|
|
| Page 1 of 1 |
|
|
 Posted: Sat, 24th Mar 2007 01:08 Post subject: Well WTF! |
|
 |
So I just reinstalled windows a lil over a week ago cause of some virus bugging me. This time I've only been to like 5 sites and all of them are clean sites so how the hell I got it is beyond me.
ewido detects svehost.exe and is infected with some trojan. I deleted all the registry keys for it, ran a search on the file and deleted all of them. anything im over looking? I'm using symantec corp edition AV/Firewall, and Ewido but it keeps comming back.
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 24th Mar 2007 01:22 Post subject: |
|
|
ok , first of all the best anti virus to use is kaspersky , you can use a trial key if needed , full year or more keys are easy to find on the net .
i would need to know the steps you made with your install .... did you format your drive ? did you redownload your drivers / msn/aim / shareware aka winrar winamp etc from the original source after that ?
did you use ANY executable that was on the previous system ?
maybe i am understanding this wrong , you suffering from the exact same trojan ? or you happen to wonder why you got so infected again so easy ?
a few more tips , after installing windows update it imadiately , then use firefox for your webbrowsing , also posting a hijackthis log will help to find the cause . But as i said in the beginning Kaspersky is by far the best anti virus , try that one first , here is the link http://downloads1.kaspersky-labs.com/products/release/english/homeuser/kav6.0/kav6.0.2.621en.exe
Edit : ah i see you got it fixed yourself , but having windows updated / firefox / kaspersky should keep your system clean
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 24th Mar 2007 01:28 Post subject: |
|
|
I have all my normal used programs on my storage. HD so I don't have to redownload them cause I refuse to open up IE if I don't have to, I even have the mozilla installer on my storage HD. My XP is the etho jan release. Win amp and stuff like that is all from original source. MSN and all that are from trillian. only drivers I downloaded were the nvidia ones from evga. Only thing I've downloaded latley is screne releases from torrentleech but nothing was detected while downloading, just randomly this morning. and yes it's the same trojan. and no it hasnt been fixed, I deleted all the stuff but still comes back about an hour later so im sure theres something in teh registry or temp folder that keeps redownoading it.
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 24th Mar 2007 04:52 Post subject: |
|
|
Hmm, try setting up a firewall or a packet monitor to see if someone is injecting it to you, rather than you stumbling on it.
[21:38] <chiz***> how do you "had" aids
[21:38] <Voyevoda> when you get it down to 1 aid
-------------------------
<JonTG> Man, my penis is so big if I laid it out on a keyboard it'd go all the way from A to Z
<JonTG> wait, shit
|
|
| Back to top |
|
|
Rinze
Site Admin
Posts: 2343
|
| Posted: Sat, 24th Mar 2007 17:48 Post subject: |
|
|
Do you use a router? Or is your newly installed windows, without security patches connected directly to the internet?
svehost.exe is used by several worms and spyware. At least one of them spreads using easy/empty passwords in windows. Make sure you set all your accounts to use a proper password, or make sure your router stops traffic to your pc (meaning no dmz)
|
|
| Back to top |
|
|
|
|
| Posted: Sun, 25th Mar 2007 03:17 Post subject: |
|
|
Anyone recommend a good firewall? Went back to blackice but it kept fucking everything up, sygate seems to slow my internet down, I refuse to go back to symantec.
|
|
| Back to top |
|
|
|
|
| Posted: Sun, 25th Mar 2007 05:17 Post subject: |
|
|
wow nevermind, I got the trial of the internet security from kaspersky and I love the features. Especially the HTTP monitor. Will be buying this  Thanks stefan.
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
| Posted: Sun, 25th Mar 2007 17:51 Post subject: |
|
|
You know any sites that test secutiry? I'd like to give this program a run, I did find one site that lets you download harmless test files and kaspersky alerted me before the download screen came up which I like quite a bit.
|
|
| Back to top |
|
|
|
|
| Posted: Sun, 25th Mar 2007 18:47 Post subject: |
|
|
if you really want to , i can provide some firewall bypassing trojans that are encrypted , basicly only kaspersky detects it , and stops it from injecting ( pro active defense will stop it before you even scan it ) . i could provide you 100% undetected where only KAV pro active defense would stop it , but i wouldnt want that one in the open .
http://virusscan.jotti.org/
this site enables you to upload a file and have it scanned by a dozen ANti virus scanner and shows you the result . i use this to compare how anti detection tools fare for each scanner , kaspersky never failed me .
EDIT : i see you wanted to test the kaspersky firewall , ill give my 2 cents on this one , basicly i never in my life used a firewall , reason is if it can get past your anti virus , your firewall wont stop it either , most malware is really simple programmed and your anti virus wont have a hard time finding it / get rid of it ( even norton the joke of the anti virus scanners will do the job here ) . The most advanced and most dangerous malware are the backdoors/trojans that gives a user remote control of your computer , they can steal any info , delete anything , name it . these are more simplified for example to steal your cd keys ( hidden in cheats / mods etc ) and some are 2 - 3 years old and still not stopped by any firewall in standard mode ( that most users use ) , there is even a trojan with a special feature that will even bypass the kaspersky firewall ( lucky i only know of one in the world and its pretty unstable ) so basicly you have to rely on your anti virus . I will tell you an example how much they can difference , 2 years ago i was asked by a girl to check on her computer , she had an unupdated windows infested with virusses and what not , her norton ( updated ) said the computer was clean so installed kaspersky and at 50% scanning it found 76 different malware , at that point i decided to do a format .
Sorry for the long wall of text haha , but i hope it gives you an idea , and as always be careful running any exe , think twice if its needed and worth the trouble you might have later on.
|
|
| Back to top |
|
|
| Page 1 of 1 |
All times are GMT + 1 Hour |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB 2.0.8 © 2001, 2002 phpBB Group
|
|
 |
|
