Disappointed with: BOClean, Avast!, Win Defender, Spyware Terminator w/Clam...

because I had all of them running and updated and I still caught:
Trojan.Dos.Rebootpc.B

I knew something was wrong for the last few days because the sytem was sluggish and CPU useage was high. I ran AVG antispyware, avast! (real-time), Spyware Terminator with Clam AV (on-demand and real time), superantispyware, Ad-aware, a2, Windows defender. They all found cookies. I then went to the BitDefender website and it found this Trojan. Can anyone comment on this whole thing ?

More importantly, since I can't trust what I have running on my system, is there a GREAT website that will scan a file and do a better job than my software? I got the trojan from a .exe file that I downloaded from what I thought was a reputable download site.

 

Have you tried Virus Total ?

There's a link in my sig.

 

A DOS Trojan? That's endangered species...
It may quite easily be a false positive.

Maybe you will end up disappointed with - BitDefender...

 

If after those you're still suffering from forced intrusions like that then you really should take some wholesome and intelligent advice, be wise, and install a lightweight HIPS along with a Sandbox or even a virtual program like Retunil.

Theres simply no excuse for intruders busting thru to your machine like that but those choices you been counting on have definitely let you down.

Take a new approach and more aggressive approach as mentioned, it's like throwing up a force shield ahead of your regular security apps. In reality, those apps should only serve to confirm your front-line shieldings are doing their job and your scanners should pick up nothing so long as you set some HIPS monitoring/sandbox/virtualizing on the very front lines for your Defense Shield.

EQSecure 3.4 PASSED all of NicM's tests against the most villianest intruders, and System Safety Monitor has a free version too at last look. These ARE NOT hard to set up and BOTH have Learning Modes to get your protection started in the right direction.

Returnil is just released an extremely efficient NEW update to their virtual program, have a try with it.

YOU CAN KEEP THAT FROM HAPPENING AGAIN: You just need to realign your guards and add better forward shielding.

 

Yep, Easter is correct. High time to use one of these ISR-softwares, like Returnil and security softwares that are able to stop the execution of softwares.
Returnil removes any malware as a "change" and that means any malware, including not-blacklisted malware, undiscovered malware and even non-existing malware, created in the future (like in the Terminator movies).
Be faster than the bad guys, run over them, terminate them forever.

PS: Scanners are the sissy way of fighting against malware, where the good guys run after the bad guys and collect their droppings. They will never win the war this way.

 

Thanks Guys. The only problem with HIPS, which I have enabled on the Comodo Firewall and Spyware Terminator is that I don't REALLY know what I am granting temporary or eternal right to. Don't the bugs lie, in other words... ?

I will take a look at everything that you mentioned. I would welcome getting rid of the load of memory and CPU cycles that all of this "protection" software is taking up. They sure did not do their job.

 

You could try a policy based hips.
DefenseWall and GeSWall are two I know of.

 

brjoon1021,

A. First you have to choose an Image Backup software.

B. Then you have to choose an ISR-software.

C. Then you have to choose security softwares :
Any security software that stops the execution of malware is good.
Choose security softwares, that don't need daily updatings, evergreens which only require program updates, not signature updates.
You don't have to remove malware with scanners anymore, because your ISR-software will remove them 100% during EACH reboot, that is alot better and faster than scanners.

D. To keep the good changes.
Disable any automatic update of any software, which is a one-time operation
Each time you want to upgrade your system and this is very important :
1. Reboot first, which will clean your system.
2. Unfreeze your system, any ISR-software has that function.
3. Then update your softwares on demand, including Windows
4. Freeze the updates, any ISR-software has that function and you are back in business with an upgraded system.
As long you don't do any upgrade, keep your system frozen.
If you want to try new stuff, install it on your frozen system and if you want to get rid of it, just reboot and it will be gone as if it was never there.

If you want to verify your system sometimes, install one of these advanced+ scanners temporarily and run them.
I've done this a few times, but they didn't find anything, which is normal, because I clean my system during each reboot.

E. Separating your personal data from system.
This simplifies everything and you can do with your system partition whatever you want without losing your data.
You can also do separate backups, after all your system doesn't change so often as your personal data.

 

I seconded the suggestions of eAlbert & easter... BoB practices & sound logic.

Btw, more than 70% of the pay-per-play public netcafes in Taiwan uses the original Big5 version of Returnil... first saw/use that in 2003.