Security Alert! To all these infections and threats! - DodgeIntrepid.Net Forums - Dodge Intrepid, Concorde, 300m and Eagle Vision chat
Reply
 
LinkBack Thread Tools Rate Thread Display Modes
post #1 of 20 (permalink) Old 07-07-2008, 12:37 AM Thread Starter
 
Join Date: Oct 2007
Posts: 545
Feedback: 0 / 0%
                     
Angry Security Alert! To all these infections and threats!

There is so much malware going around that you all should be aware of.

Under processes look for: (worst bunch of infections that hide)

svdhost.exe (this also found in the registry under windows sound)
svehost.exe

Backdoor bots, trogans, worms, viruses, adware, malware, spyware much more now. If you download software be very careful as it could have integrated launcher in the installer.exe. If you have to download use a Sandbox tool these will give you a virtual drive or space that can be use and you can terminate the infected application at anytime not making matters worst on your main system.

I use free tools for protection, there are some out their that just don't work. Here's a list of ones you should avoid.

Corrupt anti-spyware tools
http://www.2-spyware.com/corrupt-anti-spyware

This site not only have this listing of what's what, but it also has comparisons of all free and commercial anti-spyware reviews which one is the best, and what are the features that are missing?


2008 Security List of Threats
http://www.securitynewsportal.com/se...th=5&year=2008
This might help some of you to know what's going around... 7,211 threats names..
tipstir is offline  
Sponsored Links
Advertisement
 
post #2 of 20 (permalink) Old 07-07-2008, 01:06 AM
Speed is Power
 
NHogan's Avatar
 
Join Date: Dec 2004
Location: Iowa, USA
Posts: 6,683
Feedback: 37 / 100%
                     
Just reformated my computer and took less then half hour tops.
NHogan is offline  
post #3 of 20 (permalink) Old 07-07-2008, 01:15 AM
MKB
 
Join Date: Jan 2007
Posts: 550
Feedback: 0 / 0%
                     
Quote:
Originally Posted by NHogan View Post
Just reformated my computer and took less then half hour tops.
Yeah I just helped a friend do that since his main HD died and im going to do it to my brothers because the computer is just horrible. His background actually turned into a picture that says something about the computer being infected and needing to download some spyware program. Sometimes you just need a fresh start to get the computer back to normal.
MKB is offline  
Sponsored Links
Advertisement
 
post #4 of 20 (permalink) Old 07-07-2008, 01:35 AM
Intrepid Pro
 
Join Date: May 2008
Posts: 8,218
Feedback: 2 / 100%
                     
I just had one get in through in a email corrupted my hole system everything shut down.
nasty bundlepac just full of shit to stink up my computor had to reinstal windows and we all know how long that takes. God i sometimes just want to through it in the Atlantic!!!-----Original Message-----

There is a fake Hallmark e-card mail circulating that contains a
download link that really points to a trojan infected executable. At
least one of my users has received it, though she failed to save it for
examination. :-(

The e-mail looks perfectly legitimate, but if you move your cursor over
the link (without clicking on it, of course) you can see that it points
to a Windows executable file (e.g.
.exe, .com, .bat, .scr, or .reg extension) and not to a .html or .php
page. Also, if you check the mail headers it should be obvious it's not
from Hallmark, but few people do that.

There's a short blurb about it here, including the server IP:
http://myitforum.com/cs2/blogs/rtren...uthentic-looki
ng-hallmark-e-card-email-circulating.aspx

The spreading of viruses in this fashion is becoming more popular now
that many sites block transfer of executable files in e-mail -- even the
best firewalls and mail scanners can't protect you from downloading a
virus through your browser.

If I get more info (like a virus name) I'll pass it along.

Last edited by crypt keeper; 07-07-2008 at 01:45 AM.
crypt keeper is offline  
post #5 of 20 (permalink) Old 07-07-2008, 04:54 PM Thread Starter
 
Join Date: Oct 2007
Posts: 545
Feedback: 0 / 0%
                     
I gone through pretty much the same here, I keep images backup of every system on the network. Finally got everything under to control.

I use freeware versions: PC Tools Anti-Virus (very good email scanner) If you got server running Windows Server 2003 and you have your email like outlook save to that system. You could use PCAV to be your AV email server monitor. It really works and it's for free. Once I install that on the system it found trojans hiding on the system and it can either remove it or quarantine them.

For a firewall I use PC Tools Firewall Plus it's also for free, it has code injection so that anything tries to write to your system it will prompt you.

Anti-Spyware I use PC Tools Spyware Doctor it's pay-for software, but it works. I can't use it on the server I have to use Spyware Terminator that's for free most of the features are manual though. Another one to use is called Spyware Blaster that's for browsers like IE and firefox.

Some say to use SuperAnti-Spyware for free but I that had caused my crashed and it hose the some of my systems.

I found a small program called RegProt (free) it monitors the registry and can prompt you by asking two question should this registry entry be allowed to run or delete? Yes to keep No to delete. Can't be easier than that. I found svdhost.exe still in the registry with this software. It's gone now.

PC Tools has ThreatFire is strong protection. I can't seen to get it to be stable though. So back to using Sandbox to test software. With a Sandbox you can run applications without worry if they are infected or surf the internet in a Sandbox. Also for free.
tipstir is offline  
post #6 of 20 (permalink) Old 07-07-2008, 05:12 PM
Intrepid Pro
 
tooch926's Avatar
 
Join Date: Feb 2008
Location: Concord, Ohio
Posts: 1,069
Feedback: 0 / 0%
                     
They're trying to blind side you with an "svchost" process. These are only in WinXP Pro though. Now if "sve or svdhost" are running in home or media editon, you def. know something is wrong. And, if they act the same way as an svchost, then an executeable would have to be ran because .dll's cant' be launched by Windows itself.

I'm keeping a look out though.
tooch926 is offline  
post #7 of 20 (permalink) Old 07-07-2008, 06:23 PM Thread Starter
 
Join Date: Oct 2007
Posts: 545
Feedback: 0 / 0%
                     
Quote:
Originally Posted by tooch926 View Post
They're trying to blind side you with an "svchost" process. These are only in WinXP Pro though. Now if "sve or svdhost" are running in home or media editon, you def. know something is wrong. And, if they act the same way as an svchost, then an executeable would have to be ran because .dll's cant' be launched by Windows itself.

I'm keeping a look out though.
I run two Windows Server 2003 OS that nasty was on those two. I also run Vista Business SP1 and XP Pro SP2 boxes. Another one I didn't mention was RGOD.dll. Well true they're gone now but some of the programs I was using like NOD32 AV and new one with Spyware protection didn't even catch them.

Have you ever get the blinking task bar, I got hit with that, good thing I had a backup image otherwise it would be a new build install. New builds just take so much time.
tipstir is offline  
post #8 of 20 (permalink) Old 07-08-2008, 01:04 AM
Intrepid Pro
 
MegaTrep's Avatar
 
Join Date: May 2007
Location: M'waukee, WI
Posts: 2,792
Feedback: 2 / 100%
                     
Quote:
Originally Posted by MKB View Post
Yeah I just helped a friend do that since his main HD died and im going to do it to my brothers because the computer is just horrible. His background actually turned into a picture that says something about the computer being infected and needing to download some spyware program. Sometimes you just need a fresh start to get the computer back to normal.
My dad had one of those. The funny thing was that it said, "Your computer is expiriencing less preformace." Exactly like that with the misspellings.
MegaTrep is offline  
post #9 of 20 (permalink) Old 07-08-2008, 09:12 AM
Intrepid Pro
 
TCPMeta's Avatar
 
Join Date: Aug 2006
Location: Jacksonville, FL
Posts: 2,935
Feedback: 0 / 0%
                     
This is just one of the reasons why I switched to Linux.
TCPMeta is offline  
post #10 of 20 (permalink) Old 07-08-2008, 11:47 AM
MKB
 
Join Date: Jan 2007
Posts: 550
Feedback: 0 / 0%
                     
Quote:
Originally Posted by TCPMeta View Post
This is just one of the reasons why I switched to Linux.
I have been interested in adding Linux too one of my hard drives ever since I used Knoppix for the first time. Actually I was trying to recover a hard drive for a family member and you recommended using it. I just haven't gotten around to doing much of anything on my computer lately but I was really impressed with the latest version of Knoppix. What version of Linux would you recommend to someone who hasn't used it before?
MKB is offline  
post #11 of 20 (permalink) Old 07-08-2008, 09:00 PM
Intrepid Pro
 
tooch926's Avatar
 
Join Date: Feb 2008
Location: Concord, Ohio
Posts: 1,069
Feedback: 0 / 0%
                     
Quote:
Originally Posted by tipstir View Post
I run two Windows Server 2003 OS that nasty was on those two. I also run Vista Business SP1 and XP Pro SP2 boxes. Another one I didn't mention was RGOD.dll. Well true they're gone now but some of the programs I was using like NOD32 AV and new one with Spyware protection didn't even catch them.

Have you ever get the blinking task bar, I got hit with that, good thing I had a backup image otherwise it would be a new build install. New builds just take so much time.
I keep an updated image for user machines off site, but have network support in a preinstalled environment. This is really nice. 30 minutes tops and you're back up and running!
tooch926 is offline  
post #12 of 20 (permalink) Old 07-08-2008, 09:01 PM
Intrepid Pro
 
tooch926's Avatar
 
Join Date: Feb 2008
Location: Concord, Ohio
Posts: 1,069
Feedback: 0 / 0%
                     
Quote:
Originally Posted by TCPMeta View Post
This is just one of the reasons why I switched to Linux.
I use PC's alot, and even I can add to the list of why you should use Linux instead. haha
tooch926 is offline  
post #13 of 20 (permalink) Old 07-13-2008, 10:20 PM Thread Starter
 
Join Date: Oct 2007
Posts: 545
Feedback: 0 / 0%
                     
Run software or the browser in Sandbox. Sandboxie is for free, works great. I only use on programs that might have something hiding. I did that on ESETsetup.exe and sure enough guess what hopped out? Start.exe. So I had terminated Sandbox and that killed everything in that box. Then deleted the main file ESET in real-time.
tipstir is offline  
post #14 of 20 (permalink) Old 07-14-2008, 07:09 AM
Intrepid Pro
 
TCPMeta's Avatar
 
Join Date: Aug 2006
Location: Jacksonville, FL
Posts: 2,935
Feedback: 0 / 0%
                     
Quote:
I have been interested in adding Linux too one of my hard drives ever since I used Knoppix for the first time. Actually I was trying to recover a hard drive for a family member and you recommended using it. I just haven't gotten around to doing much of anything on my computer lately but I was really impressed with the latest version of Knoppix. What version of Linux would you recommend to someone who hasn't used it before?
I would recommend OpenSuSe. It's simple to install and setup and has a lot of toys that are similar to windows. The Yast2 program also makes things simple for installing programs, drivers and even keeping the system running top notch.
TCPMeta is offline  
post #15 of 20 (permalink) Old 08-11-2008, 12:08 AM Thread Starter
 
Join Date: Oct 2007
Posts: 545
Feedback: 0 / 0%
                     
Smile Choices that are free to use to protect the system

Really don't want one to go over kill with protection..

Spyware Blaster is protection on the browser end Firefox, IE
http://www.javacoolsoftware.com/spywareblaster.html
Note: manual updates for free, auto updates you pay for once

PCTools Spyware Doctor with Antivirus SE 6.0.0.362
www.pctools.com/mirror/sdastart.exe
Note: auto updates for free

PCTools Threat Fire 3.5
http://www.threatfire.com/
Note: auto updates for free

PCTools Firewall Plus 4.0.0.44

http://www.pctools.com/firewall/
Note: auto updaes for free

Firefox 3.01

http://www.mozilla.com/en-US/firefox/

Adblock Plus add-on for Firefox 3.1
https://addons.mozilla.org/en-US/fir...k+Plus&cat=all

Same for these two above...
Everything listed is for free..

Spyware Doctor is now more popular the free pack now comes with antivirus and used with the Threat Fire really protected. Full version SDAV is also available if you need it. I just want less impact on the system. Free are just as good, more people prefer the free ones now.
tipstir is offline  
Sponsored Links
Advertisement
 
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the DodgeIntrepid.Net Forums - Dodge Intrepid, Concorde, 300m and Eagle Vision chat forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

Member names may only be composed of alpha-numeric characters. (A-Z and 0-9)

!!ATTENTION ADVERTISERS!! If you intend on advertising anything on this forum, whatsoever, you are required to first contact us here . Additionaly, we do NOT allow BUSINESS NAMES unless you are an Authorized Vendor. If you own a business, and want to do sales on this site via posting or private message, you will need to follow the rules. Shops, Stores, Distributors, Group Buys without being authorized will see your account terminated.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in










Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes Rate This Thread
Linear Mode Linear Mode
Rate This Thread:



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome