Re: Worms?

From: Winged (Winged_at_nofollow.com)
Date: 09/19/05

• Next message: roadburner: "Extremely odd thing with Giganews DMCA?"
• Previous message: nemo_outis: "Re: Free software firewalls I have never heard of before"
• In reply to: David H. Lipman: "Re: Worms?"
• Next in thread: David H. Lipman: "Re: Worms?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 19 Sep 2005 01:25:34 -0500

David H. Lipman wrote:
> From: "Winged" <Winged@nofollow.com>
>
> | TheThigILove@gmail.com wrote:
>
>>>For someone who's kind of spyware naive, where can I locate the hosts
>>>file? I will try the spybot as you suggested. I must admit, this is the
>>>first instance of the term "crapware" that I've heard. Thank you!
>>>
>
> | %\windows\system32\etc
> |
> | Make sure to switch mode of spybot to advanced mode, after scanning and
> | immunizing, preferably after you have updated...then check BHOs )browser
> | helper objects, activeX controls, startup items and processes. All of
> | this are accessible through the advanced mode. Use spybots host list if
> | you have a machine with >128MB RAM.
> | Winged
>
> The correct path to the 'hosts' file is...
>
> For NT based OS'
> %windows%\system32\drivers\etc
>
> For Win9x/ME
> %windir%
>
> For NT based OS', anything alse means the Registry setting which is...
>
> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
> DataBasePath=%SystemRoot%\System32\drivers\etc
>
> Has been changed by malware.
>
> The Multi AV Scanning tool I provided in this thread deals with alterations of this setting
> and if is different from the above it will be set to the above and it will also rename
> 'etc/hosts' to 'etc/hosts.bak' to make sure the anti virus files can be downloaded from
> their respective vendors web sites.
>
Yup, your right, somehow I missed the driver portion of the
path...Thanks for the catch..
Winged

---

• Next message: roadburner: "Extremely odd thing with Giganews DMCA?"
• Previous message: nemo_outis: "Re: Free software firewalls I have never heard of before"
• In reply to: David H. Lipman: "Re: Worms?"
• Next in thread: David H. Lipman: "Re: Worms?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Worms? ... >> For someone who's kind of spyware naive, where can I locate the hosts ... I will try the spybot as you suggested. ... | this are accessible through the advanced mode. ... anything alse means the Registry setting which is... ... (alt.computer.security) Re: Searchwww - Final Thread? ... Spybot has an advanced mode that has a lot of features. ... advanced mode it actually warns you that the settings can do harm to your PC ... I think the problem occurred when a Spybot upgrade had a fault. ... Spybot to prevent other applications from removing the Searchwww. ... (microsoft.public.security.virus) Re: Searchwww - Final Thread? ... > advanced mode it actually warns you that the settings can do harm to your PC ... > real time protection against programs trying to change your system settings. ... > I think the problem occurred when a Spybot upgrade had a fault. ... (microsoft.public.security.virus) Re: NIS 05 Causing Screen Freeze/Lockups? ... You must be running Spybot in Mode> Advanced mode to have access to ... Residents TeaTimer and SDHelper. ... Don't enable anything in Advanced mode if you're not absolutely certain ... >> Despite the official Symantec line, I'd not install /any/ new Norton ... (microsoft.public.security) Re: SpyBot Search & Destroy Update 31/12/03 ... Actually it looks like I have always been running in Advanced mode, ... version, just called Spybot is in alphabetical order under programs, but the ... >> Thanks much Rosanne & Siljaline! ... >> Tedd Riggs ... (microsoft.public.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)