-
January 26th, 2004, 08:55 AM
#16
Intel Mod
Well I've just done an interesting test on a Win2000 system that came to me very cranky, with 100% CPU usage & several instances of SVCHOST.EXE, so of course you think Nachi.
System ran Vet, owner admitted probably not up-to-date. NTFS, so as my own system is 98/ME, commandeered another 2000 system in for attention, whacked the hard drive out of the other system in.
Ran AVG6 Free, fully updated.
Found eight Trojan infected files, with Downloader.Stubby.A , Secthought.B , BackDoor.Adbreak.B , Dropper.Swicer.A , all successfully cleaned.
Did Panda Online, found Downloader.L in one file, successfully repaired.
Did Trend Housecall, found 6 files with ADW_RULEDOR.C and TROJ_POPMON.A , uncleanable. Two deleted, four currently quarantined.
Ran Stinger, there was the W32/Nachi in SVCHOST.EXE, deleted.
Who can you believe? Is the system clear yet...? Sigh...
I was going to try the new a squared 2 on it ( see here: http://forums.windrivers.com/showthread.php?t=54767 ) but when I installed it on the system, requests for connection to megaprovider.nl started, so it's out for the moment.
Edit: more scans on the same system just for reference:
Sygate wouldn't download...
Trojanscan.com couldn't scan memory, system came up clear, database was late 2003.
Bit Defender found the Ruledor in the re-named files (Trend didn't once they were re-named) but didn't notice Popmon. Heuristics seem to be OK, it found a joke FakeFormat file not reported by anything else, and flagged it as not a virus. Others may have identified it too, but just not reported anything...
CWShredder found nothing.
I'll pass the system as cleared.
Last edited by Platypus; January 27th, 2004 at 08:31 AM.
-
January 26th, 2004, 09:50 PM
#17
Registered User
Cheers,
The Computer Valet
Mike Whalen
-
January 27th, 2004, 08:22 AM
#18
Intel Mod
Originally Posted by The Computer Valet
crap...
???
My post?
This thread?
AVG?
Viruses & trojans?
One thing I do observe about AVG, since the update system was changed to small incremental files, updates can sometimes be very frequent. Twice including just now I've updated when I've gone online, then checked before the end of the 4 hour session and there's been another update.
-
January 27th, 2004, 03:21 PM
#19
Driver Terrier
www.anti-trojan.net
Even pulled a trojan out of a zip file.
Never, ever approach a computer saying or even thinking "I will just do this quickly."
-
January 28th, 2004, 06:53 AM
#20
Intel Mod
Originally Posted by NooNoo
Quote from above site:
"Anti-Trojan 5.5 discontinued
The very successful product Anti-Trojan will not be continued any longer due to personal reasons. Customers, who bought Anti-Trojan can get a free unlock code for Anti-Trojan here to be able to use it. The software is therefore freeware now. But no signature updates will be published for Anti-Trojan in the future. Therefore it is recommended to switch to the successor product aČ personal of Emsi Software GmbH to stay secure. aČ personal is much more powerful than Anti-Trojan 5.5. For more details please read the aČ product page."
-
January 31st, 2004, 07:30 PM
#21
Intel Mod
Originally Posted by Platypus
I'll pass the system as cleared.
Nope, more stuff kept coming up, so I nuked it...
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Bookmarks