Quantcast

Maximum PC

It is currently Sat Apr 19, 2014 12:34 am

All times are UTC - 8 hours




Post new topic Reply to topic  [ 11 posts ] 
Author Message
 Post subject: I want my Question in the Magazine !
PostPosted: Tue Jan 04, 2011 9:15 am 
8086
8086
User avatar

Joined: Sun Aug 29, 2004 5:13 am
Posts: 30
Hi MAXPC my beloved,
I have a virus/worm question. No, I don't have worms...physically! :shock:
Anyway, I use Win XP SP2 & I keep getting this Trojan:Win32/Ramnit.A .Which installs watermark.exe. If left untreated it fires up multiple svchost.exe instances & brings my PC to it's knees !!
I understand that it is really bad...changing exe's, html's , pdf's....but how do you "get rid" of it !! I mean, I read up on it & people just reformat.
It is a big pain...I had to reformat 4 times this month lol !!! Is there no way to prevent it, is there any security software written specifically to defend against it? I read somewhere that it can install code on your PC just by a "mouseover" on a web page, OMG !!
I have Zonealarm firewall installed .
Thx
David Styres
Canada

PS- I have revamped my surfing habits..so far, so good.


Top
  Profile  
 
 Post subject: Re: I want my Question in the Magazine !
PostPosted: Tue Jan 04, 2011 9:35 am 
Malware specialist
Malware specialist
User avatar

Joined: Sun Apr 03, 2005 12:49 pm
Posts: 11696
Location: Kansas City, KS
That is a bad Worm/Trojan.

The reason everyone recommends reformatting when getting that is because it can modify executable's and cause system instability at will. There isn't a real good way to get rid of it. Sometimes you can remove it, but it is a lot of work.


Top
  Profile  
 
 Post subject: Re: I want my Question in the Magazine !
PostPosted: Tue Jan 04, 2011 10:05 am 
Team Dino
Team Dino
User avatar

Joined: Mon Jun 28, 2004 6:29 am
Posts: 6099
Location: Huntsville, Alabama.
And if/when you do a reformat and fresh install, please, for the love of God, install SP3!

n0b0dykn0ws


Top
  Profile  
 
 Post subject: Re: I want my Question in the Magazine !
PostPosted: Tue Jan 04, 2011 10:13 am 
Team Member Top 250
Team Member Top 250
User avatar

Joined: Mon Dec 31, 2007 1:38 pm
Posts: 311
Location: VA Beach, VA
n0b0dykn0ws wrote:
And if/when you do a reformat and fresh install, please, for the love of God, install SP3!

n0b0dykn0ws


That jumped out at me as soon as I read his post.


Top
  Profile  
 
 Post subject: Re: I want my Question in the Magazine !
PostPosted: Wed Jan 05, 2011 7:57 am 
8086
8086
User avatar

Joined: Sun Aug 29, 2004 5:13 am
Posts: 30
jlh304 wrote:
n0b0dykn0ws wrote:
And if/when you do a reformat and fresh install, please, for the love of God, install SP3!

n0b0dykn0ws


That jumped out at me as soon as I read his post.


So SP3 has closed the door on this vulnerability?
Downloading now !!
Thx


Top
  Profile  
 
 Post subject: Re: I want my Question in the Magazine !
PostPosted: Wed Jan 05, 2011 8:58 am 
Team Dino
Team Dino
User avatar

Joined: Mon Jun 28, 2004 6:29 am
Posts: 6099
Location: Huntsville, Alabama.
Not necessarily, but SP2 is no longer supported, in fact, you haven't been receiving critical updates since July of last year!

You mentioned your firewall software, what about anti-virus and anti-malware?

You say you've reformatted, but have you scanned applications that you have saved before running them on your freshly installed OS?

Install XP on a fully (quick will do) formatted drive with no network capabilities (no network cable/wireless card attached) --> install latest service pack (SP3 here) while still offline --> install AV/AW/FW while still offline --> connect to the internet to download latest Microsoft critical updates, AV/AW definitions.

