Parametric Solutions Inc.
Jupiter, Florida
(561) 747-6107
-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: Thursday, September 16, 2010 3:45 PM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
Yep. I also use DynDNS, but only their free
On 16 Sep 2010 at 6:27, John Hornbuckle wrote:
What happens is that they go to some website that pops up a browser
window that´s designed to look like the window of an antivirus app. They
actually do a pretty good job-it can fool the average user easily. Anyhow,
the animation in the
On 16 Sep 2010 at 11:18, Alex Eckelberry wrote:
I have asked and they said they would put that up.
Kewl ...
-Original Message-
From: Angus Scott-Fleming [mailto:angu...@geoapps.com]
Sent: Thursday, September 16, 2010 1:54 AM
To: NT System Admin Issues
Subject: Re: #*$% Security
wrote:
Trying it now. Love the concept—let’s see if it helps. :)
*From:* Alex Eckelberry [mailto:al...@sunbelt-software.com]
*Sent:* Wednesday, September 15, 2010 12:58 PM
*To:* NT System Admin Issues
*Subject:* RE: #*$% Security Tools Malware
Btw, we update the malware URLs
manually, its like 10 bucks a year, that's all of two drinks at the bar, no
biggie.
Phillip Partipilo
Parametric Solutions Inc.
Jupiter, Florida
(561) 747-6107
Hey, what bar is selling drinks that cheap.at least alcoholic drinks?
Murray
~ Finally, powerful endpoint security that
if it helps. :)
*From:* Alex Eckelberry [mailto:al...@sunbelt-software.com]
*Sent:* Wednesday, September 15, 2010 12:58 PM
*To:* NT System Admin Issues
*Subject:* RE: #*$% Security Tools Malware
Btw, we update the malware URLs of these rogues right into ClearCloud.
Feel free
: MMF [mailto:mmfree...@ameritech.net]
Sent: Wednesday, September 15, 2010 8:39 PM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
John is absolutely correct. My brother got this a couple of weeks ago and asked
me for help.I found it by going into task manager and looking at all
: #*$% Security Tools Malware
Do you do URL filtering? I work on the theory A/V should be the last line,
stop them getting there in the first place.
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: 15 September 2010 17:20
To: NT System Admin Issues
Subject: #*$% Security Tools
Trying it now. Love the concept-let's see if it helps. :)
From: Alex Eckelberry [mailto:al...@sunbelt-software.com]
Sent: Wednesday, September 15, 2010 12:58 PM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
Btw, we update the malware URLs of these rogues right
MIS Department
Taylor County School District
www.taylor.k12.fl.us
From: MMF [mailto:mmfree...@ameritech.net]
Sent: Wednesday, September 15, 2010 8:39 PM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
John is absolutely correct. My brother got this a couple
. :)
*From:* Alex Eckelberry [mailto:al...@sunbelt-software.com]
*Sent:* Wednesday, September 15, 2010 12:58 PM
*To:* NT System Admin Issues
*Subject:* RE: #*$% Security Tools Malware
Btw, we update the malware URLs of these rogues right into ClearCloud.
Feel free
...@sunbelt-software.com]
*Sent:* Wednesday, September 15, 2010 12:58 PM
*To:* NT System Admin Issues
*Subject:* RE: #*$% Security Tools Malware
Btw, we update the malware URLs of these rogues right into ClearCloud.
Feel free to and the ClearCloud DNS server as a replacement to your
existing
*To:* NT System Admin Issues
*Subject:* RE: #*$% Security Tools Malware
Btw, we update the malware URLs of these rogues right into ClearCloud.
Feel free to and the ClearCloud DNS server as a replacement to your
existing DNS:
http://clearclouddns.com/
It’s still beta, but I think
[mailto:jonathan.l...@gmail.com]
Sent: Thursday, September 16, 2010 8:29 AM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
I've been using OpenDNS since the DNS poisoning problem was widely
reported...last year? Year before?
Not only that, seems to be faster than our ISP's
Email:ezi...@lifespan.org email%3aezi...@lifespan.org
Cell:401-639-3505
*From:* Jonathan Link [mailto:jonathan.l...@gmail.com]
*Sent:* Thursday, September 16, 2010 8:29 AM
*To:* NT System Admin Issues
*Subject:* Re: #*$% Security Tools Malware
I've been using OpenDNS since the DNS
Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Thursday, September 16, 2010 8:44 AM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
ClearCloudDNS is probably a very good option for home users. It will
be less
Advantage...*
* *
On Wed, Sep 15, 2010 at 1:31 PM, Alex Eckelberry al...@sunbelt-software.com
wrote:
www.Clearclouddns.com
*From:* Jeff Frantz [mailto:jfra...@itstechnologies.com]
*Sent:* Wednesday, September 15, 2010 1:11 PM
*To:* NT System Admin Issues
*Subject:* RE: #*$% Security
I have asked and they said they would put that up.
-Original Message-
From: Angus Scott-Fleming [mailto:angu...@geoapps.com]
Sent: Thursday, September 16, 2010 1:54 AM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
On 15 Sep 2010 at 14:45, Alex Eckelberry wrote
block a domain, not a full URL),
then ClearCloud is better. If you want content filtering, use OpenDNS.
Alex
From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Thursday, September 16, 2010 8:24 AM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
OpenDNS provides similar
[mailto:asbz...@gmail.com]
Sent: Thursday, September 16, 2010 9:38 AM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
Hey, Alex
Have you thought about working with the OpenDNS folks to provide enhanced
website security for their service?
This would be a benefit to Sunbelt/GFI
settings, and I could print again. What's going on?
Murray
_
From: Alex Eckelberry [mailto:al...@sunbelt-software.com]
Sent: Thursday, September 16, 2010 10:24 AM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
Yes. We have talked with them. I think
Ironport, Nominum are all customers of our ThreatTrack malicious data
feeds.
Alex
*From:* Andrew S. Baker [mailto:asbz...@gmail.com]
*Sent:* Thursday, September 16, 2010 9:38 AM
*To:* NT System Admin Issues
*Subject:* Re: #*$% Security Tools Malware
Hey, Alex
Have you thought about
could print again. What's going on?
Murray
--
*From:* Alex Eckelberry [mailto:al...@sunbelt-software.com]
*Sent:* Thursday, September 16, 2010 10:24 AM
*To:* NT System Admin Issues
*Subject:* RE: #*$% Security Tools Malware
Yes. We have talked with them. I
*From:* Andrew S. Baker [mailto:asbz...@gmail.com]
*Sent:* Thursday, September 16, 2010 9:38 AM
*To:* NT System Admin Issues
*Subject:* Re: #*$% Security Tools Malware
Hey, Alex
Have you thought about working with the OpenDNS folks to provide enhanced
website security for their service
--
*From:* Alex Eckelberry [mailto:al...@sunbelt-software.com]
*Sent:* Thursday, September 16, 2010 10:24 AM
*To:* NT System Admin Issues
*Subject:* RE: #*$% Security Tools Malware
Yes. We have talked with them. I think they are sourcing their malware
lists from some other
[mailto:asbz...@gmail.com]
*Sent:* Thursday, September 16, 2010 8:24 AM
*To:* NT System Admin Issues
*Subject:* Re: #*$% Security Tools Malware
OpenDNS provides similar benefits...
*ASB *(My XeeSM Profile) http://XeeSM.com/AndrewBaker
*Exploiting Technology for Business Advantage...*
* *
On Thu
One is a HP Deskjet 960 and the other is a HP Photosmart D110.
Murray
_
From: Richard Stovall [mailto:rich...@gmail.com]
Sent: Thursday, September 16, 2010 11:21 AM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
Dollars to donuts they are HP inkjets
I believe that it's by IP, but I'll check.
Murray
_
From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Thursday, September 16, 2010 11:17 AM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
Clearly, your wireless printer is malicious. :)
Do you print
see if it helps. :)
*From:* Alex Eckelberry [mailto:al...@sunbelt-software.com]
*Sent:* Wednesday, September 15, 2010 12:58 PM
*To:* NT System Admin Issues
*Subject:* RE: #*$% Security Tools Malware
Btw, we update the malware URLs of these rogues right into ClearCloud.
Feel
on their web
site.
From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Thursday, September 16, 2010 12:40 PM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
OpenDNS also offers FamilyShield: https://www.opendns.com/familyshield
https
blocking. Not a lot of detail on their web
site.
--
*From:* Andrew S. Baker [mailto:asbz...@gmail.com]
*Sent:* Thursday, September 16, 2010 12:40 PM
*To:* NT System Admin Issues
*Subject:* Re: #*$% Security Tools Malware
OpenDNS also offers FamilyShield
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
OK, I installed Clearcloud DNS on my laptop at home, and it blocked my
ability to print to my wireless printers. So, I reversed those DNS settings and
I could print again. So, I then setup Clearcloud DNS on my Netgear router
, September 16, 2010 3:42 PM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
I use DynDNS, but not for that service. Generally, I've been happy with
their overall service for over 7 years now. Probably not a bad deal.
ASB (My XeeSM Profile)
Exploiting Technology for Business
You could always switch to Vipre Enterprise. J That's what we're using here
and it seems to catch it. So far, I don't think it's missed a single attempt
since upgrading to Vipre Enterprise 4. (knocking on / touching wood!)
John-AldrichPerception_2
From: John Hornbuckle
An occasional one manages to slip past VIPRE but they're rare. We've also
found that they tend to appear after a reboot even when the user is diligent
and immediately kills iexplore.exe.
We set a GP to automatically delete Temp Internet Files when IE is closed -
this eliminates those
, September 15, 2010 12:28 PM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
You could always switch to Vipre Enterprise. :) That's what we're using here
and it seems to catch it. So far, I don't think it's missed a single attempt
since upgrading to Vipre Enterprise 4. (knocking
Touching Wood? Really?!?!
On Wed, Sep 15, 2010 at 9:27 AM, John Aldrich
jaldr...@blueridgecarpet.comwrote:
You could always switch to Vipre Enterprise. J That’s what we’re using
here and it seems to catch it. So far, I don’t think it’s missed a single
attempt since upgrading to Vipre
There's always the chance you are missing some things...
1. I know of no AV product which scans an NTUSER.DAT file. If the user
associated with this file is logged in, then it is scanned as a part of
the active registry. If the associated user is logged off, then scans do
not find the ugly
This brand, for lack of a better word seems to be the most pernicious stuff
I've seen.
On Wed, Sep 15, 2010 at 12:20 PM, John Hornbuckle
john.hornbuc...@taylor.k12.fl.us wrote:
The “Security Tools” malware is about to drive me insane. My users keep
managing to infect themselves with it, and
http://vipre.malwarebytes.org/
Free. And the combination really works.
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Wednesday, September 15, 2010 12:20 PM
To: NT System Admin Issues
Subject: #*$% Security Tools Malware
The Security Tools malware is about to drive me
[mailto:al...@sunbelt-software.com]
Sent: Wednesday, September 15, 2010 12:55 PM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
http://vipre.malwarebytes.org/
Free. And the combination really works.
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Wednesday
+1
That is exactly the combination I was using (sucessfully I might add) even
before the 'merger'.
On Wed, Sep 15, 2010 at 11:55 AM, Alex Eckelberry
al...@sunbelt-software.com wrote:
http://vipre.malwarebytes.org/
Free. And the combination really works.
*From:* John Hornbuckle
Do you do URL filtering? I work on the theory A/V should be the last
line, stop them getting there in the first place.
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: 15 September 2010 17:20
To: NT System Admin Issues
Subject: #*$% Security Tools Malware
The
Vipre seems to be the best antivirus thats is also keeping up well with
malware. The other major players are seriously paling in comparison.
Otherwise, if you are already vested in an antivirus product; suppliment
your systems with dedicated malware protection from something like
Malwarebytes.
Well, sometimes it does, sometimes it does not...
A short time ago I gave a couple of problems. That is, the _real_
malware is hidden. Scans find the secondary downloaded malware but not
the real culprit. It wasn't until I went looking for new files in the
Windows directories that we
John,
I have not tried it yet but Trend Micro has a free browser add-on which is
supposed protect the browser from infiltrations. It may be worth a try on one
or two PCs where the users are malware magnets.
http://free.antivirus.com/web-protection-add-on/
-Jeff
Fine, except some well known and trusted sites get compromised on
occasion. This is one route by which malicious PDF files hit folks via
drive by infections.
--
richard
Paul Hutchings paul.hutchi...@mira.co.uk wrote on 09/15/2010 12:07:40
PM:
Do you do URL filtering? I work on the theory
www.Clearclouddns.com
From: Jeff Frantz [mailto:jfra...@itstechnologies.com]
Sent: Wednesday, September 15, 2010 1:11 PM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
John,
I have not tried it yet but Trend Micro has a free browser add-on which is
supposed protect
:* Jeff Frantz [mailto:jfra...@itstechnologies.com]
*Sent:* Wednesday, September 15, 2010 1:11 PM
*To:* NT System Admin Issues
*Subject:* RE: #*$% Security Tools Malware
John,
I have not tried it yet but Trend Micro has a free browser add-on which is
supposed protect the browser from
Not right now... it's focused just on malware sites.
From: Roger Wright [mailto:rhw...@gmail.com]
Sent: Wednesday, September 15, 2010 1:35 PM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
Any plans to include content filtering in ClearCloud?
Roger Wright
___
When it's
: Wednesday, September 15, 2010 12:39 PM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
There's always the chance you are missing some things...
1. I know of no AV product which scans an NTUSER.DAT file. If the user
associated with this file is logged in, then it is scanned
Cool
Can I add that as an alternative to my ISP's DNS in my Active
Directory, or should I just push that out through DHCP?
From: Alex Eckelberry [mailto:al...@sunbelt-software.com]
Sent: Wednesday, September 15, 2010 12:58 PM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
[mailto:jaldr...@blueridgecarpet.com]
Sent: 15 September 2010 18:49
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
Cool... Can I add that as an alternative to my ISP's DNS in my Active
Directory, or should I just push that out through DHCP?
From: Alex Eckelberry [mailto:al
Active
Directory, or should I just push that out through DHCP?
From: Alex Eckelberry [mailto:al...@sunbelt-software.com]
Sent: Wednesday, September 15, 2010 12:58 PM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
Btw, we update the malware URLs of these rogues right
12:30 PM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
An occasional one manages to slip past VIPRE but they're rare. We've also found
that they tend to appear after a reboot even when the user is diligent and
immediately kills iexplore.exe.
We set a GP to automatically
System Admin Issues
Subject: RE: #*$% Security Tools Malware
Woah don't do that. You want your AD DNS so that clients point to your
domain controllers/AD DNS servers and your DNS servers either use Sunbelt as
forwarders, or root hints.
Alex, ignoring the IP addresses are those boxes on anycast
They are on anycast nodes
-Original Message-
From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk]
Sent: Wednesday, September 15, 2010 1:52 PM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
Woah don't do that. You want your AD DNS so that clients point to your
Correct
From: Richard Stovall [mailto:rich...@gmail.com]
Sent: Wednesday, September 15, 2010 1:53 PM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
If you have a Windows AD domain, your DHCP scopes should point your clients to
your INTERNAL DNS servers. Use your ISP's
other than blocking malware sites and no advertising every time you mistype a
URL etc.
-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: 15 September 2010 18:59
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
So I would replace
, September 15, 2010 2:03 PM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
Pretty much.
Your internal clients should always point to your DC's (if they don't things
will stop working and you'll have a very bad day), your DC's then would have
the ClearCloud DNS servers set
On 15 Sep 2010 at 13:11, Jeff Frantz wrote:
I have not tried it yet but Trend Micro has a free browser add-on which
is supposed protect the browser from infiltrations. It may be worth a try on
one or two PCs where the users are malware magnets.
On 15 Sep 2010 at 12:55, Alex Eckelberry wrote:
http://vipre.malwarebytes.org/
Free. And the combination really works.
Just remember, only the VIPRE part of that page is free. On that page, quite
prominently, is this:
(Malwarebytes' Anti-Malware is free for
Message-
From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk]
Sent: Wednesday, September 15, 2010 2:03 PM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
Pretty much.
Your internal clients should always point to your DC's (if they don't
things
will stop working
: Wednesday, September 15, 2010 2:14 PM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
Huh?
You add it to DNS servers, not DCs. Not all DCs are DNS Servers and vice
versa.
Also, you can add it from the same DNS snap-in. IIRC, it should see all DNS
servers in your org
: #*$% Security Tools Malware
On 15 Sep 2010 at 12:55, Alex Eckelberry wrote:
http://vipre.malwarebytes.org/
Free. And the combination really works.
Just remember, only the VIPRE part of that page is free. On that page, quite
prominently, is this:
(Malwarebytes' Anti-Malware
: Angus Scott-Fleming [mailto:angu...@geoapps.com]
Sent: Wednesday, September 15, 2010 2:10 PM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
On 15 Sep 2010 at 12:55, Alex Eckelberry wrote:
http://vipre.malwarebytes.org/
Free. And the combination really
But it doesnt run in real-time unless you buy it. And, these days, its a
useless security product unless you do. Otherwise you are only scanning
what is already on your computer. You want something like Malwarebytes to
prevent that from happening in the first place. Otherwise, those buggers
SUNBELT = GFI
Shook
From: Micheal Espinola Jr [mailto:michealespin...@gmail.com]
Sent: Wednesday, September 15, 2010 3:36 PM
To: NT System Admin Issues
Subject: Re: #*$% Security Tools Malware
But it doesnt run in real-time unless you buy it. And, these days, its a
useless security product
SHOOK = FWB
--
ME2
On Wed, Sep 15, 2010 at 12:43 PM, Andy Shook andy.sh...@peak10.com wrote:
SUNBELT = GFI
Shook
*From:* Micheal Espinola Jr [mailto:michealespin...@gmail.com]
*Sent:* Wednesday, September 15, 2010 3:36 PM
*To:* NT System Admin Issues
*Subject:* Re: #*$% Security
Subject: Re: #*$% Security Tools Malware
On 15 Sep 2010 at 12:55, Alex Eckelberry wrote:
http://vipre.malwarebytes.org/
Free. And the combination really works.
Just remember, only the VIPRE part of that page is free. On that page, quite
prominently, is this:
(Malwarebytes
I've pinged them on yours and Vicky's questions.
-Original Message-
From: David Lum [mailto:david@nwea.org]
Sent: Wednesday, September 15, 2010 4:28 PM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
I have tried twice to contact Malwarebytes via
:56 PM
To: NT System Admin Issues
Subject: RE: #*$% Security Tools Malware
From what I've seen in digging into Security Tools, the .exe's aren't
stored in the IT temp folder. I'm finding them elsewhere under the user's
profile \application data\local settings. Some random folder name.
From
On 15 Sep 2010 at 14:45, Alex Eckelberry wrote:
In my discussions with Malwarebytes, they have indicated that they are ok
with the use of Malwarebytes in a commercial environment for a one-time use
to clean an infected system -- at least as it regards the website
vipre.malwarebytes.org.
73 matches
Mail list logo
