Re: [PCWorks] How do I get this out of my system tray?
- From: "Clint Hamilton-PCWorks Admin" <PCWorks@xxxxxxxxxxxxxxxxxxxxxxxx>
- To: <pcworks@xxxxxxxxxxxxx>
- Date: Wed, 20 Aug 2008 07:57:39 -0500
I don't understand, so you got the original problem fixed and
now secureonlinetags.com is another different problem? That
doesn't even appear to be a valid website.
Have you run SpyBot, AdAware, Spyware Terminator, etc.? If
not, you need to run ALL of them, and be sure they are setup
correctly to scan for everything and everywhere. Run HJT,
CWShredder, and CCcleaner again. Did you do a manual scan with
AVG, after getting it setup properly and updating it? Before
you do any scans, under "Folder Options", and the "View" tab,
make sure "Show hidden files and folders" is dotted, and
UNCHECK "Hide protected OS files". Did you examine **very
carefully** the Start Up tab in Msconfig?
Also scan your HD here and see if they find anything:
http://www.kaspersky.com/virusscanner
http://www.ca.com/us/securityadvisor/virusinfo/scan.aspx
http://www.bitdefender.com/ (bottom left)
http://global.ahnlab.com/ (right side of page; virus and
malware scanners)
http://www.commandondemand.com/
http://support.f-secure.com/enu/home/ols.shtml
http://us.mcafee.com/apps/vsfreescan/en-us/
http://www.pandasecurity.com/activescan/index/
http://www.pcflank.com/
http://www.pcpitstop.com/antivirus/default.asp
http://housecall.trendmicro.com/
http://security.norton.com/sscv6/default.asp?productid=zdtv_cc&langid=ie&venid=zd
http://www.windowsecurity.com/trojanscan/
And there's probably more listed here:
http://www.johannrain-softwareentwicklung.de/e_online_antivirus_scan.htm
Hopefully these will find something odd on the PC. NONE of
these will find EVERYTHING. Some will miss what others will
find.
-Clint
God Bless
Clint Hamilton, Owner
http://www.OrpheusComputing.com
http://www.ComputersCustomBuilt.com
----- Original Message -----
From: "LarryB"
I really appreciate all the information late or not and
obviously I
will learn from all this.
Presently I have kinda got it our of the systray but still get
the
yellow triangle with "System Alert: Trojan-Spy-Win32@mx"
Then the moment I try to go to the Internet I get railroaded to
"secureonlinetags.com" and have to use Task Manager to stop the
initiated system scan that also starts.
The site comes up with M$ colors and starts the scan.
again the Task Manager stops it for the moment.
When and If I get this thing resolved I'll be back for other
setup
instructions.
Again Thanks for your time and effort all.
Larry Browning
K & L Electronics
Anderson, SC
Clint Hamilton-PCWorks Admin wrote:
> I can't find your post now, but yesterday you asked about
> Spyware Blaster and SpyBot and how they block things. I
> forgot
> to answer that in my reply. I thought I already said this,
> but
> Spyware Blaster does not have to be running in the
> background,
> in fact, it can't. It works by simply placing thousands of
> bad
> URL's and websites in the browser's Restricted Sites zone (FF
> too), and using thousands of registry tags, downloaded
> program
> files blockers, hosts file protection, etc., etc. All these
> things prevent its detected malware from ever getting on your
> PC. You have to be sure to "Enable all protection" with it,
> and be sure to make backups with it. It can make a "System
> snapshot", and backup important things that can be restored.
>
> SpyBot does it BOTH ways. In addition to what Spyware
> Blaster
> does (using the "Immunize" button), it has two 'scanners'
> so-to-speak. One is some kind of DLL, "Resident SD Helper"
> that blocks all downloads from sites in its database. You
> did
> not have it active, because like I said yesterday, I couldn't
> even get to that website, it blocked me from it. The other
> is
> a great one, "Resident TeaTimer" which DOES have to be
> running
> in the background. It shows in the System Tray. This
> protects
> you from things being added to the Start Up folder, and that
> "Run-" area in the registry where things are added to startup
> in Msconfig's area, as well as many other forms of
> protection.
> NEITHER of these are checked by default, you have to check
> both
> boxes in SpyBot's Tools > Resident area. Like a firewall,
> TeaTimer will ask if you want to allow or deny action it
> detects, and if you want it to remember the action. Then
> there's also the "IE Tweaks" area that can "Lock the Hosts
> file........." as protection against hijacks.
>
> None of this ever would have happened if you would have had
> those areas active. But, now you know. ;-) Even if you
> click
> on something bad, nothing will happen with these programs and
> ALL of their features active (as long as the malware or
> website
> is in its def's and database of course). But both the SD
> Helper and TeaTimer also work off of heuristics and detection
> of suspicious behavior, so even if something is not in their
> def's, they can still protect you from the "actions" of said
> malware.
>
> Regarding the firewall, regardless of how complicated they
> may
> be, everyone should still use one. Even at their default
> settings they are still better than nothing. Yes, like
> anti-malware programs, one router is not enough. I guess two
> is enough, anymore than that could lead to conflicts. A
> hardware firewall (like from the router) is good for certain
> things, but not for others. You will also get no warnings
> from
> it when it blocks or allows traffic. A software firewall
> adds
> another *configurable* layer of protection that protects
> against far more things than just traffic. Using both, and
> having both setup CORRECTLY, you have the best chance of
> protecting yourself. It's sort of like a bulletproof vest;
> level II is fine for most handguns (sort of like maybe the
> router firewall), level III is fine for all but the most
> powerful of handguns, and the new "dragon skin" type or level
> III+ with the ceramic shield will stop anything except the
> .50
> cal or magnum sniper rifles at close range, which is in a
> manner of speaking what you want to achieve with your PC.
> -Clint
>
>
> ----- Original Message -----
> From: "LarryB"
>
> Thanks for the input Hugh.
> You are probably right in that I clicked on something that
> triggered
> this whole mess. Time pushing is often the culprit and
> slowing
> down
> would be the cure.
> I have done the "immunize" in Spybot on all 3 of my computers
> so that's
> done. I have also installed Comodo Firewall Pro on just one
> so
> we'll see
> how that works. It appears to be easier to understand vs
> Sygate
> so far.
>
>
> LarryB
> Have a great day
>
>
> Hugh Vandervoort wrote:
>> No firewall or router can protect you from packets you
>> allow.
>> You were
>> enticed, somehow, to click on something malicious, and no
>> firewall can
>> protect from that. The only protection is to be more
>> careful,
>> and that's
>> not always easy as these guys are very clever (Click here to
>> Feed the
>> Homeless!)
>> I have found home firewalls to be a source of far more
>> irritation than
>> protection. While they have come a long way, they are still
>> a
>> source of
>> confusion and irritation to many, and not worth it for the
>> average user.
>> If you haven't used Spybot's "Immunize" feature yet, I
>> encourage you to
>> do so.
>>
>>
>> It also got by my routers firewall! I remember someone
>> saying
>> if you
>> have a router you do not need a firewall on your computer
>> also. At this
>> point I might add another one then I'll have 3 of them ;-)
=========================
The list's FAQ's can be seen by sending an email to
PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line.
To unsubscribe, subscribe, set Digest or Vacation to on or off, go to
//www.freelists.org/list/pcworks . You can also send an email to
PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your
member list settings can be found at
//www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have
access to numerous other email options.
The list archives are located at //www.freelists.org/archives/pcworks/ .
All email posted to the list will be placed there in the event anyone needs to
look for previous posts.
-zxdjhu-
Other related posts:
