Jump to content

Magus

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. As a knowledgeable user of computer/network security, I'm also going to recommend AVG Anti-Virus. I've done thorough tests with copies of Norton & McAfee 2004, both of which have flaws and many installation problems. Norton has a tendancy to pull up many false positives, being hyper-jumpy about everything you do, and McAfee misses quite a few viruses. You've also failed to mention that there are many other malicious trojans out there like this one -- Sub7 being one of the worst. I will caution users that use IRC and go to networks that do not use hostmasking (ie, your address is partially masked). There are Sub7 bots that gather IP addresses and continue to spread infection. You failed to point out one serious critial update the user needs to perform -- Windows Update. Seeing as how 95% of the household (and corporate, for that matter) world uses some version of the Windows operating system, Windows Update is needed. Worms such as Sasser and Blaster (BOTH of which my old school got hit with -- and didn't Sasser have a patch 3 weeks before it's release?) use exploits that are patched by downloading the fixes from Windows Update. You're making a lot of claims about finding stuff in the registry that appears out of the ordinary -- to a lot of users, stuff in the registry will appear out of the ordinary. That does NOT mean you should delete it. You also didn't say what a user infected with any sort of RAT (Remotely Activated Trojan -- CIA, Sub7, Netbus, NetSphere, etc are examples of a RAT) could have happen to them. Well, here is a small list that comes to mind. -Run as a XDCC bot (file exchange, generally warez or other illegal materials) -Used in a botnet for packeting purposes (as in your bandwith is used to flood someone else offline) -Used as a base of spreading an infection (your computer will continue to spread said infection via KaZaA/other P2P transfer, IRC, any IM service, HTTP servers (many attack unpatched IIS servers, the HTTP server built into Windows), and more) These are the most common functions. There are many more, to suit the taste of the attacker. I hope I've cleared a few things up and added some more insight.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.