Audiograbber is a Virus??
John O
several AV programs are doing this recently. Does anyone know if there's
really a bad version of audiograbber out there?
-John O
Sigurd Stenersen
> My virus scanner has been quarantining audiograbber.exe lately. Seems that
> several AV programs are doing this recently. Does anyone know if there's
> really a bad version of audiograbber out there?
I don't know anything about audiograbber, and I don't know if this is
related. But a couple of weeks ago, my antivirus decided that a Sonar 6.0x
update that had been sitting on my desktop for months was infected. I'm
pretty sure it wasn't...
I use CA antivirus. Which one do you use ?
Sigurd
Soundhaspriority
"John O" <johnos...@lottaspamheathkit.com> wrote in message
news:oFxZk.8597$yr3....@nlpi068.nbdc.sbc.com...
laptops, one which reads Mac disks from XP machines. Misidentifications do
occur.
Bob Morein
(310) 237-6511
John O
"Soundhaspriority" <now...@nowhere.com> wrote in message
news:2eudndF_MsTIWKvU...@giganews.com...
I suspect this is a misidentification as well, but thought it was worth a
mention here. It also flagged a LAME.exe file, the compressed lame.dll I had
downloaded some time ago. BTW, my AV is ProtectorPlus. A no-name AV, but the
company I work for has been using it for nearly a decade and swears by it.
-John O
Soundhaspriority
None of them offer better than a 95% detection per encounter, and since
there are so many viruses, they are nothing to rely on.
Bob Morein
(310) 237-6511
John O
LOL, I agree. I won't tell you how long it's been since I've seen a real
virus on one of my systems, in order that I don't lose my good luck.
Speaking of such things...what's a legit and safe lyrics site? I'm always
freaking out that the google searches I do for lyrics are going to land me
in spyware hell.
-John O
Don Pearce
At least you can spot an address you recognise. Never follow a tinyurl
style link though - absolutely no clue what lies at the end of one of
those.
d
--
Pearce Consulting
http://www.pearce.uk.com
Eeyore
Soundhaspriority wrote:
> "John O" <johnos...@lottaspamheathkit.com> wrote
>
> > My virus scanner has been quarantining audiograbber.exe lately. Seems that
> > several AV programs are doing this recently. Does anyone know if there's
> > really a bad version of audiograbber out there?
> >
> As per Sigurd's observations, McAfee took a 4 year old program off one of my
> laptops, one which reads Mac disks from XP machines. Misidentifications do
> occur.
Well........... if you WILL use MacAfee which is only marginally less worse than
Symantec's ultimate PC clogger-up Norton !
Graham
Soundhaspriority
that snag naive users. Lyrics are one such. Another is "cocaine." A while
back, I was interested in the pharmacological properties of this curse, so I
googled the word. It appears that desperate addicts do the same thing, and
the forces of evil exploit this. The antivirus program I was then using
immediately detected multiple attacks, and this was at a time when computers
were relatively defenseless.
Bob Morein
(310) 237-6511
Jos Geluk
> Speaking of such things...what's a legit and safe lyrics site? I'm always
> freaking out that the google searches I do for lyrics are going to land me
> in spyware hell.
One way is to google for the lyrics, then not follow the link but rather
click the Google cache version, then quickly click "text version" in the
upper right hand corner before any malware is loaded.
Jos.
--
Ardis Park Music
www.ardispark.nl
Richard Crowley
> John O schreef:
>> Speaking of such things...what's a legit and safe lyrics site? I'm always
>> freaking out that the google searches I do for lyrics are going to land
>> me in spyware hell.
>
> One way is to google for the lyrics, then not follow the link but rather
> click the Google cache version, then quickly click "text version" in the
> upper right hand corner before any malware is loaded.
Brilliant! I've always marveled at how Google could cache
what seems to be the entire internet. :-)
Chris Hornbeck
wrote:
>On Wed, 3 Dec 2008 14:32:50 -0500, "John O"
><johnos...@lottaspamheathkit.com> wrote:
>>LOL, I agree. I won't tell you how long it's been since I've seen a real
>>virus on one of my systems, in order that I don't lose my good luck.
>At least you can spot an address you recognise. Never follow a tinyurl
>style link though - absolutely no clue what lies at the end of one of
>those.
