Category Archives: Trojan Horse

Free Software Tests for Bot Infections

PineApp has released a free zombie test that can instantly discover whether an organization’s computer network might be an unwitting spamming machine — a “zombie” or “bot” — that can send thousands of infected spam messages to other networks—without its knowledge.

As a global provider of appliance-based solutions for email and network security, PineApp Corporation (http://www.pineapp.com) has created the free diagnostic tool—Zombie Detection System™ (ZDS™)—to determine if a network is infected. Organizations can simply go to http://www.rbltest.com/, enter the IP address and get an instant analysis.

http://www.darkreading.com/document.asp?doc_id=137353

2 more kitty (storm worm) gone undetected by many scanner

I received similar email last week where 15 out of 32 malware scanners will detect or trigger an alert if found or being downloaded in the system.

Today, I got 2 more kitty greetings.  Result is 10 out of 32 scanners will detect or trigger an alert:

kitty1021vt 

kitty1021vta

kitty1021vtb

kitty1021vtc

Preview of emails:

previewkitty1

previewkitty2

Whenever I send file to VirusTotal.com I always let them distribute the sample to AV companies so they can add it to their detection.  Let’s hope those will be detected soon as it is out-there.

Users need to make sure they are patched, they have the security tool configured to get the updates automatically and most important do not click on anything.

What about Trojan Horse?

Trojan Horse – A program that neither replicates nor copies itself, but causes damage or compromises the security of the computer. Typically, an individual emails a Trojan Horse to you-it does not email itself-and it may arrive in the form of a joke program or software of some sort.  A Trojan horse can be considered a virus if it is widely redistributed.


Prevention:


1.  Patch your system.  Visit Windows Update website and make sure that critical updates are installed in your system.


2.  Verify that all important patches are properly installed by visiting Pedestal free web-audit.  You can also install any of the following free patch management tools or use a webaudit to verify that you are not missing any patches:



3.  Do not run any unknown or suspicious programs.  If you noticed a new .exe file or documents in your system or received an e-mail with attached .exe, zip, doc etc., do not run or click it.  Make sure that your system has on-access antivirus scanner.  It is 100% recommended to use a antivirus that has the ability to scan incoming files especially incoming e-mails. 


4.  Install a firewall.  If ever a trojan managed to slipped into your system, a good firewall will alert you that a file or program is trying to make a communication.  Refuse the connection.


5.  Install an Anti-Trojan software.  It is known that not all antivirus can detect trojans.  If you have extra-bucks, get a good anti-trojan software. 


Removal


Go to any of the following sites that will scan, detect and clean your system for active trojans: