just reading about a guy who had nis2003 and nav2003 running on his computer, but he still got infected with Backdoor.optix.
nav protects against...
Backdoor.Optix.04
Backdoor.Optix.04.c
Backdoor.Optix.04.b
Backdoor.Optix.05
Backdoor.Optix.04.d
Backdoor.OptixPro.11
Backdoor.OptixPro.10.b
Backdoor.OptixPro.12.b
Backdoor.OptixDDoS
but still this thing got through. it was surmised that, "You may have gotten a variant that was encrypted or packed in a way so as to escape detection."
the infected user kept trying to eliminate the virus, which is actually a trojan.
"I might be a little confused also but see it kept popping up the norton box saying that norton detected a virus on my machine. Then I tried to run norton it would not let me run it or internet security or any other programs on my machine, I tried downloading a backdoor remover from cnet it would not even let me install it."
bummer.
it seems this trojan is particularly nasty... it will kill/nuke AVs and other security software running in memory... thus the inability of NAV to get it. to kill the trojan, you have to delete its autostart entries in the registry, then reboot and scan for it.
moral of the story (as i see it).... if at all possible, try to run a second AV as strictly an on-demand tool, i.e, non-resident, so that a trojan like Backdoor.optix can't nuke your protection. with a second AV installed in this manner, the user could have easily started a full system scan and cornered the trojan, provided, of course, that the back up AV had current defs, or even protected against the threat to begin with.
the other moral to the story? do not rely upon an AV, exclusively, to protect you. put a good anti-trojan program on your machine (ideally two, configured just like the AVs), and keep it current, just like you do with your AV.
also, research your firewall and see if you can learn what it will do if suddenly another application is trying to kill it. this is the very reason that i upgraded zonealarm from the 2.6 version i was so content with for so long. i learned that it was outdated and shouldn't be used because it was very easy to disable.
v3.1 or better is designed to fail in the off position... meaning that it will disconnect you from the internet if caused to fail.
one more layer of protection.
hth someone |