About a month ago, I was bragging right here on r.a.p about
how I've never used an anti-virus program (on my own computer),
and how anybody who does is weak and possibly genetically
defective and of low moral stature, etc.
As punishment for my hubris, I've now got a raging virus
that has survived a restore from backup, and other efforts.
When (not if) I find the perpetrator, he's going to have an
extra .45 inch hole in him.
Much thanks, as always,
Chris Hornbeck
Robert Morein
"Chris Hornbeck" <chrishornbe...@att.net> wrote in message
news:2t8ej45tpgbhfr6cs...@4ax.com...
Tragic. Care to share how it might have happened? BTW, I think I see a
movie plot (comedy) about a guy with a 45 wandering Belorussia looking for
the guy who nuked his computer ;)
I have a friend, whose computer I spent half a day reinstalling Windows, in
order to remove a virus. Six months later, it happened again. He said he had
no idea how it got on. Later, after someone else had cleaned it up a 2nd
time, he admitted that while surfing Russian web sites, he got a popup that
said, "Haha. You've been hacked." He must have thought the statement was a
little vague.
Bob Morein
(310) 237-6511
Soundhaspriority
"Eeyore" <rabbitsfriend...@hotmail.com> wrote in message
news:4936E760...@hotmail.com...
package that came with my Avid suite, that would not run with McAfee
installed, even with McAfee "DISABLED." I use it for a very good reason:
it's complimentary with my Verizon FIOS subscription. I have a lot of
machines in this house. I tend to build one every 18 months for specific
reasons, and they never go bad. Buying an antivirus subscription for each
would be expensive.
Now, if I didn't have the comp, what would I buy? Afew years ago, Kaspersky
was clearly in the lead by certain measurements. It could be argued that the
measurement was fake, because it relied on Kaspersky's superior detection
rate of a certain, very large library of legacy viruses that some Russian
gentleman had collected. It appears that at some point, the other vendors
chose to pay his exorbitant price, so as not to be disadvantaged in the
testing. I think that, at this point, the leaders are all pretty close, with
none good enough.
User testimonials are worthless. "It's protected me for years..." The
German maker "A/V" product had, at one point, a 60% detection rate. I don't
think that the fact that it was free makes it endurable.
But the only hope a virus program has of beating the terrible odds is to be
intrusive. While they all rely on signatures, we know signatures are a
flawed concept. The new trend is to add to that, with behavior. In other
words, ask what a process is doing. But to do this with any degree of
coverage is incredibly intrusive.
Bob Morein
(310) 237-6511
Chris Hornbeck
<now...@nowhere.com> wrote:
>Tragic. Care to share how it might have happened? BTW, I think I see a
>movie plot (comedy) about a guy with a 45 wandering Belorussia looking for
>the guy who nuked his computer ;)
Funny that you should mention it, but one of the possibilities
(in my very, very ignorant assessment) is that I'd saved a .pdf
from a RUSSIAN website about pistols. The combination of Adobe
and Russia, the timing, well... I say shoot first, ask questions
later. But that's just me.
But I had recently also been forced into using the (laptop) computer
for some day-job stuff, including connecting it both through the
day-job Ethernet and through an unprotected wireless network.
Included in the likely time window was allowing a manufacturer's
website "trusted" permissions, that had never been needed before.
Way too much stuff for a simple answer, and I'm too ignorant of
the topic to even assess likely culprits, but I've saved various
versions of things for analysis, and I intend to get smarter soonest.
Richard Crowley
> But I had recently also been forced into using the (laptop) computer
> for some day-job stuff, including connecting it both through the
> day-job Ethernet and through an unprotected wireless network.
> Included in the likely time window was allowing a manufacturer's
> website "trusted" permissions, that had never been needed before.
Yikes. That is a hanging offense at the office. They allow only
company-owned (and configured) computers to connect to the
corporate network, and they have software that automatically
disconnects any other network when connected to their net
(whether wired, wireless, or VPN).
Chris Hornbeck
Oh, I see my error (in reporting - my larger error is still floating).
I didn't connect to both networks at the same time. Fortunately,
I wouldn't even know how to do that.
It's some smart dick that might know how to do that (and lacks a
decent human morality) that's going to get perforated after finding
out how his own testicles taste. But I digress.
