|
More site info...
viruses and worms | Forum profile
|
|
Forum profile page for viruses and worms on http://www.wilderssecurity.com.
This report page is the aggregated overview from a single forum: viruses and worms , located on the Message Board at http://www.wilderssecurity.com.
This forum profile page summarizes the general forum statistics such as: Users Activity, Forum Activity, and Top Authors, which are reported in either a table or graph below for a given reporting time period.
Additional forum profile information for "viruses and worms " on the Message Board at http://www.wilderssecurity.com is also shown in the following ways:
1) Latest Active Threads
2) Hot Threads for Last Week
Warning: These statistics are generated using 'best efforts' and can experience delays and reporting errors at times. Please note that such statistics do not constitute a forum's popularity and/or exact posting volumes at any given reporting period.
|
|
|
|
|
Posting activity on viruses and worms :
|
|
Week
|
Month
|
3 Months
|
|
Threads:
|
21
|
49
|
147
|
|
Post:
|
67
|
129
|
470
|
|
|
viruses and worms Posting activity graph:
|
Top authors during last week:
user's latest post:
Firefox hijacked
Published (2009-12-09 12:38:00)
I was not able to find any infections with any of the malware/rootkit scanners I tried. Every night it develops a Vundo infection but there's something else on there that I can't find. I even uninstalled and upgraded to a different version of Firefox with no luck. What I did discover is that this redirect problem is more noticeable and happens more when using a toolbar such as the Google or Yahoo toolbar. In fact, the average user...
user's latest post:
Is possible that someone get...
Published (2009-12-13 20:58:00)
Thanks! But, again, in the case of an exploit, won't UAC prompt and ask the user about an action?
user's latest post:
Firefox hijacked
Published (2009-12-07 11:52:00)
Quote: Originally Posted by chronomatic Stop running as admin. Problem solved. Helpful comment. NOT!
user's latest post:
Rediretion to a bad site?
Published (2009-12-14 16:23:00)
Many thanks for the help. I will have to get with him later. I viewed the thumbnails before I sent him the link, and also did it a few minutes ago. It is a puzzle to me. Lodore I'll do as you suggest. He is running XP, IE, and he probably has not ever done anything as to account. I have not either. I guess then it is Administrator. Regards, Jerry
user's latest post:
What ever happened to CARNY_RIDE...
Published (2009-12-14 08:14:00)
When I used Norton AV the scanner used to get hung up looking for this malware (rootkit/virus). Eventually Symantec admitted that there was a bug in Norton that made it get hung up on quick scans looking for this 'faux virus'. I got Norton with my ISP originally, I don't use it any more. I never actually found out what CARNY_RIDE was, although worrying about it made me download & test several anti-malware apps until I...
user's latest post:
Is possible that someone get...
Published (2009-12-14 01:56:00)
Quote: Originally Posted by Pain of Salvation ...won't UAC prompt and ask the user about an action? UAC is not a security boundary (LUA and Windows Firewall are examples of security boundaries). Meaning it's always possible to sneak past it, if the exploit is written to do so. According to Marc Russinovich , this isn't easy to do in a standard (limited) account, but it is possible: Quote: If malware knows that an elevated...
Keyboard_Commando's Avatar
2
user's latest post:
Firefox hijacked
Published (2009-12-07 11:52:00)
Quote: Originally Posted by chronomatic Stop running as admin. Problem solved. Helpful comment. NOT!
user's latest post:
Google Sues to Stop...
Published (2009-12-08 21:24:00)
Quote: By ALICE GOMSTYN ABC NEWS Business Unit Dec. 8, 2009 Google has launched a legal battle against companies that allegedly infringe upon the Google name to promote "work-from-home" scams. "At the heart of the scheme is a false representation that consumers can participate in a Google-sponsored program that will allow them to make hundreds of dollars a day working at home performing a simple task that requires...
user's latest post:
Firefox hijacked
Published (2009-12-10 23:18:00)
Quote: Originally Posted by TheQuest I think your find it is [was] the boot sector of the HDD, not the CMOS under attack. Yes I know. But it liked to change the CMOS time, so I wiped it just in case. I use the Black Flag method. Hold breath and spray everything.
|
|
|
|
Latest active threads on viruses and worms ::
Started 1 day, 12 hours ago (2009-12-14 14:45:00)
by JerryM
OK. Since we can't make a good assessment as to why he got infeced, what are the best cleaners? I have the impression that, in addition to the AV, MBAM and SAS are among the best cleaners.
