Re: Error Message - Possible Virus Threat / seamonkey.exe

2009-03-22 Thread John Doue 

John Doue wrote:

John Reinders wrote:

Hi,

I have attached a link to a .jpg showing an Avg error message that my 
Dad is periodically getting. Sometimes every morning after he turns on 
his computer and opens Seamonkey, sometimes every other day - not 
consistent.


I have run multiple scans of his system using Avg, also Malware 
programs including MVT and the the one from Microsoft, and AdAware and 
have found nothing. His system seems to be running fine...


Here is the link...

http://www.our-family-history.org/virusthreat.jpg

Any thoughts? He is running an older version of Seamomkey.. 1.1.7 or 
1.1.8, can't remember for sure. I will be upgrading him this weekend 
to the most current version.


Thanks, John
Some AV are not very considerate with Seamonkey.exe. Shorting of dumping 
such stupid AV, just tell AVG this is a false positive. I have not used 
AVG for a long time, so hopefully someone else can tell you how to do this.


I apologize for having been hasty in looking at the attached jpg ... and 
jumping to the very wrong conclusion. Thought seamonkey.exe was the 
supposed culprit, I guess because it was mentionned in a higher font 
which made it more visible. Lesson learnt!


--
John Doue
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Error Message - Possible Virus Threat / seamonkey.exe

2009-03-21 Thread NoOp 
On 03/21/2009 04:27 PM, John Reinders wrote:
> NoOp wrote:
>> On 03/21/2009 07:49 AM, John Reinders wrote:
>>> Hi,
>>>
>>> I have attached a link to a .jpg showing an Avg error message that my 
>>> Dad is periodically getting. Sometimes every morning after he turns on 
>>> his computer and opens Seamonkey, sometimes every other day - not 
>>> consistent.
>>>
>>> I have run multiple scans of his system using Avg, also Malware programs 
>>> including MVT and the the one from Microsoft, and AdAware and have found 
>>> nothing. His system seems to be running fine...
...

>> 
>   Thanks a million! Gee this is scary stuff, what a world we live in! 
> Will keep you posted on how we make out. Might be helpful to someone 
> else later on...
> 
> John

Could also be that AVG is doing it's job and he's actually not infected
- hence the reason for the AVG popups. In addition to clearing the cache
& cookies that other's mentioned, and turning off javascript (at least
for awhile), I'd also clear the history (change it to store for only 1
day etc) & temporarily rename & examine his bookmark.html file. In other
words, try to 'clean' his profile as much as you possibly can, or
alternatively create a new profile for him & let him use that for a week
to see if he gets any more. I also very much recommend that you install
PrefBar & teach him to use it; he can easily turn off javascript, java,
cookies, images, flash, etc. See:

http://prefbar.mozdev.org/
  http://prefbar.mozdev.org/help/
   http://prefbar.mozdev.org/screenshots.html

Please also make sure that his current version of SM is fully
up-to-date. See:

for more details.

The new 2.x version of SeaMonkey includes several features included in
FireFox 3.x such as nicely clearing history, cookies. etc on shutdown.
You might want to consider installing that version - it will import his
mail etc settings and run in parallel to his older version of SM. So
he/you can try that without affecting his exisiting version of SM.

This may be the hardest one of all: educate him about safe browsing.
Remember when he may have taught you about the birds & the bees, or that
first time that he allowed you to drive on a major highway with him in
the passenger seat? Well, it's important for the younger and/or more
knowledgeable folks to turn that around and educate their folks about
save-hex (or in my case my grown sons). Teach him about phishing, spam,
419's, that posting on a list, the web, or group is forever, etc.
  With a solid bit of knowledge on what to look for, what to avoid he'll
be able to alert you when he finds something less suspicious than an AVG
warning. He may overwelm you at first with false positives, but be
patient & treat each 'alert' as serious and if it is a false positive
explain why & how _you_ know it is.

Good luck.

Gary/NoOp




___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Error Message - Possible Virus Threat / seamonkey.exe

2009-03-21 Thread John Reinders 

NoOp wrote:

On 03/21/2009 07:49 AM, John Reinders wrote:

Hi,

I have attached a link to a .jpg showing an Avg error message that my 
Dad is periodically getting. Sometimes every morning after he turns on 
his computer and opens Seamonkey, sometimes every other day - not 
consistent.


I have run multiple scans of his system using Avg, also Malware programs 
including MVT and the the one from Microsoft, and AdAware and have found 
nothing. His system seems to be running fine...


Here is the link...

http://www.our-family-history.org/virusthreat.jpg

Any thoughts? He is running an older version of Seamomkey.. 1.1.7 or 
1.1.8, can't remember for sure. I will be upgrading him this weekend to 
the most current version.


