Re: How did I get this?
From: Catamount (Nope_at_notgonnaspam.me)
Date: 02/24/05
- Next message: mnygren98: "Malicious Software Removal Tool Removal"
- Previous message: David H. Lipman: "Re: Help I canot log on !!"
- In reply to: t.cruise: "Re: How did I get this?"
- Next in thread: t.cruise: "Re: How did I get this?"
- Reply: t.cruise: "Re: How did I get this?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 24 Feb 2005 08:38:21 -0500
Hah...is quarentined Solataire!
t.cruise wrote:
> I am aware that XoftSpy is NOT an antivirus program. I mentioned that I have an antivirus
> program (AVG), a firewall (Zone Alarm), AND Xoftspy (for spyware/malware/etc.)
>
> Here's the portion of the XoftSpy log that's pertinent:
>
> <ScanningRegValuesChanged>
> </ScanningRegValuesChanged>
> <FILE PATH = "W32.Coflop@mm C:\WINDOWS\System32\SOL.EXE"/>
> <FILE PATH = "C:\WINDOWS\System32\SOL.EXE"/>
> </Scanning>
>
> <Information Message = "Starting to Quarantine 1 Items"/>
> <Quarantines>
> <QTFILE PATH = "C:\Program Files\XoftSpy\Quarantine\Quarantine23-02-2005-00-59-01.xpy" />
> <INFO ACTION = "Added"/>
> <INFO TIME = "23-02-2005-00-59-01"/>
> <QInformation Message = "Quarantining File W32.Coflop@mm - C:\WINDOWS\System32\SOL.EXE"/>
> </Quarantines>
> <QInformation Message = "Quarantining File REG BACKUP -
> C:\DOCUME~1\Tom\LOCALS~1\Temp\regbackup.reg"/>
> <Removal>
> <SW NAME = "W32.Coflop@mm ">
> <FILE NAME = "C:\WINDOWS\System32\SOL.EXE"/>
> <FILE RES = "C:\WINDOWS\System32\SOL.EXE Successfully ReMoved"/>
> </SW>
> </Removal>
> </Session>
>
> T.C.
>
>
> "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
> news:OLX72seGFHA.2276@TK2MSFTNGP15.phx.gbl...
>
>>We can't tell you how you got it but you should NOT have switched. Ad-aware is a known
>
> and
>
>>well respected non-viral anti malware application Xoptspy is not and it certinly isn't
>
> an
>
>>anti virus application.
>>
>>Chances are it is a False Positive.
>>
>>http://www.spywarewarrior.com/rogue_anti-spyware.htm#xos_note
>>"XoftSpy was listed on this page because of concerns with false positives "
>>
>>Now my questions are --
>>What file was declared as having the Coflop and was it deleted and what anti virus
>
> software
>
>>are you using ?
>>
>>
>>--
>>Dave
>>
>>
>>
>>
>>"t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in message
>>news:OtDNyleGFHA.3648@TK2MSFTNGP09.phx.gbl...
>>| I have a decent firewall, an antivirus program with updated definitions, and practice
>
> very
>
>>| safe Internet (Road Runner connection) surfing. I don't use a preview pane In Outlook
>>| Express, don't accept Active AX from any site, and don't open email attachments unless
>>| I've looked at the source code in text first with my text only email monitor. I'd
>
> been
>
>>| using Ad-Aware SE, but switched to Xoftspy. Yesterday an XoftSpy drive scan found the
>>| W32.Coflop@mm worm on my system. It was not there two days earlier. When I read the
>>| details about the worm at SARC, it says that it's delivered by email. I hadn't opened
>
> any
>
>>| email attachments, or any HTML email with scripts. I am the only person who uses this
>>| system. My firewall is running fine. Would someone please give me an idea as to how
>
> this
>
>>| worm might have gotten on my system, and what sort of precautions I can take, other
>
> than
>
>>| those that I have already, to avoid more infections?
>>| --
>>|
>>| T.C.
>>| t__cruise@[NoSpam]hotmail.com
>>| Remove [NoSpam] to reply
>>|
>>|
>>|
>>
>>
>
>
>
- Next message: mnygren98: "Malicious Software Removal Tool Removal"
- Previous message: David H. Lipman: "Re: Help I canot log on !!"
- In reply to: t.cruise: "Re: How did I get this?"
- Next in thread: t.cruise: "Re: How did I get this?"
- Reply: t.cruise: "Re: How did I get this?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
