Haxdoor spammed in Europe

Discussion in 'malware problems & news' started by izi, Aug 17, 2006.

Thread Status:
Not open for further replies.
  1. izi

    izi Registered Member

    Joined:
    Jan 19, 2004
    Posts:
    354
    Location:
    Slovenia
    http://www.f-secure.com/v-descs/haxdoor_ki.shtml
     
  2. Suggers

    Suggers Guest

    Anyone know which AV's use Kernel drivers? Am I right in thinking that KAV 5 and KAV 6 do? Which others do?

    Cheers
    Suggers
     
  3. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    I think NOD32 does it.
     
  4. Suggers

    Suggers Guest

    Good, that's me covered then. ;)

    Cheers
    Suggers
     
  5. izi

    izi Registered Member

    Joined:
    Jan 19, 2004
    Posts:
    354
    Location:
    Slovenia
    If rootkit hide its presence, processes and files, on an infected system NOD32 will not found this active rootkit. You can find this rookit with this tool: http://www.f-secure.com/blacklight
     
  6. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    Does Sysinternal Rootkit Revealer find it?
     
  7. izi

    izi Registered Member

    Joined:
    Jan 19, 2004
    Posts:
    354
    Location:
    Slovenia

    I don't know.
     
  8. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    Well i surly won't install Mr. Haxdoor just to find out if Sysinternal Tool catches it or not :D
     
  9. Suggers

    Suggers Guest

    I have rootkitrevealer and blacklight scanners; just incase anything slips past nod32 and BOClean in realtime.
    I think using these four progs would stop nearly every nasty that could try and get through. :)

    Suggers
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.