He needs something that won't do more damage cleaning.
Would a Restore work, or would the virus hide where it would not be affected by a Restore?
Thanks,
Jerry
Started 1 day, 14 hours ago (2009-12-14 12:27:00)
by Alcyon
Here's a non- exhaustive ThreatExpert analysis: Link , Link2
A folder called "fauxvirus" doesn't necessarily mean that it contains a faux (fake) virus...
The executable probably originates from a French kiddy website called fauxvirus(dot)com.
Started 1 week ago (2009-12-08 12:26:00)
by Fajo
Quote:
Originally Posted by Jonnas_tan
BitDefender predicts Conficker will grow bigger in 2010
hope to stay away from it in 2010 as well
I predict that BitDefender will tank and get bought out by Placebo AV.
Started 3 days, 12 hours ago (2009-12-12 14:31:00)
by lodore
Started 1 week, 3 days ago (2009-12-05 23:55:00)
by cheater87
Try Superantispyware and Spyware Terminator's HIPS to see if that can find
and block it.
Started 1 week, 1 day ago (2009-12-07 05:06:00)
by DasFox DasFox is offline Frequent Poster
I just noticed in the Application Data path there was a directory called, odbcactivepack with a dll in it called, odbcactivepack.dll
Never heard of this before, looked odd to me and can't find any info online...
Started 1 week ago (2009-12-08 07:28:00)
by jazzjon jazzjon is offline Infrequent Poster
Hi. Something keeps dropping an svchost.exe file.
Avast notices. I try to delete it.
Then 5 minutes later it pops up again.
I've done scans with : adaware pro, avast, a2, malbytes, spyhunter, trojan remover, spybot.... nothing gets it.
It drops the file after delete, it does it again with a little change.:
C:\Windows\Temp\oxpi.tmp\svchost.exe
C:\Windows\Temp\lrao....
Started 2 weeks ago (2009-12-01 22:50:00)
by subhrobhandari
Did you try to delete the partition and then create a new one from that
space?
Started 2 weeks ago (2009-12-01 16:00:00)
by Durad's Avatar
Where to find names of the most common roque programs for past month?
|
|
Hot threads for last week on viruses and worms ::
Started 3 days, 12 hours ago (2009-12-12 14:31:00)
by lodore
Started 1 week ago (2009-12-08 12:26:00)
by Fajo
Quote:
Originally Posted by Jonnas_tan
BitDefender predicts Conficker will grow bigger in 2010
hope to stay away from it in 2010 as well
I predict that BitDefender will tank and get bought out by Placebo AV.
Started 1 week, 1 day ago (2009-12-07 05:06:00)
by DasFox DasFox is offline Frequent Poster
I just noticed in the Application Data path there was a directory called, odbcactivepack with a dll in it called, odbcactivepack.dll
Never heard of this before, looked odd to me and can't find any info online...
Started 1 week, 3 days ago (2009-12-05 23:55:00)
by cheater87
Try Superantispyware and Spyware Terminator's HIPS to see if that can find
and block it.
Started 1 day, 12 hours ago (2009-12-14 14:45:00)
by JerryM
OK. Since we can't make a good assessment as to why he got infeced, what are the best cleaners? I have the impression that, in addition to the AV, MBAM and SAS are among the best cleaners.
He needs something that won't do more damage cleaning.
Would a Restore work, or would the virus hide where it would not be affected by a Restore?
Thanks,
Jerry
Started 1 week ago (2009-12-08 07:28:00)
by jazzjon jazzjon is offline Infrequent Poster
Hi. Something keeps dropping an svchost.exe file.
Avast notices. I try to delete it.
Then 5 minutes later it pops up again.
I've done scans with : adaware pro, avast, a2, malbytes, spyhunter, trojan remover, spybot.... nothing gets it.
It drops the file after delete, it does it again with a little change.:
C:\Windows\Temp\oxpi.tmp\svchost.exe
C:\Windows\Temp\lrao....
Started 2 weeks ago (2009-12-01 22:50:00)
by subhrobhandari
Did you try to delete the partition and then create a new one from that
space?
Started 1 day, 14 hours ago (2009-12-14 12:27:00)
by Alcyon
Here's a non- exhaustive ThreatExpert analysis: Link , Link2
A folder called "fauxvirus" doesn't necessarily mean that it contains a faux (fake) virus...
The executable probably originates from a French kiddy website called fauxvirus(dot)com.
|
|
Size: 398 bytes
