Slashdot Mirror

0.0.0.0 a12.fun
0.0.0.0 b12.fun
0.0.0.0 ab12.fun
0.0.0.0 ossdown.fun
0.0.0.0 d3pk.com
0.0.0.0 fffffk.xyz
0.0.0.0 downmsdn.com
0.0.0.0 hh1m.com
0.0.0.0 www.fffffk.xyz
0.0.0.0 s3.amazonaws.com
0.0.0.0 info.d3pk.com
0.0.0.0 info.d3pk.com
0.0.0.0 dl.ossdown.fun
0.0.0.0 ab12.fun
0.0.0.0 info.d3pk.com
0.0.0.0 ab12.fun
0.0.0.0 count.b12.fun
0.0.0.0 fffffk.xyz
0.0.0.0 80FD4C6BAC35BAB54608B2F60A9A1759.online
0.0.0.0 A4E43EDE382B7613F03D2997C80E2DA9.online
0.0.0.0 9D3C13FAF748710EBB5A8E1232B43CA7.online
0.0.0.0 80FD4C6BAC35BAB54608B2F60A9A1759.online
0.0.0.0 D43AC96995C02E4A7CCECE3059730B95.online
0.0.0.0 EC33503163B5789F6786C0D82B479364.online
0.0.0.0 1898799673.rsc.cdn77.org
0.0.0.0 1898799673.rsc.cdn77.org
0.0.0.0 rsc.cdn77.org
0.0.0.0 cdn77.org
0.0.0.0 www.hh1m.com
0.0.0.0 www.hh1m.com
0.0.0.0 hh1m.com

* SOURCE https://www.bitdefender.com/fi...

APK

P.S.=> For the BEST hosts file:

APK Hosts File Engine 2.0++ 64-bit for Linux h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r L i n u x . z i p

How interesting it is, then, that Antivirus vendors are still implementing Antivirus for Mac and linux.

Even MORE so, they are implementing antivirus that hooks into your Virtualization/cloud platforms to protect your VMs, both virtual servers and Virtual Desktops...

Here is te solution from ESET for VMWare:
https://www.eset.com/int/busin...

Here is from Bitdefender, for many Hypervisors:
https://www.bitdefender.com/bu...

  Here is the one from Sophos:
https://www.sophos.com/en-us/m...

But hey, I guess I'll better surrender my geek credentials, as well as all the people working in ClamAV, and all the engineers and managers that are working in such a clear dead end technologies as Mac and Linux antivirus at those companies (and many more).

After all, is soo clear for me now, you and Anon coward can not be wrong.

... BUT, do "ad machines" (FF/Chrome) allow for PACs still? Original Opera does (not sure on FF/IE) but pacs can be abused https://labs.bitdefender.com/2016/05/inside-the-million-machine-clickfraud-botnet/ - & aren't "auto-click" ez (I've made hosts as EASY AS POSSIBLE & GUI - Windows ONLY APK Hosts File Engine 10++ SR-1 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

PAC doesn't do avoiding DNS security issues as hosts hardcoded fav. sites do OR to resolve faster LOCALLY minus remote DNS security risks either (OR locally installed DNS added weight (much more than hosts + more complexity for exploit/breakdown).

APK

P.S.=> Could I port to Linux &/or MacOS X + iOS/Droid too? Compiler version I have (Delphi XE4) does all BUT Linux (New Delphi XE 10++ does Linux though)... apk

Avast is Czech, as is its subsidiary AVG, Avira is German, BitDefender is Romanian, ESET is Slovak, F-Secure is Finnish and Panda Security is Spanish. Sophos is British, so it is probably more likely to be tampered with.

OK, they're ALL out to get you. If you didn't pay for it, you're the product. I fear my local government more than a far-away one. I'm a minnow, no some plankton living in the social/financial sea. It's only metadata. If you've got nothing to hide, you've got nothing to fear. Ever uploaded something to VirusTotal/Google/MS/Amazon? If it's unencrypted in the cloud, it's probably now on someone's ELSE's cloud too. If encrypted, it's still fair game. KAV have good reviews. So I'll just leave this here and get my coat,

OVERVIEW
https://www.pcworld.com/articl...
https://www.av-test.org/en/ant...
http://chart.av-comparatives.o...

Free
https://usa.kaspersky.com/free...
https://www.bitdefender.com/su...
https://www.malwarebytes.com/m...
https://www.avira.com/en/free-...
https://home.sophos.com/
https://www.pandasecurity.com/...

Just PICK one just as long as it's not the default MS Defender. They couldn't stop it from getting in to start with, what makes you think their AV is going to do better?

Just download a free antivirus livecd and scan your system with that.

Options include but are not limited to:

AVG:
https://www.avg.com/en-us/resc...
https://www.avg.com/en-us/down...

Avira:
https://www.avira.com/en/downl...

Bitdefender:
http://download.bitdefender.co...

Comodo:
https://www.comodo.com/busines...

Dr. Web:
https://free.drweb.com/aid_adm...

F-Secure:
ftp://ftp.f-secure.com/anti-vi...
https://www.f-secure.com/en/we...

Kaspersky:
http://support.kaspersky.com/v...
http://rescuedisk.kaspersky-la...

We have a smallish Windows Server estate running on vSphere supporting 400+ client machines. Because we're not allowed to spend money on a real VM-aware AV solution, we're forced to run Configuration Manager Endpoint Protection locally ("It's free!") on each individual VM, which is absolutely killing the I/O performance on our SANs. I'm not allowed to turn it off or even down. We scan everything on access, so our file server, even ridiculously over-resourced with its very own physical disks in the SAN, is slow as shit. Guess where all user profiles and files live. First time logging onto a client is abysmally slow. SQL server: same thing. It's horrific.

I've campaigned for a virtual-appliance type AV solution that sits "above" the VMs and monitors their filesystems and memory from the outside (Bitdefender's offering is my preference here), which I believe would greatly improve performance, but have been repeatedly turned down for cost reasons. Apparently, it's more important that we buy another 40 shitty laptops than AV software that would increase performance and productivity enterprise-wide.

That's before we even get to the performance impact on the clients themselves. Mid-range business laptops with 5400rpm HDDs scanning everything on access. No wonder our users despise us.

See subject: PAC files can be exploited https://labs.bitdefender.com/2... & if you miss a lookup PAC has to call out to DNS servers (riddled w/ security issues https://news.slashdot.org/comm... & INEFFICIENT vs. hosts if DNS is installed locally on your system as a server) - hosts don't & have 'hardcoded favorite sites' @ the TOP of hosts for fastest resolution in kernelmode speed + redirect protection (vs. PAC files in slower usermode) locally.

"AlmostALLAdsBlocked" = inferior, inefficient & 'souled-out' to admen NOT doing the 1 job it had due to bribery doing less & using more crippled by default https://tech.slashdot.org/comm...

UBlock's = inferior poor imitation doing less & uses more https://tech.slashdot.org/comm...

APK

P.S.=> Hosts run 1st (default 1st resolver part of IP stack vs. addons or in-browser filters like pac files)? Hosts override weaknesses of PAC files above... apk

Full article with vendors here

Direct Download from official site:
http://download.bitdefender.co...

It may not stop ALL ransomware, but it receives updates and protects against some of them. The link above will probably remain the same throughout new versions/updates. It will launch and appear in your tray once you install and reboot your computer. I like it, it's simple and free(ware). I wish it were open source though.

Direct Download from official site:
http://download.bitdefender.co...

It may not stop ALL ransomware, but it receives updates and protects against some of them. The link above will probably remain the same throughout new versions/updates. It will launch and appear in your tray once you install and reboot your computer. I like it, it's simple and free(ware). I wish it was open source though.

Damn that Slashdot, it must have eaten your citation of a cookie being malware. The image exploit you speak of was not one that impacted the visitor, it was on that impacted the server that the site ran on. Maybe you should reformat your reply and fix the links so we can see your citations.

I suppose you know more than these guys/

How can a cookie threaten a computer?
A cookie itself cannot harm the computer, as it does not and cannot hold code (therefore the cookie cannot perform an action itself). However, the cookie can support (help) malicious actions to be taken on the respective system. Even more, being a plain text file, they are vulnerable, meaning that they can be “harvested” by other applications.

How about for ImageMagick? Here's the description.

This could be used to compromise Web servers and take over websites.

Now settle down while the adults talk or you're going to have to go sit at the kid's table. Stop spreading fud. Do you browse the web with imagemagick? No? Go figure. Does plain text file operate as an executable binary? No? Go figure.

Settle down and think a minute. You just look silly when you're covered in spittle and wrong.

Assuming the COO is authorized to represent the company's position: 'In a talk entitled "Securing Mobility, Protecting Privacy", BlackBerry Chief Operating Officer Marty Beard told delegates that the company is a strong believer in providing law enforcement agencies with methods to lawfully intercept communications.' http://businessinsights.bitdef...

I've never been too keen on the "with us or against us" rhetoric, but this is math, not politics: systems are either designed to be as secure as they can be, or they are intentionally left with known vulnerabilities. The ability to intercept is, by definition, a known vulnerability.

If that link redirects to the localized homepage (like it does for me) try the 'platform' icon link on this page

You need to download the free product.

Bitdefender.com > Home Users > Toolbox > Free Antivirus leads to Bitdefender Antivirus Free Edition.

Microsoft Security Essentials / Windows Defender has been falling behind for years now. It used to be pretty good. But now, it unfortunately doesn't catch a lot newer malware. Microsoft dropped the ball and stopped putting the proper R&D into their product.

Bitdefender Free is my new favorite these days:
http://www.bitdefender.com/sol...

Fast, effective, and low impact. Bitdefender Free is not free for commercial use, however. And they don't have a free version that support Windows 10 yet. Bitdefender scores at or near the top in most AV comparison tests for malware detection.

Best free commercial AV is Avast for Business:
https://www.avast.com/avast-fo...

Not quite as low-impact as Bitdefender, and not quite as effective, but it's OK. I've used Avast for years as well. (It used to be my standard free AV, and I still use it on some systems.) Their free business AV is basically their paid AV business product stripped down to just AV, not firewalls, and anti-spam, and other cruft. The Windows firewall is just fine these days, and is you have a decent mail server spam isn't a problem. (And there are other decent free anti-spam products, like Cloudmark Desktop One.) So a plain-old just-AV product is fine with me. Includes a cloud-based console system as well, so you can centrally keep track of your AV clients -- which is GREAT for a free product.

Good luck!

Thank you.

Are you a Linux user by chance?

I found this:

http://www.bitdefender.com/bus...

And it appears to be 100% free with a free license.

I know - people say *nix doesn't need antivirus program(s)...but clamav isn't enough to satisfy my needs.

###

Avira continues with popups? What a shame. One would think popups to be a form of adware. I enjoyed the configuration options which Avast didn't provide [several years ago].

MSE makes me wonder if I have any protection at all.

Avast may be the winner here [for free options] if you turn off most of the non-virus related scanning modules.

I like Clamwin for a backup manual scanner, it's caught some trojans MSE couldn't find. I hear detection rate is poor and false positives are common but it's one more tool in my chest.

Here are some free antivirus LiveCDs:

+ AVG:
http://www.avg.com/us-en/avg-r...

+ AVG ARL: The latest release version of the AVG Rescue CD GNU/Linux (ARL) with daily updated virus database,
latest alpha or beta version of the ARL and all the resources needed to build the ARL from scratch. Releases are signed!
https://share.avg.com/arl

+ Avira:
https://www.avira.com/en/downl...

+ BitDefender:
http://download.bitdefender.co...

+ Comodo Rescue Disk (CRD):
https://www.comodo.com/busines...

+ Dr.Web LiveCD:
http://www.freedrweb.com/lived...

+ F-Secure:
https://www.f-secure.com/en/we...
https://www.f-secure.com/en/we...

+ Kaspersky:
http://support.kaspersky.com/f...
http://support.kaspersky.com/v...
http://forum.kaspersky.com/ind...

As with all antivirus products, please read the greedy EULAs before proceeding.

Thank you.

Are you a Linux user by chance?

I found this:

http://www.bitdefender.com/bus...

And it appears to be 100% free with a free license.

I know - people say *nix doesn't need antivirus program(s)...but clamav isn't enough to satisfy my needs.

###

Avira continues with popups? What a shame. One would think popups to be a form of adware. I enjoyed the configuration options which Avast didn't provide [several years ago].

MSE makes me wonder if I have any protection at all.

Avast may be the winner here [for free options] if you turn off most of the non-virus related scanning modules.

I like Clamwin for a backup manual scanner, it's caught some trojans MSE couldn't find. I hear detection rate is poor and false positives are common but it's one more tool in my chest.

Here are some free antivirus LiveCDs:

+ AVG:
http://www.avg.com/us-en/avg-r...

+ AVG ARL: The latest release version of the AVG Rescue CD GNU/Linux (ARL) with daily updated virus database,
latest alpha or beta version of the ARL and all the resources needed to build the ARL from scratch. Releases are signed!
https://share.avg.com/arl

+ Avira:
https://www.avira.com/en/downl...

+ BitDefender:
http://download.bitdefender.co...

+ Comodo Rescue Disk (CRD):
https://www.comodo.com/busines...

+ Dr.Web LiveCD:
http://www.freedrweb.com/lived...

+ F-Secure:
https://www.f-secure.com/en/we...
https://www.f-secure.com/en/we...

+ Kaspersky:
http://support.kaspersky.com/f...
http://support.kaspersky.com/v...
http://forum.kaspersky.com/ind...

As with all antivirus products, please read the greedy EULAs before proceeding.

+ AVG:
http://www.avg.com/us-en/avg-r...

+ AVG ARL: The latest release version of the AVG Rescue CD GNU/Linux (ARL) with daily updated virus database,
latest alpha or beta version of the ARL and all the resources needed to build the ARL from scratch.
Releases are signed!
https://share.avg.com/arl

+ Avira:
https://www.avira.com/en/downl...

+ BitDefender:
http://download.bitdefender.co...

+ Comodo Rescue Disk (CRD):
https://www.comodo.com/busines...

+ Dr.Web LiveCD & LiveUSB:
http://www.freedrweb.com/livec...
http://www.freedrweb.com/liveu...

+ F-Secure:
https://www.f-secure.com/en/we...
https://www.f-secure.com/en/we...

+ Kaspersky:
http://support.kaspersky.com/f...
http://support.kaspersky.com/v...
http://forum.kaspersky.com/ind...

AVG: http://www.avg.com/us-en/avg-r...
Bitdefender: http://download.bitdefender.co...

Seconded, fwiw. Just use the free version

Don't forget the malware.

http://labs.bitdefender.com/2012/05/cyber-espionage-reaches-new-levels-with-flamer/

You mean like this?

Flamer / Flame Trojan removal tools 32+64bit from BitDefender.com

http://labs.bitdefender.com/2012/05/cyber-espionage-reaches-new-levels-with-flamer/

"Download the 32-bit or the 64-bit removal tools and find out if youâ(TM)re infected with Flamer, the worldâ(TM)s most discrete and dangerous piece of malware ever. If you are already protected by a Bitdefender security solution, you do not need to run the removal tool."

