June 21st, 2010, 05:01 PM #1
- Join Date
- Jan 2003
- Outside the box
- Blog Entries
New Backdoor Trojan Kills Windows Boot Process
This could be one scary virus
"A recently discovered backdoor sample (detected as Backdoor:Win32/Yonsole.A) can accept and execute a command from a remote server to modify the Master Boot Record (MBR) on the affected machine," Feng said. "The modification to the MBR is like the old "Stoned" virus for DOS. However, in this case, the MBR does nothing but display a banner in the center of the screen and freeze the PC. We detect the new MBR as Trojan: DOS/Yonsole.A."
New Backdoor Trojan Nukes Windows Boot Process
Last edited by RicheemxX; June 21st, 2010 at 05:03 PM.
TechIMO Folding@home Team #111 - Crunching for the cure!
“Because The People Who Are Crazy Enough To Think They Can Change The World, Are The Ones Who Do.”
June 21st, 2010, 09:32 PM #2
Commonsense and logic
Take the following steps to help prevent infection on your computer:
Enable a firewall on your computer. Done! Anyone who suggests just SPI is all you need is a bone head.
Get the latest computer updates for all your installed software. Except for MS. Use caution when updating. ..sides effects will be known.
Use up-to-date antivirus software. Preferably one with a renowned solid engine. Antivirus programs very in detection capability month to month...
Limit user privileges on the computer. No brainier here. Especially with kids
Use caution when opening attachments and accepting file transfers. If you don't know why you would receive it, then you have no reason to open it...
Use caution when clicking on links to Web pages. The cumbersome Noscript for Firefox is great.
Avoid downloading pirated software. A virtual machine is great for p2p. (The legal stuff of course) And if it has several hundred seeds, then it's probably alright anyway
Protect yourself against social engineering attacks. Social engineering attacks?? This is where you have too much time on your hands. These social network games, etc are a treasure trove for malware. Just like the porn sites.
Use strong passwords. PWDhash for Firefox!
Last edited by Taxmancometh; June 21st, 2010 at 09:34 PM.
June 22nd, 2010, 10:40 PM #3
Where can I download this "common sense and logic" you mentioned?
June 23rd, 2010, 01:51 AM #4
June 23rd, 2010, 02:31 AM #5
Looks like Avira already had the detection pattern in the database back in February.
BDS/Agent.AAMH - Summary
Of course I'm going by Mccarfree's alias "Generic BackDoor "
This might be it: TR/Spy.ZBot.aqwe.80 - Summary
Be kinda funny if someone created a boot screen that looked like this and uploaded to one of the wincustomize type sites.
Last edited by Taxmancometh; June 23rd, 2010 at 02:49 AM.
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
By schnub in forum Technical SupportReplies: 3Last Post: June 3rd, 2008, 02:58 AM
By Bradte20 in forum Security and Privacy IssuesReplies: 21Last Post: March 18th, 2006, 07:28 AM
By malidewd in forum Technical SupportReplies: 3Last Post: March 12th, 2006, 10:11 PM
By hilolagoon in forum Security and Privacy IssuesReplies: 2Last Post: November 2nd, 2003, 01:24 AM
By aznlurkerz in forum Technical SupportReplies: 8Last Post: January 5th, 2002, 10:54 AM