DodgeIntrepid.Net Forums banner

1 - 20 of 20 Posts

·
Registered
Joined
·
545 Posts
Discussion Starter #1
There is so much malware going around that you all should be aware of.

Under processes look for: (worst bunch of infections that hide)

svdhost.exe (this also found in the registry under windows sound)
svehost.exe

Backdoor bots, trogans, worms, viruses, adware, malware, spyware much more now. If you download software be very careful as it could have integrated launcher in the installer.exe. If you have to download use a Sandbox tool these will give you a virtual drive or space that can be use and you can terminate the infected application at anytime not making matters worst on your main system.

I use free tools for protection, there are some out their that just don't work. Here's a list of ones you should avoid.

Corrupt anti-spyware tools
http://www.2-spyware.com/corrupt-anti-spyware

This site not only have this listing of what's what, but it also has comparisons of all free and commercial anti-spyware reviews which one is the best, and what are the features that are missing?


2008 Security List of Threats
http://www.securitynewsportal.com/se...th=5&year=2008
This might help some of you to know what's going around... 7,211 threats names..
 

·
Speed is Power
Joined
·
6,687 Posts
Just reformated my computer and took less then half hour tops.
 

·
Registered
Joined
·
550 Posts
Just reformated my computer and took less then half hour tops.
Yeah I just helped a friend do that since his main HD died and im going to do it to my brothers because the computer is just horrible. His background actually turned into a picture that says something about the computer being infected and needing to download some spyware program. Sometimes you just need a fresh start to get the computer back to normal.
 

·
Registered
Joined
·
8,218 Posts
I just had one get in through in a email corrupted my hole system everything shut down.
nasty bundlepac just full of **** to stink up my computor had to reinstal windows and we all know how long that takes. God i sometimes just want to through it in the Atlantic!!!-----Original Message-----

There is a fake Hallmark e-card mail circulating that contains a
download link that really points to a trojan infected executable. At
least one of my users has received it, though she failed to save it for
examination. :-(

The e-mail looks perfectly legitimate, but if you move your cursor over
the link (without clicking on it, of course) you can see that it points
to a Windows executable file (e.g.
.exe, .com, .bat, .scr, or .reg extension) and not to a .html or .php
page. Also, if you check the mail headers it should be obvious it's not
from Hallmark, but few people do that.

There's a short blurb about it here, including the server IP:
http://myitforum.com/cs2/blogs/rtrent/archive/2007/05/25/authentic-looki
ng-hallmark-e-card-email-circulating.aspx

The spreading of viruses in this fashion is becoming more popular now
that many sites block transfer of executable files in e-mail -- even the
best firewalls and mail scanners can't protect you from downloading a
virus through your browser.

If I get more info (like a virus name) I'll pass it along.
 

·
Registered
Joined
·
545 Posts
Discussion Starter #5
I gone through pretty much the same here, I keep images backup of every system on the network. Finally got everything under to control.

I use freeware versions: PC Tools Anti-Virus (very good email scanner) If you got server running Windows Server 2003 and you have your email like outlook save to that system. You could use PCAV to be your AV email server monitor. It really works and it's for free. Once I install that on the system it found trojans hiding on the system and it can either remove it or quarantine them.

For a firewall I use PC Tools Firewall Plus it's also for free, it has code injection so that anything tries to write to your system it will prompt you.

Anti-Spyware I use PC Tools Spyware Doctor it's pay-for software, but it works. I can't use it on the server I have to use Spyware Terminator that's for free most of the features are manual though. Another one to use is called Spyware Blaster that's for browsers like IE and firefox.

Some say to use SuperAnti-Spyware for free but I that had caused my crashed and it hose the some of my systems.

I found a small program called RegProt (free) it monitors the registry and can prompt you by asking two question should this registry entry be allowed to run or delete? Yes to keep No to delete. Can't be easier than that. I found svdhost.exe still in the registry with this software. It's gone now.

PC Tools has ThreatFire is strong protection. I can't seen to get it to be stable though. So back to using Sandbox to test software. With a Sandbox you can run applications without worry if they are infected or surf the internet in a Sandbox. Also for free.
 

·
Registered
Joined
·
1,069 Posts
They're trying to blind side you with an "svchost" process. These are only in WinXP Pro though. Now if "sve or svdhost" are running in home or media editon, you def. know something is wrong. And, if they act the same way as an svchost, then an executeable would have to be ran because .dll's cant' be launched by Windows itself.

I'm keeping a look out though.
 

·
Registered
Joined
·
545 Posts
Discussion Starter #7
They're trying to blind side you with an "svchost" process. These are only in WinXP Pro though. Now if "sve or svdhost" are running in home or media editon, you def. know something is wrong. And, if they act the same way as an svchost, then an executeable would have to be ran because .dll's cant' be launched by Windows itself.

I'm keeping a look out though.
I run two Windows Server 2003 OS that nasty was on those two. I also run Vista Business SP1 and XP Pro SP2 boxes. Another one I didn't mention was RGOD.dll. Well true they're gone now but some of the programs I was using like NOD32 AV and new one with Spyware protection didn't even catch them.

Have you ever get the blinking task bar, I got hit with that, good thing I had a backup image otherwise it would be a new build install. New builds just take so much time.
 

·
Registered
Joined
·
2,792 Posts
Yeah I just helped a friend do that since his main HD died and im going to do it to my brothers because the computer is just horrible. His background actually turned into a picture that says something about the computer being infected and needing to download some spyware program. Sometimes you just need a fresh start to get the computer back to normal.
My dad had one of those. The funny thing was that it said, "Your computer is expiriencing less preformace." Exactly like that with the misspellings.
 

·
Registered
Joined
·
550 Posts
This is just one of the reasons why I switched to Linux.
I have been interested in adding Linux too one of my hard drives ever since I used Knoppix for the first time. Actually I was trying to recover a hard drive for a family member and you recommended using it. I just haven't gotten around to doing much of anything on my computer lately but I was really impressed with the latest version of Knoppix. What version of Linux would you recommend to someone who hasn't used it before?
 

·
Registered
Joined
·
1,069 Posts
I run two Windows Server 2003 OS that nasty was on those two. I also run Vista Business SP1 and XP Pro SP2 boxes. Another one I didn't mention was RGOD.dll. Well true they're gone now but some of the programs I was using like NOD32 AV and new one with Spyware protection didn't even catch them.

Have you ever get the blinking task bar, I got hit with that, good thing I had a backup image otherwise it would be a new build install. New builds just take so much time.
I keep an updated image for user machines off site, but have network support in a preinstalled environment. This is really nice. 30 minutes tops and you're back up and running! :)
 

·
Registered
Joined
·
545 Posts
Discussion Starter #13
Run software or the browser in Sandbox. Sandboxie is for free, works great. I only use on programs that might have something hiding. I did that on ESETsetup.exe and sure enough guess what hopped out? Start.exe. So I had terminated Sandbox and that killed everything in that box. Then deleted the main file ESET in real-time.
 

·
Registered
Joined
·
2,935 Posts
I have been interested in adding Linux too one of my hard drives ever since I used Knoppix for the first time. Actually I was trying to recover a hard drive for a family member and you recommended using it. I just haven't gotten around to doing much of anything on my computer lately but I was really impressed with the latest version of Knoppix. What version of Linux would you recommend to someone who hasn't used it before?
I would recommend OpenSuSe. It's simple to install and setup and has a lot of toys that are similar to windows. The Yast2 program also makes things simple for installing programs, drivers and even keeping the system running top notch.
 

·
Registered
Joined
·
545 Posts
Discussion Starter #15
Choices that are free to use to protect the system

Really don't want one to go over kill with protection..

Spyware Blaster is protection on the browser end Firefox, IE
http://www.javacoolsoftware.com/spywareblaster.html
Note: manual updates for free, auto updates you pay for once

PCTools Spyware Doctor with Antivirus SE 6.0.0.362
www.pctools.com/mirror/sdastart.exe
Note: auto updates for free

PCTools Threat Fire 3.5
http://www.threatfire.com/
Note: auto updates for free

PCTools Firewall Plus 4.0.0.44

http://www.pctools.com/firewall/
Note: auto updaes for free

Firefox 3.01

http://www.mozilla.com/en-US/firefox/

Adblock Plus add-on for Firefox 3.1
https://addons.mozilla.org/en-US/fir...k+Plus&cat=all

Same for these two above...
Everything listed is for free..

Spyware Doctor is now more popular the free pack now comes with antivirus and used with the Threat Fire really protected. Full version SDAV is also available if you need it. I just want less impact on the system. Free are just as good, more people prefer the free ones now.
 

·
Registered
Joined
·
528 Posts
I put Ubuntu 8.01 on my girlfriends computer and it works really great, runs very smooth and has a decently attractive setup.
 

·
Registered
Joined
·
430 Posts
I put Ubuntu 8.01 on my girlfriends computer and it works really great, runs very smooth and has a decently attractive setup.
I actually prefer PCLinixOS... it's the best linux flavor I've seen so far for defining hardware. it's built off of the old Mandrake architecture. It's very solid and even has a live CD version as well as a games edition for kids. I'd switch over to it solely if it wasn't for some of my programs requiring .net framework... .net can't be used in any emulations under linux. It's the one windows item that hasn't been cracked by linux developers... oh well...
 

·
Registered
Joined
·
545 Posts
Discussion Starter #19
Really don't want one to go over kill with protection..

Spyware Blaster is protection on the browser end Firefox, IE
http://www.javacoolsoftware.com/spywareblaster.html
Note: manual updates for free, auto updates you pay for once

PCTools Spyware Doctor with Antivirus SE 6.0.0.362
www.pctools.com/mirror/sdastart.exe
Note: auto updates for free

PCTools Threat Fire 3.5
http://www.threatfire.com/
Note: auto updates for free

PCTools Firewall Plus 4.0.0.45/B]
http://www.pctools.com/firewall/
Note: auto updaes for free

Firefox 3.01

http://www.mozilla.com/en-US/firefox/

Adblock Plus add-on for Firefox 3.1
https://addons.mozilla.org/en-US/fir...k+Plus&cat=all

Same for these two above...
Everything listed is for free..

Spyware Doctor is now more popular the free pack now comes with antivirus and used with the Threat Fire really protected. Full version SDAV is also available if you need it. I just want less impact on the system. Free are just as good, more people prefer the free ones now.


The one in red above has been update...

Listen all don't hijack the thread for linux chat, start up another thread for that okay... Thanks
 
1 - 20 of 20 Posts
Top