Download 32bit:
http://labs.bitdefender.com/wp-content/plugins/download-monitor/download.php?id=TrojanFlamer_BDRemovalToolDropper_x86.exe

Download 64bit:
http://labs.bitdefender.com/wp-content/plugins/download-monitor/download.php?id=TrojanFlamer_BDRemovalToolDropper_x64.exe

Flamer / Flame Trojan removal tools 32+64bit from BitDefender.com

http://labs.bitdefender.com/2012/05/cyber-espionage-reaches-new-levels-with-flamer/

"Download the 32-bit or the 64-bit removal tools and find out if youâ(TM)re infected with Flamer, the worldâ(TM)s most discrete and dangerous piece of malware ever. If you are already protected by a Bitdefender security solution, you do not need to run the removal tool."

Download 32bit:
http://labs.bitdefender.com/wp-content/plugins/download-monitor/download.php?id=TrojanFlamer_BDRemovalToolDropper_x86.exe

Download 64bit:
http://labs.bitdefender.com/wp-content/plugins/download-monitor/download.php?id=TrojanFlamer_BDRemovalToolDropper_x64.exe

Flamer / Flame Trojan removal tools 32+64bit from BitDefender.com

http://labs.bitdefender.com/2012/05/cyber-espionage-reaches-new-levels-with-flamer/

"Download the 32-bit or the 64-bit removal tools and find out if youâ(TM)re infected with Flamer, the worldâ(TM)s most discrete and dangerous piece of malware ever. If you are already protected by a Bitdefender security solution, you do not need to run the removal tool."

Download 32bit:
http://labs.bitdefender.com/wp-content/plugins/download-monitor/download.php?id=TrojanFlamer_BDRemovalToolDropper_x86.exe

Download 64bit:
http://labs.bitdefender.com/wp-content/plugins/download-monitor/download.php?id=TrojanFlamer_BDRemovalToolDropper_x64.exe

Agreed The PC - Pro article is pure tabloid scaremongering. The closest published source i can find on bit defender site is this generic pdf http://www.bitdefender.com/media/materials/e-guides/uk/Protecting_Children_Online_Guide.pdf

Some antivirus guy is even claiming that Bouncer will be ineffective, because it (being VM-based) could be detected and so viruses could adjust their behavior accordingly.

http://download.bitdefender.com/rescue_cd/
http://devbuilds.kaspersky-labs.com/devbuilds/RescueDisk10/

Both of these update from the internet after booting up.

BitDefender researcher says this is exactly what he was expecting: more and more companies that keep large amounts of personal/confidential/private data being attacked.
"We believe that fraudsters are corroborating all these information (corporate hacks or leaks), malicious mobile and social network apps into creating profiles of people everywhere in the world, with the purpose of creating better social engineered attacks, and everybody is a possible victim." says Catalin Cosoi from the Online Threats Lab."
And also: "Monitoring a political personality's email (especially a personal one) can lead to a really nice profit for an attacker, no matter if he is just a hacker or a bigger organization is involved. Besides personal information, monitoring the private conversations can lead to blackmail and extortion and/or manipulation of the individual into performing different actions."

I'm not even going to bother linking all of these...

http://www.mcafee.com/us/products/virusscan-enterprise-for-linux.aspx
http://us.trendmicro.com/us/products/enterprise/serverprotect-for-linux/
http://www.kaspersky.com/linux
http://www.eset.eu/products/nod32-for-linux
http://www.centralcommand.com/Products/VexiraforLinux/VexiraforLinuxFileserver.aspx http://www.centralcommand.com/Products/VexiraforLinux/VexiraforLinuxSambaServer.aspx
http://www.centralcommand.com/Products/VexiraforMailServers.aspx
http://www.f-prot.com/download/home_user/download_fplinux.html
http://www.avast.com/linux-home-edition
http://www.avast.com/linux-unix-edition
http://www.sophos.com/en-us/products/endpoint/endpoint-security-and-data-protection/components/anti-virus-protection/linux.aspx?utm_source=Non-campaign&utm_medium=AdWords&utm_campaign=NA-AW-Linux
http://www.ca.com/us/Support/gsa/Virus-Info/Virus-Signature-Updates/eTrust-Antivirus-7x-for-UNIX-and-Linux.aspx
http://www.pandasecurity.com/homeusers/downloads/desktopsecure/
http://www.pandasecurity.com/enterprise/solutions/
http://www.pandasecurity.com/enterprise/solutions/commandline/
http://free.avg.com/us-en/download.prd-alf
http://download.bitdefender.com/repos/

