16 total posts
There are hack tools, exploits
Some hack tools can be used by a hacker or unauthorized user to attack, gain unwelcome access to or perform identification or fingerprinting of your computer.
More info in http://symantec.com/avcenter/
Just make sure your system is fully patched because even if you have up-to-date antivirus, antispyware, antitrojan, an unpatched system is vulnerable.
Also make sure that your firewall software is up-to-date and always enable.
Another thing is make sure that there ports are stealthed for unwanted port scans or intrusions.
How would one be sure that a hacker is not in your computer after all scans come out clean without suspicious acitivity?
You mentioned that you have antivirus, firewall and Spybot S&D. IMHO, one antispyware is not enough to catch all known spyware and malicious adware. You should install Ad-aware SE and Microsoft AntiSpyware too. Add ewido (http://www.ewido.net) too.
Microsoft AntiSpyware offer real time protection against spyware. Similar to SpywareGuard (http://www.javacoolsoftware.com).
Some tools for prevention:
Get SpywareBlaster (http://www.javacoolsoftware.com)
Microsoft AntiSpyware (http://www.microsoft.com/spyware)
When It Comes to the Net & Your 'Puter: Paranoia Is....
Your Friend (Big Time) !!!!
Once you have installed the items
Donna suggested, download and run Belarc Advisor. It will tell you the staus of your system regarding MS updates, AV, tec.. It also lists the install key for ll your software and gives a snapshot of your system.
Results of Spybot S &D
I've run Belarch and my security and windows updates are up to date.
I ran Spybot S&D and this is what i got ( I fixed the cookies but i wasn't sure what the last two are?? Anyone know if they are are??:
TargetNet: Tracking cookie (Internet Explorer: MB) (Cookie, fixed)
Advertising.com: Tracking cookie (Internet Explorer: MB) (Cookie, fixed)
Advertising.com: Tracking cookie (Internet Explorer: MB) (Cookie, fixed)
Avenue A, Inc.: Tracking cookie (Internet Explorer: MB) (Cookie, fixed)
DoubleClick: Tracking cookie (Internet Explorer: MB) (Cookie, fixed)
FastClick: Tracking cookie (Internet Explorer: MB) (Cookie, fixed)
MediaPlex: Tracking cookie (Internet Explorer: MB) (Cookie, fixed)
ValueClick: Tracking cookie (Internet Explorer: MB) (Cookie, fixed)
Windows Security Center.AntiVirusDisableNotify: Settings (Registry change, nothing done)
Windows Security Center.FirewallDisableNotify: Settings (Registry change, nothing done)
Which security should be the default?? McAfee or Windows?
I read Spybot Sandra's reply and it applies to my situation. According to her,
'' The reason why the changes are flagged by Spybot-S&D is that there are also malware programs that disable the notifications so the user doesn't take note of his security tools not being effective. ''
Actually this happened to me; my windows and Mcafee were both shut down and I got a notification if i want to make Windows Security Center my default or Mcafee Security Center. I chose Macafee.
I'd like to revert back to the original settings before this fiasco, but i'm not sure what was my default security setting and which is recommeneded for better security?
Don't know what happened but Spybot detected ''Webhancer'' earlier this week and deleted it but since then I've had Spybot get all kinds of spyware and cookies; before that my scans were always clean.
I have a similiar situation
except that I use Norton instead of McAfee. I choose to let Norton notify me instead of the Security Center because I trust it more so I have those detections excluded as Sandra explained on that post. I also have Automatic Windows Updates disabled so I have that detection excluded too. It's a personal choice as to what you do.
It appears that paranoia is not such a bad thing!
I did an online scan with Bitdefender and apparently I am infected with the Exploit.Html.Codebase.Exec.Gen virus? I have no clue what this is but all I know is it sounds really scarey!
Also I got the Trojan.Bettinet.AJ which doesn't sound any better either! Grrrrr
I can't get rid of them either...any suggestions what these are and how can I get rid of them.
BTW - bitdefender is really really thorough.
Thanks much again.
That scan is known for
false positives. You may not have anything at all wrong. Try this here you may not need the log but save it just in case. This is a trial version but becomes free after 14 days, you just lose the guard and the automatic updating after the 14 days but can still update maunally after that. IF you actually have these, ewido should find them.
Dowload link http://www.ewido.net/en/
* Install ewido security suite
* When installing, under ''Additional Options'' uncheck ''Install background guard'' and ''Install scan via context menu''.
* Launch ewido, there should be an icon on your desktop double-click it.
* The program will now go to the main screen
You will need to update ewido to the latest definition files.
* On the left hand side of the main screen click Update
* Then click on Start Update
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update ewido.
Once the updates are installed do the following:
* Click on scanner
* Click on Complete System Scan and the scan will begin.
* While the scan is in progress you will be prompted to clean files, click OK
* When it asks if you want to clean the first file, put a check in the lower left corner of the box that says ''Perform action on all infections'' then choose clean and click OK.
* Once the scan has completed, there will be a button located on the bottom of the screen named Save report
* Click Save report.
* Save the report .txt file to your desktop.
Now close ewido security suite.
...dif. scans are yielding different results!
The two previous viruses found by BitDefender, Trojan.Bettinet.AJ and Exploit.HTML.codebase.Exec.Gen weren't found with the most recent scans. Altho i will run Bitdefender again, as Roddy said, it might yield false positives as the scans I recently performed were NEGATIVE for those two particular viruses altho i fuond plenty others! lol
I ran Kaspersky and it found NOTHING!
I ran Spysweeper and found adware and WEBHANCER although it did NOT detect Exploit.HTML.codebase.Exec.Gen, (which was originally found with BitDefender. I did a web search for this virus and it was recommended that Spysweeper rids ExploitCodebase! (http://www.spywaredb.com/remove-exploit-html-codebaseexec/) but the scan came up negative for it!!
So I ran ewildo as recommended and these are the results and it did not detect
Exploit.HTML.codebase.Exec.Gen,! SO hmmm, who do I trust?? BitDefender, Spysweeper, or Ewido!!?? lol
Prior to inadvertently downloading WEBHANCER, I had no problems with spyware, but now I can?t seem to keep up with the infestations! Any suggestions for ridding my system of this most persistent and annoying pest!!!??
I?ve posted HiJack Logs but still haven?t gotten feedback ? my computer is running at a snail?s speed as a result!!
My advice would be to wait until
whichever HJT forum that you posted the log at responds. They can see exactly what is going on inside your computer. That will eliminate the guesswork. Please be patient with them, they are busy.
Right now, that's sounds like a good idea!
...i rescanned with BitDefender, and the the two previous viruses it detected the first time i ran it came out NEGATIVE this time!
Roddy, you are right! BitDefender does yield false positives!
Im going to wait and see wht the Hijack experts say because i still have a problem with this WEBHANCER. This particular spyware has ruined my system!
(NT) Good luck, let us know how you make out.
I ran BitDefender just for the sport of it...
It took a long time (1 hr & 23 minutes) plus download time for the program of about 15 minutes on dialup. Results were clean and nothing found.
excellent security site
read up here and try all the "shields up" tests at steve gibson's site