In the DCS forum this question was asked by a user, and we like to continue this part of the discussion here: http://diamondcs.com.au/forum/showthread.php?s&threadid=1481 Patrice, what was the message of the alert and was it maybe alarming on the email for a double extension or other risks? Could there have been suspicious code somewhere in the HTML text? Could it be you have HTML blocked in WG? Several possibilities, so please be more specific so we can see what to do next.
Hi Jooske! Right, this is perhaps the right forum for this question... Well, the alert was as you said for a double extension. For me the reason is quite simple: www.pcflank.com -> as you see this is already a double extension... No, there wasn't suspicious code or something like that in the HTML text. As I already mentioned, the email and the link were from a trusted sender and a trusted site! So, I was 100% sure, that there was nothing. You certainly begin to doubt and say to yourself, that no one can be 100% sure. But yes, because I sended a mail to myself (business account - private account), as I often do. And to be honest with you, I deinstalled Wormguard a while ago... But I reconsider of buying and installing it, because the reasons (see Wormguard Homepage) are quite obvious! Best regards! Patrice
Hmmmmmmm i would not see www.domainname.com as a double extension in fact.......... It would be if you have an email with an attachment with the URL in it for instance. You can also get alarms if you block all .com extensions ZoneAlarm for instance has the habit to add an URL as an attachment to an email and change the URL for instance into wwwdomainnamecom or change the "com" part into something different . The attached URL would have an extension like www.domainname.com.eml and WG could tell you there is a double extension and the real name is..... etc. In my settings it only alarms if i click on the URL via the attachment, not if i use the one in the email itself unless it would have anything suspicious in it. If the attached title has something in it like "infect" one could expect alerts too, but i think this is filtered for real alerts already. I would not like to be a moment without WG, as it saved my system's life several times! and i really love the possibility to look into files in the safe mode so i know why it was blocked and can decide to do something with it, including running it anyway or leave it or delete it even.
Hi Jooske! Well, as soon as my wage arrives, I will buy it. If the error shows up again, I know where to come! Best regards! Patrice
If you still have the email you might like to try it again and see what happens, and play around with adding or allowing some extensions. Would not suggest to add the .exe though, as that would make all your system unworkable
Hi Jooske! Damn, I'm really stupid... If I would read the help more carefully I would have found this issue: Dual extensions issue: Wormguard will report you are trying to run a file with dual extensions if you click Start > Run and type a web address such as www.diamondcs.com.au. You should allow this to run of course, we recommend you simply run Internet Explorer first and enter your web address into the address bar at the top of Internet Explorer. Grmpf... Regards, Patrice
Thanks Patrick for finding it in the helpfile for others quoted here to end all confusion! You've been really helpful for us all, hope you'll continue more testing and trying and tell your finds and concerns! You're really into trying out new products these days, aren't you?
Patrice, You will not regret your purchase especially with WG4 on the horizon for which you will be entitled to a free upgrade! Pilli
Hi Jooske & Pilli! Yep, I have bought it! Well, I have considered to buy this product for several months now. Let's say I'm too old for trying out every product which exists... But DCS has a special status, everything what they bring out will be tested from me. I believe in these guys! Best regards! Patrice
