[pchelpers] a word to the wise and not so wise (was: antitrojan help)
- From: "Ekhart GEORGI (last name last)" <ekhart.georgi@xxxxxxxxxxx>
- To: pchelpers@xxxxxxxxxxxxx
- Date: Thu, 10 Jun 2004 11:34:55 +0300
Hi Billy
Forwarded below is the answer i got from the antitrojan program that you
couldn't figure out how to use. Looks like this is as trustworthy a
company as i was lead to believe by my research on the matter. Looks
like you in fact only got mixed up because of the automatic memory scan
that runs when the program is started and by the confusing and small
interface. (And by forgetting to turn off AVG.) It's apparently the best
antitrojan program around, and it's maybe a good sign it looks so geeky
and the user interface is so unintuitive. When things get nice-looking
and flashy, you're approaching the world of charlatans and ripoff
artists like Bill Gates, and then you can be sure the products usually
work less well...
You probably never realized you have to click Scan Control and choose
the correct scan target (all hard drives). Well, when we panic (and most
of us do when a virus or other malware hits) none of us are very good at
reading directions and getting to know a new program. But this seems to
be the best antitrojan program around, and the support seems to be great
too.
HOWEVER, i was VERY surprised that after downloading it and trying it
out so i could help you, it didn't pick up a trojan horse (not activated
of course) that AVG does and that i've been keeping around to be able to
test antivirus programs. (Since i'm sending a copy of this to TDS
support, here's the details that AVG gives on the pest: trojan horse
Dialer.7.H )
You might wonder at the sanity of keeping this pest (and a few virus
mails i got over the last few months) on my computer (albeit in a
non-activated state), but i've realized that i need some real pests to
be able to test programs and help people that run into trouble. It's not
enough to use the EICAR test file.
You see, as many of us know who have slowly slipped into the "almost
expert" role by helping clueless friends and acquaintances, many browser
hijacks and other malware are not caught completely or even at all
innocently. People go to pages they wouldn't want others to know about
having visited. And then they have "no idea" how they picked up their
problem.
So when my ten-year-old had friends over, went to play an online game,
and said i shouldn't come into the room for a while, i knew i would have
to go see what he was up to in about 2 minutes. Sure enough, even though
he's the most honest kid around and has always asked for permission
about any new game sites, he thought he would just try out if there is
such an address as www.sex.com. Don't try it out. Not just because of
good moral reasons, but because most of you readers still haven't found
the ten minutes time and energy to install Firefox.
My son always uses Firefox when possible, but he has permission to use
Internet ExploDer (if i've tested the site for spyware and worse) when a
site is programmed against Internet standards to only function on IE. He
was so excited about his "smart" idea that he used IE for his experiment
(because he was honestly planning to only look and then go to the
permitted game site), and that's why he got caught.
You see, he and his friends were so shocked by what he saw that they
immediately closed the browser, but IE exploded with a series of popups
that they couldn't get rid of, and they had "no idea" where those came
from when i walked into the room. One look in History, and i knew what
was up.
Well, i realized i'm going to have to keep ahead of my son's
inquisitiveness and be prepared for the next stupid move to be expected
in a few months or years. I first tested the site using Firefox, and
sure enough, there were no popups, just the disgusting main page itself.
Then i got brave and clicked on one of the links and sure enough, it
wanted to download something.
I'll spare you the technical details, but basically it wanted to
download a so-called dialer so that they could sell me their filth
through a phone bill instead of a credit card. That's exactly the way
they try to nail minors who don't have a credit card. But i also
realized that fooling around with this pest would teach me how to help
"grownups" that run into this sort of thing and then pretend they don't
know how they got it.
Sorry for this long post, but i have no time to shorten and edit it (in
fact no time to be writing it (-: ), and i felt i need to explain why i
have (inactivated) pests sitting around on my computer -- i think it's
justified because i can then help some basically honest and moral people
in distress who got a little to curious...
And that way i can also advise less inquisitive and just plain careful
people who want to protect themselves before any trouble hits. So i'm
looking forward to the TDS answer why the supposedly best antitrojan
program doesn't catch a trojan that AVG does (and that wass reported on
Kaspersky's site in early May).
I'm afraid i can already guess the answer though; they might say one has
to have a different program against every kind of pest and that "my"
pest is not a trojan even though AVG calls it that. I wonder how long
it's going to take before six or so good products like AVG and Spybot
and SpywareGuard and SpywareBlaster and TDS and Sygate are combined into
one easily updatable and maintanable program to make life easier for
normal users and those that actually want to use their computer for
doing something besides protecting it and doing maintenance...
Well, i know, there is such a program, and it comes free when you buy a
Mac: it's also called a sane or a real operating system, both of which
Windows is not really, but i haven't had the time and money to buy one
yet. And maybe i could help people more by first installing an easy
Linux version parallel to Windows.
Ekhart
DiamondCS Tech Support kirjoitti:
> Hi,
>
> When something is detected by TDS-3, you can simply right-click and
> choose "delete"
>
> Our program does not refer you to anyone else, and if you have problems
> removing a trojan you can email support for some help
>
>
> Best regards,
> DiamondCS Support
>
> PROCESS GUARD - CRITICAL Protection for Windows 2000/XP
> - Ensure Windows Integrity
> - Stop rootkits, DLL injection
> - Prevent firewall bypassing
> http://www.diamondcs.com.au/processguard
>
>
> ----- Original Message -----
> *From:* Ekhart GEORGI <mailto:ekhart.georgi@xxxxxxxxxxx>
> *To:* tech@xxxxxxxxxxxxxxxx <mailto:tech@xxxxxxxxxxxxxxxx>
> *Sent:* Thursday, June 10, 2004 12:25 AM
> *Subject:* [DCS] urgent: downloader.axload.e.
>
> IP: 80.186.129.196
> Time: 12:25am Thu Jun 10 2004
> Registered programs: (none)
>
> 0 file(s) uploaded.
>
> I recommended you to someone who\'s XP Pro is infected with
> downloader.axload.e.
>
> He answered this:
> The program you refer to, with 30 day trial, only scanned and told
> me to use AVG to get rid.
>
> It definitely does not say on
> http://tds.diamondcs.com.au/index.php?page=download
> that the program will only detect and not delete during the 30-day
> trial
> period. If it doesn\'t delete, you can\'t see if and how it works.
> That is a method not used by trustworthy companies.
>
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at //www.freelists.org/cgi-bin/lsg2.cgi
List archives at //www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.
Other related posts:
