October 3rd, 2003, 12:31 PM
I come to you yet again as "a voice grying in the Wilderness", although in this case "the Outback" might be more appropriate.
Please go to:
The Trojan changes the registry values
From the first page, select the "Products" link on the left side. On the next page, scroll down to the "Freeware" section.
There are a lot of useful free tools but the one you are really interested in is RegistryProt. This will intercept any attempt to modify the Registry, and will catch at least 98% of stuff that gets past your firewall and AV.
You need to understand the Registry to interpret the message, but I usually give the advice to non IT aware people to say "No" to everything, unless you are DELIBERATELY loading new software.
I have used this product for a number of years...IT WORKS...IT IS FREE
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?
October 3rd, 2003, 12:49 PM
Well yes and no.. in the situation of some of the biggies yes this is true. But defs are released for Discovered threats.. that proof of concept virii and some virii writers even submitt their virii to the AV co's and the virii is never released into the wild..
Arnt virus def's updated after new viruses are discovered (that is hit computers)?
a rough answer.. trust it is a good start 4 you
BTW: nihil.. Oh great prophet.. we the converted hear you.. your advice has been heeded by only us few.. but many are in the desert nashing their teeth in frustration.. speak louder for they are thicked of head.. for they may be converted if you use a brighter light or firmer of tone..
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
October 3rd, 2003, 04:22 PM
Well this is not nice, virus that can activate automatically, just by opening a web page.
I think its time to explore the security settings in IE.
I set my security setting on HIGH for Internet zone, that will not allow this virus to run, but its makeing surffing harder. Now Windows update does not work.
Adding *.microsoft.com to trusted sites, and setting trusted sites to MEDIUM fixed that problem, but I guess I run into more trouble as I surff the web.
I have XP Home edition, and my vife and 2 kids are using the puter as well.
I set the security high for me, but the setting is not changed for their accounts.
And XP home does not have local policy either.
If anyone knows how to easely implement IE security settings to all users please tell me.
Surffing google, microsoft sites did not help much, only found out that policy is not the way to go....
October 3rd, 2003, 04:42 PM
1st> make your IT department job easier by not playing around on the web while you are at work. I would be willing to bet that if you got a work computer infected with this, you were not viewing a site that was work related when you got the trojan.
]agree that using another browser might prevent this but the problem is when you are in the office and you are only allowed to install certain programs only and mozilla is not on the list. At home i dont use IE or but in the office I do not have a choice.
There isn't much you can do as an enduser in a work situation. The best bet would be to contatct the IT department and tell them to install osme sort of program that doesn't allowchages to the registry. I can't think of the name right now, but there are a few out hter. Other then that, there isn't much you can do in that situation.
\"Ignorance is bliss....
but only for your enemy\"