Soundhaspriority
> On Wed, 3 Dec 2008 23:41:44 -0500, "Robert Morein"
> <now...@nowhere.com> wrote:
>
>
>>Tragic. Care to share how it might have happened? BTW, I think I see a
>>movie plot (comedy) about a guy with a 45 wandering Belorussia looking for
>>the guy who nuked his computer ;)
>
> Funny that you should mention it, but one of the possibilities
> (in my very, very ignorant assessment) is that I'd saved a .pdf
> from a RUSSIAN website about pistols. The combination of Adobe
> and Russia, the timing, well... I say shoot first, ask questions
> later. But that's just me.
>
> But I had recently also been forced into using the (laptop) computer
> for some day-job stuff, including connecting it both through the
> day-job Ethernet and through an unprotected wireless network.
> Included in the likely time window was allowing a manufacturer's
> website "trusted" permissions, that had never been needed before.
>
your WLAN and the outside?
Years ago, I had a Windows 98 laptop connected bare to the internet for
three minutes. It got infected. Without a firewall, an attacker can attempt
to tap all the logical "ports" for services. This has been a primary route
of infection, because there are too many ports and too many services, and
they were intended for use on a nonhostile LAN.
> Way too much stuff for a simple answer, and I'm too ignorant of
> the topic to even assess likely culprits, but I've saved various
> versions of things for analysis, and I intend to get smarter soonest.
>
>
> Much thanks, as always,
> Chris Hornbeck
A Russian pdf file is a possibility. Another is an attack, actually against
websites, called "code injection." It turns out that the server software
commonly in use is oddly bidirectional. It's possible for an attacker to put
code on a website by exploiting holes in the server. The last I read about
it, infections were most prominent in Eastern Europe, probably because the
very common Apache software is heavily used.
The result is is this. If you view a legitimate website with a vulnerable
machine, the website may, without the knowledge of the owner, infect your
machine.
Since you were accessing a Russian website, there is another possibility: an
unknown virus. The antivirus makers put out honeypot machines, but there is
a constant war on all levels of intellect.
Bob Morein
(310) 237-6511
John O
> Funny that you should mention it, but one of the possibilities
> (in my very, very ignorant assessment) is that I'd saved a .pdf
> from a RUSSIAN website about pistols. The combination of Adobe
> and Russia, the timing, well... I say shoot first, ask questions
> later. But that's just me.
There are several active PDF exploits, and I just read an article about some
almost-uncurable and undetectable root kit stuff that uses PDF or flash as a
vector. If you have the latest Acrobat viewer and flash plug-in versions
you're safe from these, for now.
> Way too much stuff for a simple answer, and I'm too ignorant of
> the topic to even assess likely culprits, but I've saved various
> versions of things for analysis, and I intend to get smarter soonest.
>
It's overwhelming to keep up with all of it, unless it's part of a job
description. I subscribe to this: http://windowssecrets.com/ newsletter.
Tossed them a few paypal dollars to get the better edition, and its worth
every penny. Easy to understand, the authors are very good, and most of the
articles are interesting.
-John O
Soundhaspriority
about updates. I myself didn't take it seriously until perhaps 2002, when I
got bit. Then I looked at my firewall logs, and I saw attack vectors
constantly hammering at the firewall, looking for a way in.
And the word "firewall" is misleading, because the word suggests that, if
you have one, you're safe. It is not an informative word for the consumer.
Bob Morein
(310) 237-6511
Angel Rios
I think Norton is getting paid to remove programs because they want CD to remain in the disk ..
Ty Ford
> On Thursday, December 4, 2008 at 1:57:30 PM UTC-7, Soundhaspriority wrote:
> > "John O" <johnos...@lottaspamheathkit.com> wrote in message
> > news:QqRZk.6137$hc1....@flpi150.ffdc.sbc.com...
> > > >
> I think Norton is getting paid to remove programs because they want CD to remain in the disk ..
Ty Ford
John Williamson
> Wow. How does a thread from Dec. 8, 2008 recirculate itself?
>
Google Groups. Lots of them there either can't be bothered or don't know
how to read a post's date.
--
Tciao for Now!
John.
geoff
geoff
Ty Ford
> Corporate Disphoria.
>
> geoff
Ha! Thanks!
Ty