Kasperky 6: I get many spyware, malaware, etc.

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi, I use Kasperky Anti-virus 6 and I think I have configured fine.
When I used a sofware firewall I never had problems wit junk files.
Now I use a router and every day I have to search spyware, malaware,
worm with Ewidi, Spyboat and Ad-Aware.
They find many many junk files every day.
Two days ago a spyware has modified the IE home page.
What can I do please?
Thanks



Re: Kasperky 6: I get many spyware, malaware, etc.

On Wed, 01 Nov 2006 11:22:57 +0100, ijones@TOGLIinterfree.it wrote:

Quoted text here. Click to load it

A external NAT router/firewall blocking all unsolicted inbound is what
you need. If you're using Win XP, at least activate its firewall for
the time being, or use a software firewall for the time being.

You also need to set IE on max security for the Internet
Zone, and configure your Trusted Sites Zone for just a minimal number
of sites. You should rarely use IE. Use a alternate browser such as
Firefox, K-Meleon or Opera. Keep up to date on all MS hotfixes,
patches and service packs. Activate MS Update service to run
automatically.

Art
http://home.epix.net/~artnpeg

Re: Kasperky 6: I get many spyware, malaware, etc.

I'm sorry my inexperience but Netgear DG834GT router has a NAT
external firewall- Do I make a mistaken? For default is has all the
shut ports.
Always I use only Firefox,
Perhaps do I need a anty-spyware like spywareguard or Spywareblaster?
Thanks


Quoted text here. Click to load it

Re: Kasperky 6: I get many spyware, malaware, etc.

On Wed, 01 Nov 2006 13:05:38 +0100, ijones@TOGLIinterfree.it wrote:

Quoted text here. Click to load it

Only if you are careless and download questionable software or insist
on visiting all kinds of porn sites.  I don't even have KAV active
realtime and I never have any malware problems. Maybe you rely too
much on your various anti malware products to protect you rather than
using your head??? Maybe you open and Run unsolicited email
attackments?

Art
http://home.epix.net/~artnpeg

Re: Kasperky 6: I get many spyware, malaware, etc.

Art wrote:

Quoted text here. Click to load it

I think that Art has hit the nail on the head. In the meantime,
Spyware Guard is still of use for browser hijack protection, but 1) it
has not been updated for over 2 years, and 2) there are other/better
apps that do the same thing. The WinXP SP2 FW, for example.

1) SpywareBlaster is a nice complement to KAV, or any AV for that matter.

SpywareBlaster - site blocking
   http://www.javacoolsoftware.com/spywareblaster.html
SpywareGuard - browser hijack protection (Old)
   http://www.javacoolsoftware.com/spywareguard.html

2) Make sure that your HOSTS file has not been hijacked. Use HostsMan
to check it out. You can also use HM to import a site-blocking HOSTS file.

HOSTS File Utilities - HostsMan by abelhadigital
   http://hostsman.abelhadigital.com /

3) SUPERAntiSpyware Professional offers IE hijack protection. If it
doesn't protect the FF 2.0 home page yet, they are working on it.
Since you posted prior to Halloween night, perhaps Nick will still
give you the Halloween discount.

   http://www.superantispyware.com /

4) With KAV/KIS 6, the spyware/adware protection is incorporated into
the signatures database, but some of the protection is disabled by
default.

   Settings -> Protection -> Malware Categories

Enable the Spyware, Adware, and Dialers protection. You can also
enable the Potentially Dangerous category. Keep in mind that KAV's
protection is geared toward the malicious, not what might be called
annoyingware. KAV will _not_ protect against cookies and other garbage
that should be controlled by the app (browser) itself. Or better yet,
by the user.

Ron :)

Re: Kasperky 6: I get many spyware, malaware, etc.


Quoted text here. Click to load it

Ironically, the current upgrade it wants me to install is MSIE 7.
I`m not sure since I don`t use IE.
Opinions?:>)
        Regards  
        buddy b

Re: Kasperky 6: I get many spyware, malaware, etc.

buddy b wrote:
Quoted text here. Click to load it

Buddy,

Go for it. If you use Windows, eventually you will have to upgrade to
IE7 anyway. Use it for Microsoft Updates, and keep it locked down the
rest of the month.

I had problems with IE7. I could not connect to Microsoft Updates (the
only thing for which I use IE), and so I have temporarily uninstalled
it and reverted to IE6. It probably has something to do with having
most of my XP services disabled. Since IE7 is no longer Beta, but an
official release, it does not show up in the Add/Remove Programs of
the XP Control Panel. I had to uninstall it from a CMD prompt.

   http://msdn2.microsoft.com/en-us/ie/aa740486.aspx

I use Enough is Enough! to lock down IE, and I had to modify the batch
file in order to work with IE7. I am still playing with it trying to
make it as elegant of a batch file as it was when Eric
created/released it.

When I get around to it I will re-install IE7 and _force_ it to work. [g]

Ron :)

Re: Kasperky 6: I get many spyware, malaware, etc.

wrote:

Ron, you haunt the Kaspersky forums, right? Maybe you have a
defininitive answer concerning KAV 6 and alternate data streams
(ADS). Someone asked if AOL's AVS uses ADS and I responded that
it's my understanding that Kaspersky dropped that and is using
their own technique for speeding up scanning. Is that true?

BTW, I use AVS on Win 2K with FAT32 where ADS doesn't apply
(it's a NTFS thing). It feels very light and quick, which seems to
support my notion that ADS isn't involved, and their own method
is being used  (and it works well on FAT).

Art
http://home.epix.net/~artnpeg

Re: Kasperky 6: I get many spyware, malaware, etc.