There is a program I use called CTUpdate that will allow you to download MS updates for various products, including Office. You can then run these updates while offline. This is your best bet if you have a safe/clean computer that you can use to download the files to, then burn to disc, put on an external drive, etc...

n0b0dykn0ws


Top
  Profile  
 
 Post subject: Re: I want my Question in the Magazine !
PostPosted: Wed Jan 05, 2011 9:08 am 
Malware specialist
Malware specialist
User avatar

Joined: Sun Apr 03, 2005 12:49 pm
Posts: 11696
Location: Kansas City, KS
Hey n0b0dykn0ws,

Any idea how that program compares to AutoPatcher? I love AutoPatcher but the program has quite a bit of delay in getting recent updates.


Top
  Profile  
 
 Post subject: Re: I want my Question in the Magazine !
PostPosted: Wed Jan 05, 2011 9:10 am 
8086
8086
User avatar

Joined: Sun Aug 29, 2004 5:13 am
Posts: 30
n0b0dykn0ws wrote:
Not necessarily, but SP2 is no longer supported, in fact, you haven't been receiving critical updates since July of last year!

You mentioned your firewall software, what about anti-virus and anti-malware?

You say you've reformatted, but have you scanned applications that you have saved before running them on your freshly installed OS?

Install XP on a fully (quick will do) formatted drive with no network capabilities (no network cable/wireless card attached) --> install latest service pack (SP3 here) while still offline --> install AV/AW/FW while still offline --> connect to the internet to download latest Microsoft critical updates, AV/AW definitions.

There is a program I use called CTUpdate that will allow you to download MS updates for various products, including Office. You can then run these updates while offline. This is your best bet if you have a safe/clean computer that you can use to download the files to, then burn to disc, put on an external drive, etc...

n0b0dykn0ws


I had automatic updates shut off :(
I use AVS anti virus


Top
  Profile  
 
 Post subject: Re: I want my Question in the Magazine !
PostPosted: Wed Jan 05, 2011 10:37 am 
Team Dino
Team Dino
User avatar

Joined: Mon Jun 28, 2004 6:29 am
Posts: 6099
Location: Huntsville, Alabama.
hackman2007 wrote:
Hey n0b0dykn0ws,

Any idea how that program compares to AutoPatcher? I love AutoPatcher but the program has quite a bit of delay in getting recent updates.


CTUpdate downloads the updates directly from Microsoft, so unless you have bad DNS entries then you should be pretty safe and up to date. :)

n0b0dykn0ws


Top
  Profile  
 
 Post subject: Re: I want my Question in the Magazine !
PostPosted: Wed Jan 05, 2011 10:46 am 
Malware specialist
Malware specialist
User avatar

Joined: Sun Apr 03, 2005 12:49 pm
Posts: 11696
Location: Kansas City, KS
n0b0dykn0ws wrote:
hackman2007 wrote:
Hey n0b0dykn0ws,

Any idea how that program compares to AutoPatcher? I love AutoPatcher but the program has quite a bit of delay in getting recent updates.


CTUpdate downloads the updates directly from Microsoft, so unless you have bad DNS entries then you should be pretty safe and up to date. :)

n0b0dykn0ws


AutoPatcher does as well, but it takes them sometimes 2-3 weeks to get the updates available for download. I'm hoping CTUpdate is a little quicker.


Top
  Profile  
 
 Post subject: Re: I want my Question in the Magazine !
PostPosted: Wed Jan 05, 2011 10:56 am 
Team Dino
Team Dino
User avatar

Joined: Mon Jun 28, 2004 6:29 am
Posts: 6099
Location: Huntsville, Alabama.
It's usually Wednesday after patch Tuesday at the latest.

CTUpdate generates a log, so you can always check that manually as well.

n0b0dykn0ws


Top
  Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 11 posts ] 

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group