A day or so ago I was searching the Internet, looking for a discone antenna. Today, after a routine virus scan of my system, I see that ZoneAlarm quaranteened a Win32.Softomate trojan horse, which it described as a dangerous "back door" type that lodged in my registry. It was able to delete it, but evidently the thing was able to get through both the ZoneAlarm and Microsoft firewalls undetected.

I mention this here because, in trying to retrace my steps to deduce where the trojan horse probably came from, I remember one person's site visited looking for a discone antenna. It was different in that I was led to a page where I clicked on a link that turned out to be a page of dumb girly pics. I exited right away, but it seems possible something got downloaded.

So keep your antenna up.

Robinson Carusoe

On Fri, 1 Sep 2006 13:50:08 -0800, "bookburn"
wrote:

This is a multi-part message in MIME format.

Why in a text-only forum?

I also notice that you use Microsoft Outlook Express and that this
"Trojan horse" is specific to Internet Explorer as an advertising
toolbar.

Given that you are publishing MIME format to this group, and that your
browser picked up an infection, you should review the security
settings AND publishing preferences for both M$ tools.

Another solution is to switch to securer platforms like Firefox for
browsing and another newsgroup (and email) reader (I use Agent which
is absolutely untied from DLLs).

73's
Richard Clark, KB7QHC

Stop using IE and Outlook. Msft only provides protection for a price.

Set your news reader options to read and post only text, no HTML.
Set your emailer the same, text only.

Turn off javascript in your web browser's preferences/options.
If you really need it on, then make sure it's worth the risk
and turn it back off when you're done.

Turn off all non-essential system services when connected
to the net. The only ports you should show listening on
windows are 135 and 1025 (AFAIK they can't be turned off)
and they should be set to be blocked by your firewall.

Good luck and safe surfing.

I've got an additional bit of advice.

Be very cautious about what you delete after being told by a program
that it's malware. The programs I use have targeted quite a number of
innocent files as allegedly being malware. Not too long ago, I had to
spend considerable time writing code to replace a purchased third-party
utility package which had been part of EZNEC for years. Some of the
spyware/adware programs had decided, completely incorrectly, that it was
some evil spyware. I finally got tired of customers asking why EZNEC
wouldn't run, then having to explain that it was because they'd deleted
a file that it uses and needs.

Browse through the testimonials for the various malware-detection
programs and you'll see "Wow! Found 14 files none of the other ones
found!" Yeah, and those are some of the same ones you'll see comments
like this for: "I began using XXX, and now I can't connect with the
Internet." or ". . . and now my computer won't boot." Or, ". . . and now
EZNEC won't run." There's a lot of poor software out there. Don't
blindly believe everything it tells you.

Roy Lewallen, W7EL

On Fri, 01 Sep 2006 21:33:52 -0800, Roy Lewallen wrote:

I've got an additional bit of advice.

Be very cautious about what you delete after being told by a program
that it's malware. The programs I use have targeted quite a number of
innocent files as allegedly being malware. Not too long ago, I had to
spend considerable time writing code to replace a purchased third-party
utility package which had been part of EZNEC for years. Some of the
spyware/adware programs had decided, completely incorrectly, that it was
some evil spyware. I finally got tired of customers asking why EZNEC
wouldn't run, then having to explain that it was because they'd deleted
a file that it uses and needs.

Browse through the testimonials for the various malware-detection
programs and you'll see "Wow! Found 14 files none of the other ones
found!" Yeah, and those are some of the same ones you'll see comments
like this for: "I began using XXX, and now I can't connect with the
Internet." or ". . . and now my computer won't boot." Or, ". . . and now
EZNEC won't run." There's a lot of poor software out there. Don't
blindly believe everything it tells you.

Roy Lewallen, W7EL

I found my Outlook Express had correct settings, but not using them, plus
the blocked senders list was no longer working after I erased stuff there.

So now, as suggested, I am off IE and OE and have gone to Firefox and
Opera. Maybe I'll check out the new IE 7 when it gets out, though.

Thanks for the heads up.

Robinson Carusoe



--
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/

On Fri, 01 Sep 2006 21:33:52 -0800, Roy Lewallen wrote:

I've got an additional bit of advice.

Be very cautious about what you delete after being told by a program
that it's malware. The programs I use have targeted quite a number of
innocent files as allegedly being malware. Not too long ago, I had to
spend considerable time writing code to replace a purchased third-party
utility package which had been part of EZNEC for years. Some of the
spyware/adware programs had decided, completely incorrectly, that it
was some evil spyware. I finally got tired of customers asking why
EZNEC wouldn't run, then having to explain that it was because they'd
deleted a file that it uses and needs.

Browse through the testimonials for the various malware-detection
programs and you'll see "Wow! Found 14 files none of the other ones
found!" Yeah, and those are some of the same ones you'll see comments
like this for: "I began using XXX, and now I can't connect with the
Internet." or ". . . and now my computer won't boot." Or, ". . . and
now EZNEC won't run." There's a lot of poor software out there. Don't
blindly believe everything it tells you.

Roy Lewallen, W7EL

I found my Outlook Express had correct settings, but not using them,
plus the blocked senders list was no longer working after I erased stuff
there.

So now, as suggested, I am off IE and OE and have gone to Firefox and
Opera. Maybe I'll check out the new IE 7 when it gets out, though.

Thanks for the heads up.

Robinson Carusoe






--
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/