Comments on: Nasty Trojan Zeus Evades Antivirus Software http://www.darknet.org.uk/2009/09/nasty-trojan-zeus-evades-antivirus-software/ Ethical Hacking, Penetration Testing & Computer Security Tue, 14 Feb 2012 00:17:07 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: nunya http://www.darknet.org.uk/2009/09/nasty-trojan-zeus-evades-antivirus-software/#comment-159481 nunya Tue, 06 Oct 2009 15:28:48 +0000 http://www.darknet.org.uk/?p=2131#comment-159481 The 6.0 version of Evidence Eliminator by Robinhood software on its website contains the Zbot trojan and is not detected until after install. Steer clear of it. The 6.0 version of Evidence Eliminator by Robinhood software on its website contains the Zbot trojan and is not detected until after install. Steer clear of it.

]]> By: monstr-fan-boy http://www.darknet.org.uk/2009/09/nasty-trojan-zeus-evades-antivirus-software/#comment-159100 monstr-fan-boy Tue, 22 Sep 2009 16:33:47 +0000 http://www.darknet.org.uk/?p=2131#comment-159100 There already is an removal tool out there. it There already is an removal tool out there. it

]]> By: Little Mac http://www.darknet.org.uk/2009/09/nasty-trojan-zeus-evades-antivirus-software/#comment-159072 Little Mac Sun, 20 Sep 2009 12:51:40 +0000 http://www.darknet.org.uk/?p=2131#comment-159072 Memory monitoring, kernel/whole-system protection is provided by some security products. If the malware can't access the CPU, it can't infect the system no matter what it does. Typically this comes from a powerful HIPS; then it doesn't matter about the AV (definitions are. Always behind the curve anyway). My personal choice, Comodo CIS, is free (not Open-Source) and lightweight on the system. There are many other good ones, some also free (Online Armour has paid and free versions). The only downside to these apps is that they do require some user interaction. Memory monitoring, kernel/whole-system protection is provided by some security products. If the malware can’t access the CPU, it can’t infect the system no matter what it does. Typically this comes from a powerful HIPS; then it doesn’t matter about the AV (definitions are. Always behind the curve anyway).

My personal choice, Comodo CIS, is free (not Open-Source) and lightweight on the system. There are many other good ones, some also free (Online Armour has paid and free versions). The only downside to these apps is that they do require some user interaction.

]]> By: senn http://www.darknet.org.uk/2009/09/nasty-trojan-zeus-evades-antivirus-software/#comment-159069 senn Sun, 20 Sep 2009 01:47:36 +0000 http://www.darknet.org.uk/?p=2131#comment-159069 I've seen lot of computers infected with this zbot. Some antivirus able to detect this virus behavior however failed to remove it. And some anti virus not able to detect it at all. I’ve seen lot of computers infected with this zbot. Some antivirus able to detect this virus behavior however failed to remove it. And some anti virus not able to detect it at all.

]]> By: JibbaJabber http://www.darknet.org.uk/2009/09/nasty-trojan-zeus-evades-antivirus-software/#comment-159050 JibbaJabber Fri, 18 Sep 2009 20:44:00 +0000 http://www.darknet.org.uk/?p=2131#comment-159050 "I someone comes up with a tool or method to prevent and detect these infections." I -hope- so too, only problem is most people who don't know jack and don't use antivirus anyways because of the 'hassle' involved in it and the complexity of the task just won't get it, still. However, many of the whole security software suites that include Firewall, anti-virus, anti-phishing, anti-spyware, etc. protection do include system hooks and such for protecting themselves, and you know what happens? The protection becomes so bloated that it's as bad as the malware you're attempting to protect yourself from. Have you tried any of it? It's really hopeless from the end user perspective. The bad guys will always find a way to subvert the system for their illicit gains until everything is useless. Enjoy. “I someone comes up with a tool or method to prevent and detect these infections.”

I -hope- so too, only problem is most people who don’t know jack and don’t use antivirus anyways because of the ‘hassle’ involved in it and the complexity of the task just won’t get it, still.

However, many of the whole security software suites that include Firewall, anti-virus, anti-phishing, anti-spyware, etc. protection do include system hooks and such for protecting themselves, and you know what happens? The protection becomes so bloated that it’s as bad as the malware you’re attempting to protect yourself from. Have you tried any of it? It’s really hopeless from the end user perspective. The bad guys will always find a way to subvert the system for their illicit gains until everything is useless. Enjoy.

]]>