Why modded Flamebait??

http://news.bitdefender.com/NW1493-world--iPad-Users-Targeted-by-Backdoor-Dissembled-as-iTunes-Update.html

BitDefender != Microsoft

I think you might be confusing the internet protection suit with just the AV protection. I don't use the firewall BS and I always disable the link scanner (although it is working smoothly nowadays). Never had real-time-protection turned off either.

Anyways, I don't remember the one update that screwed everything. Actually, I remember the reports of it but none of the 150 instances across 7-8 sites I manage with AVG as the Antivirus had the issue. However, deleting innocent files, system files, email, Programs you have ran for years or screwing other installed programs for no apparent reason doesn't seem to be an isolated or uncommon issue. Then there was the MS root certificate expiration BS where symantec clients froze the system for 10 minutes anytime you opened a signed program like office or adobe or whatever.

I doubt your going to find one piece of software that doesn't give fits at some point in time. This is especially true when you consider the complexity of an AV product. If when it does, it throws you off from it, then by all means, use something else. But be realistic because you might be bouncing around for a while.

We need a removal tool that can be run from a safe Linux environment (ie boot using a live disk etc. ...)

Well, the guys at bitdefender do have a rescue cd that can be used to disinfect a windows machine.

• Antivirus (use with firewall)
  • NOD32 ESET (fast, reasonably secure)
  • GData (slower, best possible protection)
  • Avira (fast, highly secure, & free version)
• Firewall (use with antivirus & antispyware)
  • Comodo (free, hard to configure)
  • PC Tools (free, easier to configure)
  • Zone Alarm (pay & free versions)
  • Agnitum Outpost (pay)
  • Jetico Firewall (pay & free versions, hard to configure)
• Internet Security Suites
  • Kaspersky
  • GData
  • BitDefender (cheapest)

That and lock down your browser, by installing Firefox, with NoScript, Better privacy, adblock plus, and deny cookies by default, then enable the cookies you want using the cookingSafe extension. Do that no matter what security software you have installed. Or of course you could save yourself a great deal of trouble by using Linux.

How does this get modded +5 informative?

There are scads of free options.

Try a linux alternative

NoScript says: "Do not want".

Try a linux alternative

Like this.

Dormant (see: Distrowatch).

Or this.

$$, intended for corporate use, but thanks for the link, It might be worth the money in my repair business (I currently move the disks to a windows machine and scan from there if I can't clean in place).

Hell even an online scan may work well enough, http://housecall.trendmicro.com/

This might actually work, though I haven't tested it myself. Probably not as good as Malwarebytes, though.

There are scads of free options.

Try a linux alternative

Like this.
Or this.

Hell even an online scan may work well enough, http://housecall.trendmicro.com/

sorry about the formatting, I should have used preview! Per above, it definitely is Windows-only.
Just go to the URL, http://www.bitdefender.com/VIRUS-1000451-en--Trojan.PWS.ChromeInject.B.html

