Spyware, viruses, & security : Argh what happening???
I always go to
by jonny2000 - 6/28/07 7:37 AM In reply to: Glad to know your Windows is up-to-date now! by Donna Buenaventura
www.microsoft.com & click on security & updates.
The zango thing is such an annoyance because i can't understand why i always get it.Iv checked for anything resembling them in Add/Remove Programs but there isn't anything. I regularly update my AV software & scan my pc thoroughly . For a while now iv been using the free edition's of Superantispyware,which i quite like & trust,Avast AV that i also like & trust,i like the real time security on that. I also use AVG anti root kit on a regular basis. And occasionally i use Trend Micro online scanner. I don't use lots of toolbars,just firefox,google & sometimes IE7. I did a scan last night & had 3 adware,which is about the norm for me. And my last AV scan a few day's ago brought up win32:FreeTrip-E (WRM)x 2-one in logitch\RecourseCenter\Installers\wanadoo\kitwandoo.exe,i have no idea how i executed that! I don't remember doing anything regarding any of it. And the same worm in fileC:\SystemVolumeInformation-restore. Anyway i deleted them (it was a pre-boot scan) Im a bit ruthless when it comes to infection,one of these days i won't be so lucky & might end up with an unbootable machine! 
Try them :)
by Donna Buenaventura - 6/28/07 7:48 AM
In reply to: I always go to by jonny2000
Give the http://update.microsoft.com/ and http://downloads.ewido.net/ewido_micro.exe a try and it will be interesting how they'll work to your Office updates and to the malware that you have for unknown reasons.
When you got a clean system, I highly suggest to use a 3rd party HOSTS file that blocks known malware sites (including the domains of Zango)
http://www.mvps.org/winhelp2002/hosts.htm
Thanks for the links
by jonny2000 - 6/28/07 8:01 AM In reply to: Glad to know your Windows is up-to-date now! by Donna Buenaventura
Donna,i will give them a try now.
Il check back in soon & let you know how it goes.
Thankyou 
Im pretty impressed & suprised..
by jonny2000 - 6/28/07 12:45 PM In reply to: Glad to know your Windows is up-to-date now! by Donna Buenaventura
Ewido found 7 spyware,i think that the ubcd ones in the list below could be false positives (not sure really) but the paypal ones are very unnerving. Here's what it found..
TrackingCookie.Paypal:Mozilla.10.C:\ubcd4win\BartPE\Programs\Firefox\Data
" " " |Application|Fierfox|files
TrackingCookie.Webtrends C:\documents&settings\Richard\cookies\richard@
" " " \Richard\localsettings
(Richards used to own this pc)
Not-A-Virus Remote Admin C:\ubcd\plugin\network\netcat\files\nc.exe
(ewido found a couple of these)
So i think that Ewido is really good. Iv download the suggested AVG antispyware too,im going to do a scan shortly.
Im still trying to understand the bit about the Host & where to download it etc,but il get there!
Thanks Donna..
Sure false positive on BartPE!
by Donna Buenaventura - 6/28/07 1:08 PM
In reply to: Im pretty impressed & suprised.. by jonny2000
I have BartPE too but ewido didn't flag it here. Must be something in my settings 
You can try to report this false positive at:
http://forum.grisoft.cz/freeforum/list.php?9
HOSTS file: Just download it from http://www.mvps.org/winhelp2002/hosts.zip
Extract the content in a temporary location.
Go to C:\Windows\System32\Drivers\etc directory
Rename the existing hosts file as hostold.bak
Move the HOSTS file that you've extracted to the said directory and you're done.
Easy for you to say!
by jonny2000 - 6/28/07 2:07 PM In reply to: Im pretty impressed & suprised.. by jonny2000Lol! Thanks for the tips Donna,im going to give it a go now that my head has cleared,iv just been having a 'blank kind of a day' today where my brain is lagging behind some what.
It was the micro one that flagged Bart,not the actual AVG i downloaded after. But yeh im pretty impressed!
Right lets see if i can this Host thingy out,sounds really good! And report these false positives..
Ps,the LinkScanner hasn't brought anything up since the last incident,so thats good too.
:-D
by Donna Buenaventura - 6/28/07 2:37 PM
In reply to: Im pretty impressed & suprised.. by jonny2000
You wrote:
"Lol! Thanks for the tips Donna,im going to give it a go now that my head has cleared,iv just been having a 'blank kind of a day' today where my brain is lagging behind some what.
It was the micro one that flagged Bart,not the actual AVG i downloaded after. But yeh im pretty impressed!
Right lets see if i can this Host thingy out,sounds really good! And report these false positives..
Ps,the LinkScanner hasn't brought anything up since the last incident,so thats good too."
Maybe because your Windows is now up-to-date?
Good work BTW!
Hope you'll get Office updates too!
You'll not regret adding a hosts file. It really works and many of us here are using a HOSTS file to block unwanted malware sites and bad ads.
Hi Donna..
by jonny2000 - 6/29/07 10:24 AM In reply to: Im pretty impressed & suprised.. by jonny2000Just wanted to let you know that i think i managed to download the HOST file ok. Once i downloaded it,extracted it & opened the folder it brought a command prompt screen up,i think i clicked ok or next & it did it all its self,so that was quite painless thank goodness!
Im just going to read up all about why i did it in the first place,now that my head has caught up with my body!
Thanks for all your help & talking me through it,your F.A.B!
Bev
(NT) You're welcome! :-)
by Donna Buenaventura - 6/29/07 10:40 AM
In reply to: Argh what happening??? by jonny2000
LinkScanner alert on CNet
by pbitton - 7/2/07 1:10 PM In reply to: Argh what happening??? by jonny2000The LinkScanner alert that a few people encountered on June 27th was the result of a false positive and was fixed.
Pat Bitton, Exploit Prevention Labs
Great!
by Donna Buenaventura - 7/2/07 1:29 PM
In reply to: LinkScanner alert on CNet by pbitton
Thank you Pat for fixing the false positive
Thanks for your support
by pbitton - 7/2/07 2:26 PM In reply to: Great! by Donna Buenaventura
Thanks, Donna, for your support in keeping the conversation going. Much appreciated!
Pat
Another werid thing from CNet today
by txlevi - 7/2/07 7:08 PM In reply to: Argh what happening??? by jonny2000I received an email saying that a new version of WinAmp was available on CNet. When I opened the email to download it and clicked on download, Windows One Care reported that a worm had been detected (zafi.B@mm) Windows One Care deleted it.
I went on to check my current version of WinAmp and found that the version that was reported new was one that I downloaded on 5/31. It was already version 5.35.
I have always been pretty cautious with my emails, but either I got in a hurry this time or was too trusting of the email that looked just like all the other CNet emails about software on my watch list.
It seems to be time for all of us to be much more cautious.
Levi
Never click on live links. If possible view the email in
by Donna Buenaventura - 7/2/07 10:51 PM
In reply to: Another werid thing from CNet today by txlevi
plain text or you should switch to TEXT versions of the newsletter/subscription. Also, I suggest to use Mailwasher (free from http://www.mailwasher.net) to view the email while on the server and it will display whether the link on the message has been spoofed, phished or not.
There is also Mailwasher Pro (paid version from http://www.firetrust.com - if you have more than 1 email account).
"I received an email saying that a new version of WinAmp was available on CNet. When I opened the email to download it and clicked on download, Windows One Care reported that a worm had been detected (zafi.B@mm) Windows One Care deleted it."
Are you subscribe to CNET download.com Watch List - update alerts?
It's best to go the "watch list" page and download from CNET download.com directly while you are viewing the page using a browser or from the vendors' website.
Good thing your OnceCare caught the worm
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