Art wrote:

Quoted text here. Click to load it

Yes I do, Art. Much to the chagrin of many including Mark Russinovich,
IStreams was introduced with KAV 5 and used the NTFS ADS to store info
in order to improve scan times.

   http://www.kaspersky.com/faq?qid=156636746
   http://www.viruslist.com/en/weblog?weblogid=177727537

I am not sure about AVS, but if you run the KIS 6 installer it should
remove the KAVICHS. Alternatively, you can run the KL Stream Removal tool.

   http://www.kaspersky.com/faq?qid=170884737&qtype=3912133

With KAV 6, IStreams has been replaced by ISwift (and a new IChecker).

   http://www.kaspersky.com/faq?qid=186010624

Do you have the option of enabling/disabling ISwift and IChecker with
AVS? If not, I would assume (I can find out) that it is enabled since
that is the default for KAV 6.

Ron :)

Re: Kasperky 6: I get many spyware, malaware, etc.

wrote:

Quoted text here. Click to load it

Thanks much for the info and links. No, I can't find any option
setting. What's confusing is that the FAQ under Help mentions
ichecker + istreams and not ichecker + iswift. So I'm still not
clear about exactly what is in AVS. It may be a mistake in the
FAQ, but who knows? :)

Art
http://home.epix.net/~artnpeg

Re: Kasperky 6: I get many spyware, malaware, etc.

Art wrote:
Quoted text here. Click to load it

I will find out, Art, and get back to you.

In the meantime, you can use Mark Russinovich's Streams utility to
investigate ADS data. (Grab it quick, before MS makes it go away.)

   http://www.sysinternals.com/Utilities/Streams.html

I just ran it on my Download sub-directory which includes a Microsoft
sub-directory with all sorts of MS downloads. Many of them use ADS. I
placed streams.exe in my download directory, and from the WinXP CMD prompt

   C:\Documents and Settings\Download\streams -s > streams.txt

If AVS is indeed using iStreams, you should see the NTFS ADS data
(KAVICHS). I don't have any KAVICHS because KAV 6 uses iSwift. BTW, if
you want to play with ADS, here are some good ideas.

   http://www.irongeek.com/i.php?page=security/altds
   http://www.diamondcs.com.au/index.php?page=archive&id=ntfs-streams

Ron :)

Re: Kasperky 6: I get many spyware, malaware, etc.

Ron Lopshire wrote:

Quoted text here. Click to load it

Here you go, Art. AVS uses iSwift (typo in the AVS FAQ), but you can
manipulate its use through the Windows Registry.

   http://forum.kaspersky.com/index.php?showtopic=24444

Ron :)

Re: Kasperky 6: I get many spyware, malaware, etc.

wrote:

Quoted text here. Click to load it

Thanks again. That appears to be a definitive answer by a
Kaspersky tech guy. I'll pass the url on to the person who
asked about it (on alt.comp.freeware). Apparently, this
person was a victim of Kaspersky's ADS mess with some
earlier version of KAV, and he is concerned about giving AVS
a try because of it :)

Art
http://home.epix.net/~artnpeg

 

Re: Kasperky 6: I get many spyware, malaware, etc.

Ron Lopshire wrote:
[snip]
Quoted text here. Click to load it

actually, you shouldn't see it even if iStreams is being used... during
the early days of the 'rootkit' witch-hunt it came out that kav uses
stealth to protect it's ads streams from examination...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Re: Kasperky 6: I get many spyware, malaware, etc.

On Fri, 03 Nov 2006 16:04:54 GMT, Ron Lopshire wrote:

Quoted text here. Click to load it

It's listed as 'Windows Internet Explorer 7' here in my XP Control panel.
Make sure the box 'Show Updates' is ticked.No problem.

Cheers,

Roy

Re: Kasperky 6: I get many spyware, malaware, etc.

Slarty wrote:

Quoted text here. Click to load it

Did you install IE7 (the final release, hotfix) from Microsoft
Updates, Roy? Even with 'Show Updates' checked, IE (6 or 7) does not
show up in my WinXP Control Panel. I never had IE7 Beta installed, but
I don't know if that makes a difference or not.

Ron :)

Re: Kasperky 6: I get many spyware, malaware, etc.

On Sat, 04 Nov 2006 14:34:01 GMT, Ron Lopshire wrote:

Quoted text here. Click to load it

No, I never installed the Beta version, and I downloaded the executable
from here
http://www.microsoft.com/windows/ie/downloads/default.mspx

As I did this using Firefox, I wouldn't have trusted IE, it obviously
wasn't via the Windows Update link in that 'browser'. Automatic updates are
turned off, naturally. :-)

Both IE6 and IE7 show up in add/remove. Which is probably just as well as
my first attempt at installation, although appearing to complete correctly,
installed only a crippled version. No task bar. No problem with the second
attempt, same installer, after removal of the dud installation.

I can't see why your experience should be different, except we are dealing
with Windows and Microsoft here!

Cheers,

Roy

Re: Kasperky 6: I get many spyware, malaware, etc.

Slarty wrote:
Quoted text here. Click to load it

That's the difference, Roy. I used the hotfix which included grabbing
two more hotfixes (already) for IE7. I will install it with the
downloaded installer and see if it works any better. Thanks.

Ron :)

Re: Kasperky 6: I get many spyware, malaware, etc.


Quoted text here. Click to load it

First, configure IE to run in the Restricted Zone, except for those sites
which you are certain are safe. Consider other changes, like surfing the
internet under a restricted user account. Obviously, your on-line behavior
belies safe computing habits.



Site Timeline