 La LunaSurvived AshrafulPremium
join:2001-07-12
Warwick, NY
kudos:3
3 edits | PUP Crap So last night I was downloading/installing MSN Weather gadget (from http: // www. thoosje.com/Windows-7-gadgets-weather. html) to check it out and got hit with a PUP, Lucky Coupons/Savings. Dang thing installed even though I said not to, so fast I couldn't even close out the download (as is typical).
I think I got rid of it this morning after using multiple tools, including MBAM, HitMan Pro, adw Cleaner, CCleaner and MSE. I find no remnants and all scans now come up clean. Nothing in IE add ons or Firefox add ons/plugins.
Having said that, is there anything that will run in REAL TIME that is FREE that will stop PUP's before they get their hooks in? I can't remember the last time I got hit with anything (knock wood), and I want it to stay that way.
My current security apps are MSE, MBAM (free), WinPatrol, and I also installed SpywareBlaster today (will that help?).
Anything further that's free that I can run in real time?
--
The Alien in the White House
20,504 DEADLY TERROR ATTACKS SINCE 9/11 |
|
| Avast Free.
»en.kioskea.net/faq/15731-avast-e···ams-pups
--
Gadgets |
|
 PentangleWith our thoughts we make the world.Premium
join:2006-06-01
Vancouver BC
kudos:2 | reply to La Luna
Have you tried Sandboxie? It should eliminate theose nasty surprises from installing (unless you click to allow them). Great software. Lots of Sandboxie info at Wilders.
»www.wilderssecurity.com/showthre···andboxie
»sandboxie.com/ |
|
 DownTheShoreHelp Moore OklahomaPremium
join:2003-12-02
Beautiful NJ
kudos:12 | reply to La Luna
Would MBAM running real-time have stopped it? I know it's not free but it is a lifetime license. |
|
 siljalineI'm lovin' that double widePremium
join:2002-10-12
Montreal, QC
kudos:17
 ·Bell Sympatico
2 edits | reply to La Luna
»Security Cleanup FAQ »Mandatory Steps Before Requesting Assistance
Also see: • PUA Redirects to Malware at Wikipedia.
--
She shills sea shills by the Sea Shore. |
|
La LunaSurvived AshrafulPremium
join:2001-07-12
Warwick, NY
kudos:3 | reply to DownTheShore
said by DownTheShore:Would MBAM running real-time have stopped it? I know it's not free but it is a lifetime license.
Possibly. I can't afford it today though, maybe at the end of the month. |
|
|
|
La LunaSurvived AshrafulPremium
join:2001-07-12
Warwick, NY
kudos:3
1 edit | reply to siljaline
said by siljaline:http://www.dslreports.com/faq/13616
I know that. I'm confident I got rid of it myself though. 
I'm thinking of giving Sandboxie a run for now, it's free even after 30 days if you don't mind a nag screen. I may also get the pay version of MBAM at the end of the month.
Like I said, this is the first time I've been hit with anything since I can't remember, so I guess I'm pretty careful most of the time.
Edit: and thank you for the links siljaline  !
--
The Alien in the White House
20,504 DEADLY TERROR ATTACKS SINCE 9/11 |
|
 StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 | PUP = Potentially Unsafe Probably Useless Program  |
|
La LunaSurvived AshrafulPremium
join:2001-07-12
Warwick, NY
kudos:3 | Yep, that's what I figured, heh....
I'm sitting there talking to the screen " STOP YOU SOB, STOP!!!", but it didn't help! |
|
siljalineI'm lovin' that double widePremium
join:2002-10-12
Montreal, QC
kudos:17 | reply to StuartMW
Re: PUP Crap Yep |
|
La LunaSurvived AshrafulPremium
join:2001-07-12
Warwick, NY
kudos:3 | reply to La Luna
I try to practice safe hex siljaline , I try. And I think I've done pretty good over the years, so I can't really complain. S**t happens occasionally, not going to stress over it.
If I notice anything hinky, I will surely ask one of the fine people in Security Cleanup for help.
Oh, and I've installed Sandboxie, at least for now.
--
The Alien in the White House
20,504 DEADLY TERROR ATTACKS SINCE 9/11 |
|
1 edit | reply to La Luna
THat whole site you posted
is full of trojans!
Every single freaking widget!
SOMATO.A |
|
 BlackbirdBuilt for SpeedPremium
join:2005-01-14
Fort Wayne, IN
kudos:3
·Frontier Communi..
| said by wowwtfakasdf :THat whole site you posted is full of trojans! Every single freaking widget!
SOMATO.A Based upon what evidence? And what is SOMATO.A?
--
“The American Republic will endure until the day Congress discovers that it can bribe the public with the public's money.” A. de Tocqueville |
|
La LunaSurvived AshrafulPremium
join:2001-07-12
Warwick, NY
kudos:3 | reply to wowwtfakasdf
said by wowwtfakasdf :THat whole site you posted
is full of trojans!
Every single freaking widget!
SOMATO.A
I didn't have a problem with the site itself, just the weather widget. I only tried downloading the one, so I can't speak for the rest of them.
And yeah, what is Somato.A? 
--
The Alien in the White House
20,504 DEADLY TERROR ATTACKS SINCE 9/11 |
|
 fatnesssubtleJanitor
join:2000-11-17
fishing
kudos:14 | reply to La Luna
My first thought seeing the topic title was "what does paper training a young dog have to do with security and privacy?" |
|
La LunaSurvived AshrafulPremium
join:2001-07-12
Warwick, NY
kudos:3 | LOL!!! |
|
 dib22
join:2002-01-27
Kansas City, MO | reply to wowwtfakasdf
said by wowwtfakasdf :THat whole site you posted is full of trojans!
Yea just opening this topic caused my anti malware to block the thoosje.com domain. |
|
| reply to Pentangle
Sandboxie wouldn't help in this situation. It wasn't a driveby install. La Luna downloaded and installed the program on her own. This would have been done outside of the sandbox. This is why I make it a practice to scan programs before letting them out of the sandbox or running them. If possible I also upload the program to VirusTotal or Jotti to be scanned.
Was the program MSN Weather 2.0? »www.virustotal.com/en/file/030a3···2893892/
--
If we quit voting, will they all just go away? |
|
| reply to La Luna
Webroot WRSA blocked it !
Anyway i allowed it through, & ProcessGuard immediately jumped in, first with weatherbug.gadget.exe i allowed it, then with as per screenie.
My Firewall then alerted me it wanted out, i allowed it. I got an error message saying there was a connection problem, but there isn't.
Funny thing is, i don't see anything dodgy.
Apart from WRSA, if you had a HIPS installed as i do, & your FW was setup to prompt you, no unwanted intrusion would have occured. |
|
