Trojan.SVCHost/Fake.Process

View previous topic View next topic Go down

Re: Trojan.SVCHost/Fake.Process

Post by Belahzur on Thu May 13, 2010 10:14 pm

It was a new nasty rootkit, but we killed it. Right On!


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Trojan.SVCHost/Fake.Process

Post by Voods on Fri May 14, 2010 1:18 am

Well thanks Blahzur...! (was it the tdds variant?) ;-)

Will the Future MBAM/ESET/SASW be able to detect these, before they can cause damage?

I have the full version of MBAM and eset, what software can I use to stop rootkits from impregnating my system from the go? I obviously don't have enough protection.

P.S I know my last query does not fit into this categoery, just did not want to start a new thread, but I will post it into a new thread if too much trouble.

But thanks again, reboot and boot was full speed ahead!

Regards
Dave

Voods
Senior
Senior

Posts Posts : 229
Joined Joined : 2008-12-07
Gender Gender : Male
OS OS : Windows 7 Professional
Protection Protection : Eset Smart Security 4
Points Points : 31454
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan.SVCHost/Fake.Process

Post by Belahzur on Fri May 14, 2010 8:15 am

(was it the tdds variant?) ;-)

Evolution of TDSS, called TDL3. MBAM probably wont detect it because this rootkit can hide in several places MBAM can't go, either in the MBR, or can infect proper system files and use that as it's own malicious file.

ESET may warn of patched system files, but I'm not sure it's able to repair them, not an infection like TDL3 anyway.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum