| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 65448 | 2006-01-18 08:44:00 | Viruses and security | Lizard (2409) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 422190 | 2006-01-18 22:12:00 | NDIS is a windows component, so is LSA . BUT worms can also install/create/use LSA, as said in a previous post - ie: Blaster / Sasser . Other worms/trojans etc can also use the same name/s of other / valid windows components . The little devils . . . So what's the best course of action? Grant firewall access or block these two? It seems to me that if they can install/create/use these components, granting access is risky . . . Cheers Lizard |
Lizard (2409) | ||
| 422191 | 2006-01-18 22:16:00 | if in doubt block it and see what dosn't work :D | tweak'e (69) | ||
| 422192 | 2006-01-18 22:23:00 | The only way you can find out whether the file actually belongs to Windows (and not part of a worm/trojan/adware/spyware) is to do a search in Google or Yahoo . . for the name of the virus etc whatever it is . You think you have . And if the commands etc for the trojan/worm you have on your system, match a site like Symantec, Trendmicro, or any AV site, then u have that worm/trojan etc . Most viruses/trojans/worms/spyware/adware install more than just one file . They'll also chuck something in the registry so it'll run a file or something on startup/bootup . So, even tho, whatever it is, may install a file, (similar to, or the same name as a windows file), its what it puts in the registry / in startup, thats dangerous . Since whatever it installs in the registry, thats what executes the file/s on the hdd . |
Speedy Gonzales (78) | ||
| 422193 | 2006-01-19 04:04:00 | you don't need to hack XP firewall, its lets malicious applications straight through it by default . :lol: :lol: A decent AV will search* system files and processes for aberrant info, ie . the spoofed ones should not be an issue . * depending on the scanning/realtime settings chosen . |
Murray P (44) | ||
| 422194 | 2006-01-19 04:12:00 | :lol: :lol: A decent AV will search* system files and processes for aberrant info, ie . the spoofed ones should not be an issue . * depending on the scanning/realtime settings chosen . whats that got to do with the price of fish?? this has been thrashed out a million times on this forum already ! its well proven that many malicious programs go undetected by AV programs . perfect eg . . . . . how many AV progs detect the keyboard driver which constantly contects to the net costing you $$$$ in bandwidth ?? i doubt any of them do . it goes straight through XP firewall and can cost you $1000's . |
tweak'e (69) | ||
| 422195 | 2006-01-19 04:35:00 | A decent AV will search* system files and processes for aberrant info, ie. the spoofed ones should not be an issue. * depending on the scanning/realtime settings chosen. I wonder how many of the "decent" AVs saved people's computers in this instance (www.nzherald.co.nz)? Many anti-virus programs did not recognise this type of virus, which could only infect a computer if the recipient clicked on a link in the email. Those with third-party firewalls would have got the wind up I bet. ;) |
FoxyMX (5) | ||
| 1 2 | |||||