If you need a free AV try AntiVir.
Do not buy Avast- use Nod32 or Kaspersky for a paid AV.
By the way,what AV found the malware you speak of?
My other thoughts are found on my pages(see below)

max
--
Playing Nice on Usenet:
http://oakroadsystems.com/genl/unice.htm#xpost
My Pages:
Virus Removal Instructions
http://home.neo.rr.com/manna4u /
Keeping Windows Clean
http://home.neo.rr.com/manna4u/keepingclean.html
Windows Help and Tools
http://home.neo.rr.com/manna4u/tools.html
Change nomail.afraid.org to gmail.com to reply.
nomail.afraid.org is setup specifically for use in USENET
Feel free to use it yourself.

Re: Virus-Trojan Protection


| Everyone has their favorite protection, but what is a good Virus-Trojan
| protection program?
| I thought I had a good one - Avast - , but I found a Win32:SdBot-gen44 on my
| computer today.  Maybe its a new one out.
| It was the free version.  Maybe I should pay for one and get full
| protection.  I did get it out, but a lot of trouble.
| thanks for any info.
|

That's a SDBot internet worm.  The question is ... "How did yoy get it ?"

Did you have an OS or OS component vulnerability that was exploited ?

Did you download a file ?

Did you visit a web site that installed it via na exploit ?

Unfortunately, Avasy doesn't have a good library where we can examine the
characteristics of
this SDBot variant.

I do suggest that if you are connected to Broadband Internet that you use a
Cable/DSL Router
such as the Linksys BEFSR41 or a Router with a full FireWall implementation.  In
either
case, I always suggest to specifically block TCP and UDP ports 135 ~ 139 and
445.  Many BOTs
exploit vulnerabilities in these ports and the above goes a long way in
mitigating these
threats.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Virus-Trojan Protection

Dave, to answer your first and third question:  I "think" I got it through a
download.  I had just run a complete through virus check on my archives ect.
and I came up clean.
I downloaded (should have known better) a program "Spybot Terminator".  It
had a search engine called "Crawler".
My AVAST did find it and the date and time coincided with the download.
I am on broadband, and use Linksys as my router.
I am now coming up clean on all the different scans I have done.  So.....no
more downloads to "try" something.
I'm going to a good "Pay-for-Protection".  As the saying goes, you don't get
something for nothing.


Quoted text here. Click to load it



Re: Virus-Trojan Protection

Dave, I was mistaken, it was called SpywareTerminator from
spywareterminator.com.  Not Spybot.

Quoted text here. Click to load it



Re: Virus-Trojan Protection


| Dave, I was mistaken, it was called SpywareTerminator from
| spywareterminator.com.  Not Spybot.
|

I doubt that it was  the source of your SDBot variant.  Since you state you are
suing a NAT
router, I doubt that it wormed its way through a network protocol.

You may have gotten it through social engineering to get past your defenses.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Virus-Trojan Protection

On Tue, 14 Nov 2006 18:17:51 -0600 Bob wrote:

Quoted text here. Click to load it

Two that I've found useful are:

Spybot Search & Destroy, <http://www.spybot.info/en/index.html
a-squared <http://www.emsisoft.com/en/software/free/

Quoted text here. Click to load it

Avast is a good anti-virus but it doesn't emphasize finding Trojans, key
loggers and such.
--
Ernie B.

Communication:  The art of moving an idea from one mind to another, hopefully
without distortion.

Re: Virus-Trojan Protection


Quoted text here. Click to load it

Kaspersky Anti-Virus
NOD32
Avira PE Premium



Re: Virus-Trojan Protection


Quoted text here. Click to load it
But what scanner found Win32:SdBot-gen44 that Avast didn't?



Re: Virus-Trojan Protection

Tony, Avast found it, but only after it had already installed itself.  By
the way, it was all in the "restore" section of the registry.



Quoted text here. Click to load it



Re: Virus-Trojan Protection


| Tony, Avast found it, but only after it had already installed itself.  By
| the way, it was all in the "restore" section of the registry.
|

Please state fully what you mean by " ..."restore" section of the registry...".


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Virus-Trojan Protection

1. Tony, you've got me on that.  All I know is, when Avast was scanning my
registry, it found the Trojan where it had a string of numbers and said
restore, and snapshot.  That's when I started using the virus chest.  After
I got out of that section that said restore, it resumed scanning as usual.
I assumed that was the restore area that does a system restore of your
windows.  Maybe Dave can explain it to you or us.
2. Dave, what do you mean by social engineering, maybe through email?  You
got me on that term.


Quoted text here. Click to load it



Re: Virus-Trojan Protection

1. Tony, you've got me on that.  All I know is, when Avast was scanning my
registry, it found the Trojan where it had a string of numbers and said
restore, and snapshot.  That's when I started using the virus chest.  After
I got out of that section that said restore, it resumed scanning as usual.
I assumed that was the restore area that does a system restore of your
windows.  Maybe Dave can explain it to you or us.
2. Dave, what do you mean by social engineering, maybe through email?  You
got me on that term.


Quoted text here. Click to load it




Re: Virus-Trojan Protection


| 1. Tony, you've got me on that.  All I know is, when Avast was scanning my
| registry, it found the Trojan where it had a string of numbers and said
| restore, and snapshot.  That's when I started using the virus chest.  After
| I got out of that section that said restore, it resumed scanning as usual.
| I assumed that was the restore area that does a system restore of your
| windows.  Maybe Dave can explain it to you or us.
| 2. Dave, what do you mean by social engineering, maybe through email?  You
| got me on that term.


I'd like to see the LOG file from Avast and and get a handle on what you meant by
"..."restore" section of the registry".

Social Engineering is a concpt where malware author and malicious web sites use
the social
exploitations such as sexual curiosity or the desire to get something for free.
Social
Engineering is applying or manipulating the desires of people to get them
infected.

It could be a News Post that says "see video of Bo Derek nude" or "video of Bin
Laden
hanged".

It could be a video web site that puports to have x-rated videos.  You try to
play a video
and it says you need a video codec to see the video and downloads
"supercodec.exe".

It couold be a WMV file called "Jennifer Love Hewitt Runway Bikini.wmv" and when
you agree
to the terms and click on "Play" it downloads SETUP.EXE.

These are all forms of Social Engineering to get past your defenses.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Virus-Trojan Protection

Thanks for the explanation Dave.  Well, I'm an old fella and that leaves out
the sexual curiosity part, if there's anymore to see than I have already
seen, I'll pass on it.  As far as getting something free, I don't knowingly
don't fall for that unless it's something like the free Home Edition of
Avast, or free virus scanners from reputable companies.  Like I say, I'm an
old fella, and I stay with what I "think" are reputable web sites.

I wish I had saved the LOG file, but deleted it after cleaning my mess up.
I may have used the wrong terminology on "restore section".  What it was a
long string of numbers, and in them it said restore/snapshot.  I could have
been something like backup restore.  I just assumed it had something to do
with the system restore.  Anyway, my computer is behaving as it should.  I
have run HouseCall, Kasperskies virus scanners plus my Avast, and all have
come up clean.

Thanks for your help and explanations.


Quoted text here. Click to load it



Re: Virus-Trojan Protection


| Thanks for the explanation Dave.  Well, I'm an old fella and that leaves out
| the sexual curiosity part, if there's anymore to see than I have already
| seen, I'll pass on it.  As far as getting something free, I don't knowingly
| don't fall for that unless it's something like the free Home Edition of
| Avast, or free virus scanners from reputable companies.  Like I say, I'm an
| old fella, and I stay with what I "think" are reputable web sites.
|
| I wish I had saved the LOG file, but deleted it after cleaning my mess up.
| I may have used the wrong terminology on "restore section".  What it was a
| long string of numbers, and in them it said restore/snapshot.  I could have
| been something like backup restore.  I just assumed it had something to do
| with the system restore.  Anyway, my computer is behaving as it should.  I
| have run HouseCall, Kasperskies virus scanners plus my Avast, and all have
| come up clean.
|
| Thanks for your help and explanations.
|

Glad to help -- anytime.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Site Timeline