Re: Tantanos



On 02/02/2010 01:55 PM, Eric Allen wrote:
Andy Medina wrote:
Try the Win32/Tanatos Remover:

http://www.softpedia.com/get/Antivirus/Win32-Tanatos-Remover.shtml


"Eric Allen" <eric-allen@xxxxxxxxxxxx> wrote in message
news:u2Hh4RCpKHA.1544@xxxxxxxxxxxxxxxxxxxxxxx
Peter Foldes wrote:
Is it Tantanos or is it Tanatos. Make sure of the spelling and post
back

Tanatos

tried it, no luck

There are various mutations/variants which generally require careful
removal and multiple steps to successfully achieve removal or
auto-reinfection via network activities:

http://www.viruslist.com/en/viruslist.html?id=52245
http://www.pc1news.com/virus/alias-win32-tanatos-m-1456.html
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm%3AWin32%2FTanatos.P%40mm&ThreatID=-2147412099

You can _try_ these {though note the suggestion below}:

Multi-AV - in David Lipman's sig

Win32/Tanatos - A, H, I, M variants
http://www.avg.com/ie-en/virus-removal.ndi-90825

Email-Worm.Win32.Tanatos.a,b
http://www.kasperskylab.nl/en/virus-removal-tools/email-worm-win32-tanatos-a-b.html

Similar:
http://miekiemoes.blogspot.com/search?q=virut


** Regretfully, this is one of those where the obvious best and fastest
recommendations is the one you don't want; format and re-install or pull
out that backup image and re-install. Worms and like activities are only
the *method* of deployment, generally they bring other activities along
with them, like keyloggers, and more dangerous things like *polymorphic*
activities which may not be detectable at this time regardless of what
you use.
There was a recent review which showed that 48% of the 22 million
computers scanned had virus or malware. The growth rate and more
importantly, reinfection rate is something that can not be ignored.
The increase in polymorphic activities is something else that should
stand-out; same for DNS Prefetch abuse and some of the other newer
techniques being employed.

And THIS TIME, make sure you have a really functional AV, a GOOD
firewall [not just the dang router], proper browser settings, limit P2P,
and all of the other things we MUST do to protect ourselves out here
{however much it may interfere with what we would LIKE to do]. And you
might think about making a frequently updated back-up image for the next
time if you don't do that yet. Yeah its a pain in the behind, but if
done once a month or so, you don't need so many updates and you won't
lose so many applications and/or specialty settings you might have made
in the interim.

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---
.