McAfee: New Worm Eats Your AV Software



+ Add a Comment


Are you still worrying about the coldness in Winter? moncler man moncler down Jackets uses 100% genuine down and high quality fabrics to keep warm. Simple and modern design may not attracts your eyes at first. moncler coat But if you put it on, you must be our of the ordinary. moncler donnaThat is the design concept of many big brands. Here, buymoncler offers a lot of down jackects and Leisure shoes for Men and Women, moncler sale and also kids. Choose one for yourself or your family, moncler uomoyou will be the unique ones of this winter. – comes from Shuna Sun



This article would be even more useful if provided any kind of information how to clean up the virus...



I would imagine the worm refuses to eat Norton more for the bad taste it leaves in folks' mouths after 6 years of producing sub-par products.  Funny to hear someone brag on Norton who's not talking about the DOS version.  As you might recall, it took special tools to uninstall Norton 2003-2006 and it was installed on tons of new PCs.  In those days, I'd have welcomed malware that would remove it. 



I remember in the past I installed an AV program on a guest computer and set up a password in the AV program to prevent tampering. With the password enabled you couldn't even uninstall the program without the password. I wonder if in this case it may help if you set up a password in the settings of the AV program.

Edit: I checked and it seems entering a password is a protection against malware attacks as well as a direct access deterrent.




The line "The worm is spread by email with a link to a seemingly innocent PDF file " is misleading because the email does not link to a PDF file.  It links to a .SCR file but /appears/ to link to a PDF file.  I realize this is what you meant but without knowledge of the actual misdirection in the email your sentence could be taken to mean the PDF file is infected.

From McAfee: "The URL does not actually lead to a PDF document, but rather an executable in disguise, such as PDF_Document21_025542010_pdf.scr served from a different domain"



Norton has Tamper proof Protection, which prevents this sort of malicious attacks.  Haer that all you AVG folks?  On a side note, SuperAntiSpyware also has a form of tamper-proof protection  :)



This is why I use a multi-tiered approach to protection, my computer itself has Avast, backed up by Iobit Security 360, Iobit Advanced System Care, and the windows Firewall (I have trouble getting other firewalls to work with Trillian and Homegroup for some reason, but I'm begining to think that's something to do with the network drivers of windows7 on my ancient nforce2 board downstairs than anything), and use Nitro PDF instead of pigware like Acrobat (though in this case that's irrelevant)


And then my DDWRT configured router has some protections, and of course, I use a web email and not  local client, and do the old standbys of never opening thing's I am not expecting.

Log in to MaximumPC directly or log in using Facebook

Forgot your username or password?
Click here for help.

Login with Facebook
Log in using Facebook to share comments and articles easily with your Facebook feed.