[taskmgr]

I know there are a lot of programs that deal with all sorts of malware from cookies to hacking tools (ohnoes). But in this thread I'd like to confine discussion to the elmination of virus and trojan programs primarily.

Essentially my quandry is that I've heard a million and one good things about nod32 and Avast! but when it comes to my personal experience, they seem to come up really short.

I've had Avast! installed on my computer for a long time now, and it's never detected a virus or other malware (except for a false positive caused by Panda's lack of encryption on their database file from activescan). But when I bother to scan with trendmicro's housecall or panda's activescan I get inexplicable trojans detected, it's happened twice now, and reading the supposed trojan's location doesn't help (one of them was a pseudo false positive on tooleaky.exe which was a program designed to demonstrate the necessity of application hijacking detection in outbound firewall filters).

Most recently, I think it was panda that found one "Spyware_KEYL_astlog", in a folder that went by the name of nirsoft. After googling I found that nirsoft could I guess proc a false positive with the type of software they develop, but I don't ever remember installing or downloading anything from nirsoft.

Anyway that's the gist of where I'm at right now. I wouldn't call this a question per se, so if no one has anything to add or doesn't care, don't worry about it. I just thought it might be something worth discussing as I didn't find anything this concrete using Google.

[smeegle]

You may need to post a HiJackThis log to the Malware Removal Forum. Check the third sticky in this Forum and it will give you some additional information.

[mrss]

Quote:

Originally Posted by taskmgr

But in this thread I'd like to confine discussion to the elmination of virus and trojan programs primarily.
.

One has to adopt very careful browsing habits. I could be wrong but I think you have to consciously have to click on something these days to download or execute a file, assuming you have reasonable security levels set in your browser. A rogue site might toss a bunch of pop-ups at you where clicking them does that, but I assume one can kill the process or something like that to avoid that possibility.

If just viewing a site can infect a PC, then I guess it's worse than I think. I suppose that Java and other scripts might do that. So I turned scripts off except for sites I trust.

[lunarlander]

Just viewing a site can get you infected. Back in Dec 2005 there was a zero day WMF vulnerability, and bad guys started sending out links via messenger to bad pages containing a expliot for it.

[mrss]

Quote:

Originally Posted by lunarlander

Just viewing a site can get you infected. Back in Dec 2005 there was a zero day WMF vulnerability, and bad guys started sending out links via messenger to bad pages containing a expliot for it.

I remember reading about that on the F-secure page. Microsoft rushed out a patch a week ahead of their normal middle of the month update that January.

I use Firefox now with the no-script add-on and site advisor. However, I've come across one website that was marked green in Google, but apparently had been hijacked into a scamny "Your-PC-infected!-Click-here-to-download-fix" site.

[jazznanny]

hello guys this is jazznanny with a question. i had ca security suite. had, being the operative word.
ca really gummed up the works of my computer. and right now i have been hijacked, nothing works!
wheni try to open a file a, and i am adminstrater, my access is denied.im also getting alot of -internet explorer can not find the page. when i clicked on the email that had a link to this site,i got this message. i had to pop in a disk that restarts my dsl to come here at all.what a mess!
do any of you know what my computer has? is it a virus , a trojan, or a hijack?
oh yeah, none of my picture editors work at all.if i go to security updates and download a self extracting update, when i try to open it i get another error saying its not a valid win.32 application. and i got it from windows security. could it be my hotmail doing this?
so sorry to ask so many questions. im just stuped over this.
thanks for listening! jazznanny

[mrss]

Quote:

Originally Posted by jazznanny

hello guys this is jazznanny with a question. i had ca security suite. had, being the operative word.y

Jazznanny, you probably want to start a new thread with the title "CA security suite hijacked" or something like that. That way, someone who knows CA is more likely to respond, and also readers know you need assistance, and the focus will be on your problem. This particular thread is more general and not likely to get people to read it.

[RootbeaR]

Quote:

Originally Posted by lunarlander

Just viewing a site can get you infected. Back in Dec 2005 there was a zero day WMF vulnerability, and bad guys started sending out links via messenger to bad pages containing a expliot for it.

Just being connected to internet is all it takes. No need to visit a site, you will have a probe come looking for a way in.