"Trojan.PWS.ChromeInject.B" is definitely only effective in Windows, because it installs and executes these files: "%ProgramFiles%\Mozilla Firefox\plugins\npbasic.dll" "%ProgramFiles%\Mozilla Firefox\chrome\chrome\content\browser.js" browser.js calls the The dll file, which can't run in Linux, etc. unless you're running a WINDOZE Firefox via crossover (which would be insanely stupid). Also, since it's installed into the program directory (rather than the user's profile), VISTA will almost certainly make you click for "administrator confirmation" before writing the files. (I don't know for sure, because I don't have VISTA.) - - - - - When I enter the URL for http://www.bitdefender.com/VIRUS-1000451-en--Trojan.PWS.ChromeInject.A.html#, the page content is identical the version for "Trojan.PWS.CHromeInject.B" (even the given name is "Trojan.PWS.ChromeInject.B", they even over-wrote the ChromeInject.A page by accident or, ChromeInject.A isn't spreading in the wild AND has nearly identical characteristcs, perhaps differing only in file sizes.) BitDefender provides the following list of banks their page for this version, http://www.bitdefender.com/VIRUS-1000451-en--Trojan.PWS.ChromeInject.B.html: It filters the URLs within the Mozilla Firefox browser and whenever encounter the following addresses opened in the Firefox browser it captures the login credentials. akbank.com caixasabadell.net credem.it areasegura.banif.es banca.cajaen.es openbank.es poste.it banesto.es carnet.cajarioja.es gruposantander.es intelvia.cajamurcia.es net.kutxa.net bancopastor.es bancamarch.es caixamanlleu.es elmonte.es ibercajadirecto.com bancopopular.es bancogallego.es bancajaproximaempresas.com caixa*.es caja*.es ccm.es bancoherrero.com bankoa.es bbvanetoffice.com bgnetplus.com bv-i.bancodevalencia.es clavenet.net fibancmediolanum.es sabadellatlantico.com arquia.es banking.*.de westpac.com.au adelaidebank.com.au pncs.com.au nationet.com online.hbs.net.au www.qccu.com.au boq.com.au banksa.com anz.com suncorpmetway.com.au quiubi.it cariparma.it bancaintesa.it popso.it fmbcc.bcc.it secservizi.it bancamediolanum.it csebanking.it fineco.it gbw2.it gruppocarige.it in-biz.it isideonline.it iwbank.it bancaeuro.it bancagenerali.it bcp.it unibanking.it uno-e.com unipolbanca.it carifvg.com cariparo.it carisbo.it islamic-bank.com banking.first-direct.com natwestibanking.com itibank.co.uk co-operativebank.co.uk lloydstsb.co.uk mybankoffshore.alil.co.im abbeynational.co.uk mybusinessbank.co.uk barclays.com online.co.uk my.if.com anbusiness.com hsbc.co anbusiness.com co-operativebankonline.co.uk halifax-online.co.uk ibank.cahoot.com smile.co.uk caterallenonline.co.uk tdcanadatrust.com schwab.com wachovia.com bankofamerica kfhonline.com wamu.com wellsfargo.com procreditbank.bg chase.com 53.com citizensbankonline.com e-gold.com paypal.com usbank.com suntrust.com banquepopulaire.fr onlinebanking.nationalcity.com

