Haxdoor spammed in Europe

Discussion in 'malware problems & news' started by izi, Aug 17, 2006.

Thread Status:
Not open for further replies.
  1. izi

    izi Registered Member

    Joined:
    Jan 19, 2004
    Posts:
    354
    Location:
    Slovenia
    http://www.f-secure.com/v-descs/haxdoor_ki.shtml
     
  2. Suggers

    Suggers Guest

    Anyone know which AV's use Kernel drivers? Am I right in thinking that KAV 5 and KAV 6 do? Which others do?

    Cheers
    Suggers
     
  3. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    I think NOD32 does it.
     
  4. Suggers

    Suggers Guest

    Good, that's me covered then. ;)

    Cheers
    Suggers
     
  5. izi

    izi Registered Member

    Joined:
    Jan 19, 2004
    Posts:
    354
    Location:
    Slovenia
    If rootkit hide its presence, processes and files, on an infected system NOD32 will not found this active rootkit. You can find this rookit with this tool: http://www.f-secure.com/blacklight
     
  6. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    Does Sysinternal Rootkit Revealer find it?
     
  7. izi

    izi Registered Member

    Joined:
    Jan 19, 2004
    Posts:
    354
    Location:
    Slovenia

    I don't know.
     
  8. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    Well i surly won't install Mr. Haxdoor just to find out if Sysinternal Tool catches it or not :D
     
  9. Suggers

    Suggers Guest

    I have rootkitrevealer and blacklight scanners; just incase anything slips past nod32 and BOClean in realtime.
    I think using these four progs would stop nearly every nasty that could try and get through. :)

    Suggers
     
Loading...
Thread Status:
Not open for further replies.