QuoteMicrosoft has confirmed that malware is responsible for XP-based systems suffering BSoDs and rolling reboots after the application of a patch released during February's Patch Tuesday bundle.............
http://blogs.zdnet.com/hardware/?p=7377
That's interesting Noreen as a lot of people seemed to be affected :thumbs:
This was suggested on another forum as a possible cure. http://support.kaspersky.com/downloads/utils/tdsskiller.zip
Info about this. http://support.kaspersky.com/viruses/solutions?qid=208280684
This was caused by a particular variant of the TDL3 rootkit which belongs to the TDSS/Alureon family. Very few AV can detect it and only three so far can remove it. Prevx will detect all known variants but requires manual removal by Prevx technicians via a remote session. The best detection and removal is using HitMan Pro, this is a free on-demand scanner but has a 100% success rate so far.
http://www.surfright.nl/en/hitmanpro
As far as I know ESET is totally blind to most of these TDL3 variants. The only thing that will detect it and stop it is a decent HIPS program, Sandboxie will contain it - just don't let it out of the sandbox, and DefenseWall will neuter it (but not remove it from the system).
There are apparently other malware that like TDL3 are totally undetectable by (most) AV software so it looks as though the days of being protected by an AV alone are now gone which is why some of the suites are now trying to incorporate HIPS and Sandbox type protection. We live in interesting times ;D
Further reading for those who may be interested:
http://www.wilderssecurity.com/showthread.php?t=265297
http://www.prevx.com/blog/143/BSOD-after-MS-TDL-authors-apologize.html
Thanks, Ian. :thumb:
NP Rik.
It's getting scary just how many people are getting infected with these new rootkits and have no idea. A few years ago Malware was designed to trash computers but the writers have got wise and realised that they need to infect without leaving a trace if possible so they can harvest all the users personal data and card information. Look at the explosion in rouge AV designed to make people think they are infected and pay to clean up. Some of those people are apparently making millions a month.
Have a look at these, there must be thousands of them and the sad thing is that most have better looking GUI's than a lot of legitimate one's:
http://www.lavasoft.com/mylavasoft/rogues/a
It's getting quite scary, isn't it, Ian. :(
Dumb terminals are the future
I've argued this for a while. Of course, it will be full circle for me. :)
They may have more than one colour now Rik, apart from green.
;D
I always preferred amber myself.
I used to fix a lot of Wyse terminals a few years ago, are they still going?
I haven't seen one in years...
http://www.wyse.com They are still in business, in the current climate of companies being terrified for intellectual property theft, I can't see why they are not used more. If a Wyse laptop gets stolen, al you lose is the laptop.
I'm all for it. :thumb: