Cable Forum - Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

Yes it can be - I've never personally had a problem with it but...

Do you think I would recommend running a program that would damage rather than cure?

Quote:

Originally Posted by Paul Delaney

You'll have to trust me on this one because there are several tools I use daily to remove these parasites, part of my work involves providing a non - destructive virus removal service mostly to small businesses.

What do you do if CF does not remove files on the first run?

Quote:

Originally Posted by Paul Delaney

All of them can be dangerous if handled in the wrong way.

I agree.

Quote:

Originally Posted by Paul Delaney

It would be irresponsible of me to post a cure for this problem without first knowing what I was talking about and I see identical problems every week.

I too help users and am trained to use CF, if anything goes wrong i can speak to the tools creator along with many others, i would never run CF without seeing either a hijackthis log or DSS log first and neither would any analyst i know.

So, you run CF for the first time and you have look at the text file it produces, from the reg dump this shows up, what would you do.

Quote:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\xtisps.exe

Paul Delaney

22-06-2008 12:33

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

Quote:

Originally Posted by TheBruce1 (Post 34581334)

I gonna have to disagree here, there are certain infections that will render a users system useless if you use CF first.
Its not just about running tools, its researching every entry and from that putting a fix together, for example, which order would you put tools in and why.

Combofix is not just a tool, it is also a diagnostic tool and with so many changes to CF as malware develops, removing the wrong thing will also cause the users system to become useless.

What do you do if CF does not remove files on the first run?

I agree.

I too help users and am trained to use CF, if anything goes wrong i can speak to the tools creator along with many others, i would never run CF without seeing either a hijackthis log or DSS log first and neither would any analyst i know.

So, you run CF for the first time and you have look at the text file it produces, from the reg dump this shows up, what would you do.

Please yourself - I wasn't expecting to debate it - you work out why half of nodpi.org cannot be viewed then.

:)

Ravenheart

22-06-2008 12:50

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

There's a feature on the Politics show at the moment about having data collected on us, and they say it's time we fought back. No doubt it will be on the Iplayer later

popper

22-06-2008 13:00

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

;) RH got there before me ;)

"the Politics show" just had an interesting personal data and the loss of it "surveillance society" section....

ilago

22-06-2008 13:02

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

Quote:

Originally Posted by TheBruce1 (Post 34581334)

I gonna have to disagree here, there are certain infections that will render a users system useless if you use CF first.
Its not just about running tools, its researching every entry and from that putting a fix together, for example, which order would you put tools in and why.

Combofix is not just a tool, it is also a diagnostic tool and with so many changes to CF as malware develops, removing the wrong thing will also cause the users system to become useless.

What do you do if CF does not remove files on the first run?

I too help users and am trained to use CF, if anything goes wrong i can speak to the tools creator along with many others, i would never run CF without seeing either a hijackthis log or DSS log first and neither would any analyst i know.

I was about to post the same thing. Combofix is not a tool for people untrained in its use. It does not remove all malware. There are some specific infections that it does remove, but there are many it does not. The logs need careful reading and assessment.

Back to fighting with the people that used to provide rootkits and forced advertising on unsuspecting users in the recent past :(

Wildie

22-06-2008 13:06

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

Quote:

Originally Posted by ilago (Post 34581360)

I use Avira it seams to find more and rid more than the other freebies out there.

TheBruce1

22-06-2008 13:09

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

Quote:

Originally Posted by Paul Delaney

Please yourself - I wasn't expecting to debate it - you work out why half of nodpi.org cannot be viewed then.

I am not trying to debate you, all i am trying to do is show people that CF is more than just a scanner, the tools creator puts alot of work into his tool and it does frustrate him when people use it incorrectly or do not understand the workings of CF, if you are interested in fighting malware, your are always welcome to join any of the HJT schools.

Quote:

Originally Posted by ilago

Back to fighting with the people that used to provide rootkits and forced advertising on unsuspecting users in the recent past

I agree.

Wild Oscar

22-06-2008 13:27

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

Thanks for the list Ryewolf .. and welcome to the forum!

popper

22-06-2008 13:57

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

"the Politics show"

Data security

nothing great (perhaps to be expected from the BBC these days)but its the last section 45 minutes in.

direct video link for your VLC /MPC player
mms://wm-acl.bbc.co.uk/wms/news/n5ctrl/tvseq/od/bbc1/bb/wm/video/pol_show_bb.wmv

prefer it in your (windows) browser, click the top right latest full program link
http://news.bbc.co.uk/1/hi/programme...ow/default.stm

the featured ladys week
http://news.bbc.co.uk/1/hi/programme...ow/7457618.stm

warescouse

22-06-2008 14:24

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

Quote:

Originally Posted by OldBear (Post 34581221)

Yes, and what they actually tell you they will do with your info, as laid out in the "Privacy Policy" (yeah! privacy, my arse!), is quite frightening.
cut...
OB

I did see that but I thought I would leave that to the inquisitive. I did particularly dislike
"Here's what we do know...
While we don't know the identity of Subscribers, the ContextPlus AdServer and CP collect and use the following kinds of anonymous information:
Some of the Web pages viewed
The amount of time spent at some Web sites
Response to ContextPlus Ads
Standard web log information (including IP Addresses and system settings
What software is on the personal computer"
(Bold is mine)

Of course you have to take the word of this spyware company regarding what personal data they do not collect in that same agreement.

SelfProtection

22-06-2008 14:40

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

Quote:

Originally Posted by JackSon (Post 34581170)

Sadly I have received no registration e-mail either (from nodpi.org). I used my throwaway hotmail address in case it is of any significance, is plausible hotmail isn't letting it through - it's filtering can be indiscriminate.

On a positive note, all site navigation appears to be working :)

Same here no response from nodpi.org using a hotmail e-mail address.

warescouse

22-06-2008 14:44

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

Quote:

Originally Posted by SelfProtection (Post 34581413)

Same here no response from nodpi.org using a hotmail e-mail address.

Is it possible that persons unknown have added nodpi.org to an anti-spam database?

JackSon

22-06-2008 14:49

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

Quote:

Originally Posted by SelfProtection (Post 34581413)

Same here no response from nodpi.org using a hotmail e-mail address.

The odd thing is the original registration e-mail never arrived - however if you click on the 'forgot my password' button, those further e-mails do get delivered into hotmail. Sadly the link contained in said e-mail doesn't work, but Alex is aware of this one.

---------- Post added at 14:49 ---------- Previous post was at 14:47 ----------

Quote:

Originally Posted by warescouse (Post 34581414)

Is it possible that persons unknown have added nodpi.org to an anti-spam database?

In my cynnical mind, I wouldn't be at all surprised if that is the case.

Privacy_Matters

22-06-2008 14:53

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

Quote:

Originally Posted by warescouse (Post 34581414)

Is it possible that persons unknown have added nodpi.org to an anti-spam database?

I've checked a few lists after the last issues were reported, and nodpi.org appeared not to be on any list.

It could be a case that certain webmail clients, as a results of protecting their own lists of users, indicate nopdi.org as spam or junk mail. nodpi.org could be possibly read by the protective code in webmail clients as a possible bot, due to the apparent randomness of the address.

Just a thought...

Tarquin L-Smythe

22-06-2008 15:00

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

If there is third party interference with the NoDPI reg are we saying PHILTH

All times are GMT +1. The time now is 02:39.

Page 656 of 948