"Trojan.PWS.ChromeInject.B" is definitely only effective in Windows, because it installs and executes these files: "%ProgramFiles%\Mozilla Firefox\plugins\npbasic.dll" "%ProgramFiles%\Mozilla Firefox\chrome\chrome\content\browser.js" browser.js calls the The dll file, which can't run in Linux, etc. unless you're running a WINDOZE Firefox via crossover (which would be insanely stupid). Also, since it's installed into the program directory (rather than the user's profile), VISTA will almost certainly make you click for "administrator confirmation" before writing the files. (I don't know for sure, because I don't have VISTA.) - - - - - When I enter the URL for http://www.bitdefender.com/VIRUS-1000451-en--Trojan.PWS.ChromeInject.A.html#, the page content is identical the version for "Trojan.PWS.CHromeInject.B" (even the given name is "Trojan.PWS.ChromeInject.B", they even over-wrote the ChromeInject.A page by accident or, ChromeInject.A isn't spreading in the wild AND has nearly identical characteristcs, perhaps differing only in file sizes.) BitDefender provides the following list of banks their page for this version, http://www.bitdefender.com/VIRUS-1000451-en--Trojan.PWS.ChromeInject.B.html: It filters the URLs within the Mozilla Firefox browser and whenever encounter the following addresses opened in the Firefox browser it captures the login credentials. akbank.com caixasabadell.net credem.it areasegura.banif.es banca.cajaen.es openbank.es poste.it banesto.es carnet.cajarioja.es gruposantander.es intelvia.cajamurcia.es net.kutxa.net bancopastor.es bancamarch.es caixamanlleu.es elmonte.es ibercajadirecto.com bancopopular.es bancogallego.es bancajaproximaempresas.com caixa*.es caja*.es ccm.es bancoherrero.com bankoa.es bbvanetoffice.com bgnetplus.com bv-i.bancodevalencia.es clavenet.net fibancmediolanum.es sabadellatlantico.com arquia.es banking.*.de westpac.com.au adelaidebank.com.au pncs.com.au nationet.com online.hbs.net.au www.qccu.com.au boq.com.au banksa.com anz.com suncorpmetway.com.au quiubi.it cariparma.it bancaintesa.it popso.it fmbcc.bcc.it secservizi.it bancamediolanum.it csebanking.it fineco.it gbw2.it gruppocarige.it in-biz.it isideonline.it iwbank.it bancaeuro.it bancagenerali.it bcp.it unibanking.it uno-e.com unipolbanca.it carifvg.com cariparo.it carisbo.it islamic-bank.com banking.first-direct.com natwestibanking.com itibank.co.uk co-operativebank.co.uk lloydstsb.co.uk mybankoffshore.alil.co.im abbeynational.co.uk mybusinessbank.co.uk barclays.com online.co.uk my.if.com anbusiness.com hsbc.co anbusiness.com co-operativebankonline.co.uk halifax-online.co.uk ibank.cahoot.com smile.co.uk caterallenonline.co.uk tdcanadatrust.com schwab.com wachovia.com bankofamerica kfhonline.com wamu.com wellsfargo.com procreditbank.bg chase.com 53.com citizensbankonline.com e-gold.com paypal.com usbank.com suntrust.com banquepopulaire.fr onlinebanking.nationalcity.com

http://www.bitdefender.com/VIRUS-1000451-en--Trojan.PWS.ChromeInject.B.html

More details here

Well, yes but.. (you've seen the complaints).

Other decent free ones are:
Avast is popular.
AVira seems good, you get one popup ad per update.
Comodo permits business use.
BitDefender has a free version.
I'm not including ClamAV because it's just a scanner, no realtime protection.

Posting AC because I've moderated,
number11

This generic detection targets .ANI files that contain malicious code addressing Integer overflow in the LoadImage API Vulnerability

>Comcast btw said it's not possible for spyware or that ilk to use this much bandwidth.

Speaking as an ISP support admin, I can assure, that's absolutely not true (well, if you include botnets, which is probably 99% of the bandwidth stealing type of nasties people infect their machines with). Now, if you had a machine on the backbone, well, maybe you'd find it tough to end up on a botnet using 100 Mbits+, but the "paltry" 30 Mbits maximum most cable handles (generally the customers modems are DOCSISed to what, 6 Mbits?) wouldn't take any effort to botnet to death.

You should have taped them saying that so we could laugh at them like Verizon.

You should also run spybot and adaware SE personal on that machine. You could also play around with hijack this, but if you do one wrong move with hijack this, you'll need to re-install windows (well, someone who knows their way around windows won't... but I digress). It's probably got plenty more junk on it if you found 24 viruses. In fact, I'd probably consider getting a shop to nuke it and re-install it; after that sort of abuse windows usually becomes pretty fragile, and the PPPoE stack (needed for your new DSL) is going to be one of the first things to break.

When your F-Prot trial runs out, uninstall it and grab AVG, a free antivirus. You can do a check (and repair) of your computer without installing an anti-virus with Trend Micro's Housecall or BitDefender. Enjoy!

and there are no "automatic" tools to sweep it clean

Try a daily BitDefender scan. It works well and the on demand scanner is free:

http://www.bitdefender.com/site/view/Download-Free -Products.html

ClamAV is great for scanning email, but when scanning for system viruses it's really not that good. I've seen it miss dozens of viruses that BitDefender, AVG, and F-Prot picked up.