Hello,

I'm a long time user of NOD32. Today I descided to run Housecall by Trend-Micro and it found well over 300 items - including Adware_adclicker and Tspy_Dumador. It said they were located in Windows and it said local hosts 127.0.0.1?

I keep NOD32, CounterSpy and Adaware, Spybot and Spyware blaster updated and running. Could those be false positives and what would you recommend with respect to NOD32?

NOD32 as well as Ad-Aware se + Spybot S&D do have definitions for Adware/AdClicker and Dumador ... Although it is less likely to be infected with this setup , the possibility still remains .


I would recommend you find the exe/dll files which TM housecall thinks are infected and submit them to both

1) VirusTotal (www.virustotal.com)
2) ESET Labs (samples@eset.com)


Check your NOD32 settings and make them as per Blackspear's tutorial (http://www.wilderssecurity.com/showthread.php?t=37509)


Tell us how you going then . Regards! :thumb: ;D

I respectfully disagree. Trends Antispyware is one ofthe best. I use it and have found it beats Spy Sweeper and Counter Spy with no problems and few false positives. But, submitting the files is the correct thing to find out in your case.

Let me bold it is my personal option which is based on my experience and from what I have read on reputable sites . Let us not comment it but concentrate on LowJat99's problem . Thanks very much ! :thumb:

I do have NOD32 set up per Blackspear's recommendations. What I can't figure out is why NOD32 wouldn't pick it up-even while running the computer in Safe Mode.

Housecall states they are located in:

C:\Windows\system32\drivers\etc\hosts\127.0.0.1

If these entries are found in the hosts file (which I suspect from your posts), I wouldn't worry about them.

It just means that traffic to these sites is being blocked by your hosts file.
Maybe you are using this one: http://www.mvps.org/winhelp2002/hosts.htm
Highly recommended

At that link you can also read what the hosts file does.

Regards,

Pieter

I second Pieter's post :thumb:

TM's detection is not a real threat so absolutely nothing to worry about !;D

Thanks so much guys! You're the best!

You are welcome ! :thumb:

{QUOTE-> Let me bold it is my personal option which is based on my experience and from what I have read on reputable sites . Let us not comment it but concentrate on LowJat99's problem . Thanks very much ! :thumb: <-QUOTE}

Did I say something wrong? I wasnt trying to sell the frigging product. I just expressed my thoughts and agreed that he should continue down the path of advice he was given. Geez people.

Ladies and Gentlemen, please remember we are on an international forum, and with this take into consideration language barriers. There will also be varying opinions as to the correct solution to a problem, and not every problem has one solution, so yes, looking down a different path can be a good thing to resolving an issue.

Cheers

Blackspear.