Thanks, John


In addition to what others have mentioned:


You'll find it listed here:

2009/03/15_00:00kotleto.com/main/?t=1   195.216.175.114 -   
Luckysploit
Sergei A Mozailo (gef...@zmail.ru)

See:
http://www.google.com/search?complete=0&hl=en&q=Luckysploit+&btnG=Search
http://novirusthanks.org/blog/2009/03/luckysploit-new-exploit-kit/
http://www.sophos.com/security/blog/2009/03/3632.html
[Not so lucky(sploit) mass defacements]

That is a nasty one; nothing to do with SeaMonkey though - AVG is merely
identifying the process that is using it. Have your dad turn off
javascript until you get it cleaned out. Good luck in cleaning that up.
Novirusthanks lists the files & registry keys that should be removed.
However, if AVG is identifying it, then hopefully you should be able to
use AVG to remove it. Try the AVG forums as well.

 Thanks a million! Gee this is scary stuff, what a world we live in! 
Will keep you posted on how we make out. Might be helpful to someone 
else later on...


John
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Error Message - Possible Virus Threat / seamonkey.exe

2009-03-21 Thread NoOp 
On 03/21/2009 07:49 AM, John Reinders wrote:
> Hi,
> 
> I have attached a link to a .jpg showing an Avg error message that my 
> Dad is periodically getting. Sometimes every morning after he turns on 
> his computer and opens Seamonkey, sometimes every other day - not 
> consistent.
> 
> I have run multiple scans of his system using Avg, also Malware programs 
> including MVT and the the one from Microsoft, and AdAware and have found 
> nothing. His system seems to be running fine...
> 
> Here is the link...
> 
> http://www.our-family-history.org/virusthreat.jpg
> 
> Any thoughts? He is running an older version of Seamomkey.. 1.1.7 or 
> 1.1.8, can't remember for sure. I will be upgrading him this weekend to 
> the most current version.
> 
> Thanks, John

In addition to what others have mentioned:


You'll find it listed here:

2009/03/15_00:00kotleto.com/main/?t=1   195.216.175.114 -   
Luckysploit
Sergei A Mozailo (gef...@zmail.ru)

See:
http://www.google.com/search?complete=0&hl=en&q=Luckysploit+&btnG=Search
http://novirusthanks.org/blog/2009/03/luckysploit-new-exploit-kit/
http://www.sophos.com/security/blog/2009/03/3632.html
[Not so lucky(sploit) mass defacements]

That is a nasty one; nothing to do with SeaMonkey though - AVG is merely
identifying the process that is using it. Have your dad turn off
javascript until you get it cleaned out. Good luck in cleaning that up.
Novirusthanks lists the files & registry keys that should be removed.
However, if AVG is identifying it, then hopefully you should be able to
use AVG to remove it. Try the AVG forums as well.

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Error Message - Possible Virus Threat / seamonkey.exe

2009-03-21 Thread Peter Potamus the Purple Hippo 

John Reinders wrote:

Rick Merrill wrote:

John Reinders wrote:

Hi,

I have attached a link to a .jpg showing an Avg error message that my 
Dad is periodically getting. Sometimes every morning after he turns 
on his computer and opens Seamonkey, sometimes every other day - not 
consistent.


I have run multiple scans of his system using Avg, also Malware 
programs including MVT and the the one from Microsoft, and AdAware 
and have found nothing. His system seems to be running fine...


Here is the link...

http://www.our-family-history.org/virusthreat.jpg

Any thoughts? He is running an older version of Seamomkey.. 1.1.7 or 
1.1.8, can't remember for sure. I will be upgrading him this weekend 
to the most current version.


Thanks, John


First, make sure all AV and Windows updates are installed.

It is highly possible that the "virusthreat" is actually THE VIRUS
that is attempting to get you to click on it!!!  Do not click on
the "close" - I have never seen such a message from AVG, which I
use and like.

Also, be sure to PURGE THE CACHE of SeaMonkey.


Hi Rick,

Yes I purged his cache and his windows updates are up-to-date...

I haven't heard from Dad today so I don't know if it showed up again or 
not...


Quick question? Does Avg have a forum? Maybe I should post there too..

Thanks, John


also remove its cookies

http://freeforum.avg.com/

--
*IMPORTANT*: Sorry folks, but I cannot provide email 
help Emails to me may become public


Notice: This posting is protected under the Free Speech 
Laws, which applies everywhere in the FREE world, 
except for some strange reason, not to the mozilla.org 
newsgroup servers, where your posting may get you banned.


Peter Potamus & His Magic Flying Balloon:
http://melaman2.com/cartoons/singles/mp3/p-potamus.mp3
http://www.toonopedia.com/potamus.htm
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Error Message - Possible Virus Threat / seamonkey.exe

2009-03-21 Thread Arne 

Rick Merrill wrote:

John Reinders wrote:

Hi,

I have attached a link to a .jpg showing an Avg error message that my 
Dad is periodically getting. Sometimes every morning after he turns on 
his computer and opens Seamonkey, sometimes every other day - not 
consistent.


I have run multiple scans of his system using Avg, also Malware 
programs including MVT and the the one from Microsoft, and AdAware and 
have found nothing. His system seems to be running fine...


Here is the link...

http://www.our-family-history.org/virusthreat.jpg

Any thoughts? He is running an older version of Seamomkey.. 1.1.7 or 
1.1.8, can't remember for sure. I will be upgrading him this weekend 
to the most current version.


Thanks, John


First, make sure all AV and Windows updates are installed.

It is highly possible that the "virusthreat" is actually THE VIRUS
that is attempting to get you to click on it!!!  Do not click on
the "close" - I have never seen such a message from AVG, which I
use and like.


I have seen "Web shield alert" messages, and I always close them from 
the top right "X" even if I don't think using the close button is 
dangerous. That message is from AVG. ;)


Anyway, when searching for the file mentioned in the alert message, I 
found this:


http://www.finjan.com/MCRCblog.aspx?EntryId=2213

The page is about "LuckySploit", a "crimeware toolkit" and explains 
how it works. "LuckySploit brings code obfuscation to a whole new 
level of sophistication, far more advanced than all others we have 
seen so far".


From the explanation I can understand why the antimalware softwares 
can't find any trace of it on the computer after AVG has given the alert.



Also, be sure to PURGE THE CACHE of SeaMonkey.


In this case it's the best advice, since nothing could be found. What 
makes AVG given the alert is when some "harmless" looking script on a 
page in the cache is connecting to the server that compromised the 
website you have visited and cached!


Just my 2c if what you can read from my link makes any sence. ;)

--
/Arne
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Error Message - Possible Virus Threat / seamonkey.exe

2009-03-21 Thread John Reinders 

Rick Merrill wrote:

John Reinders wrote:

Hi,

I have attached a link to a .jpg showing an Avg error message that my 
Dad is periodically getting. Sometimes every morning after he turns on 
his computer and opens Seamonkey, sometimes every other day - not 
consistent.


I have run multiple scans of his system using Avg, also Malware 
programs including MVT and the the one from Microsoft, and AdAware and 
have found nothing. His system seems to be running fine...


Here is the link...

http://www.our-family-history.org/virusthreat.jpg

Any thoughts? He is running an older version of Seamomkey.. 1.1.7 or 
1.1.8, can't remember for sure. I will be upgrading him this weekend 
to the most current version.


Thanks, John


First, make sure all AV and Windows updates are installed.

It is highly possible that the "virusthreat" is actually THE VIRUS
that is attempting to get you to click on it!!!  Do not click on
the "close" - I have never seen such a message from AVG, which I
use and like.

Also, be sure to PURGE THE CACHE of SeaMonkey.


Hi Rick,

Yes I purged his cache and his windows updates are up-to-date...

I haven't heard from Dad today so I don't know if it showed up again or 
not...


Quick question? Does Avg have a forum? Maybe I should post there too..

Thanks, John
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Error Message - Possible Virus Threat / seamonkey.exe

2009-03-21 Thread Rick Merrill 

John Reinders wrote:

Hi,

I have attached a link to a .jpg showing an Avg error message that my 
Dad is periodically getting. Sometimes every morning after he turns on 
his computer and opens Seamonkey, sometimes every other day - not 
consistent.


I have run multiple scans of his system using Avg, also Malware programs 
including MVT and the the one from Microsoft, and AdAware and have found 
nothing. His system seems to be running fine...


Here is the link...

http://www.our-family-history.org/virusthreat.jpg

Any thoughts? He is running an older version of Seamomkey.. 1.1.7 or 
1.1.8, can't remember for sure. I will be upgrading him this weekend to 
the most current version.


Thanks, John


First, make sure all AV and Windows updates are installed.

It is highly possible that the "virusthreat" is actually THE VIRUS
that is attempting to get you to click on it!!!  Do not click on
the "close" - I have never seen such a message from AVG, which I
use and like.

Also, be sure to PURGE THE CACHE of SeaMonkey.

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Error Message - Possible Virus Threat / seamonkey.exe

2009-03-21 Thread John Doue 

John Reinders wrote:

Hi,

I have attached a link to a .jpg showing an Avg error message that my 
Dad is periodically getting. Sometimes every morning after he turns on 
his computer and opens Seamonkey, sometimes every other day - not 
consistent.


I have run multiple scans of his system using Avg, also Malware programs 
including MVT and the the one from Microsoft, and AdAware and have found 
nothing. His system seems to be running fine...


Here is the link...

http://www.our-family-history.org/virusthreat.jpg

Any thoughts? He is running an older version of Seamomkey.. 1.1.7 or 
1.1.8, can't remember for sure. I will be upgrading him this weekend to 
the most current version.


Thanks, John
Some AV are not very considerate with Seamonkey.exe. Shorting of dumping 
such stupid AV, just tell AVG this is a false positive. I have not used 
AVG for a long time, so hopefully someone else can tell you how to do this.


--
John Doue
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey