Housecall picking up Odd Files

Discussion in 'NOD32 version 2 Forum' started by LowJat99, Sep 29, 2006.

Thread Status:
Not open for further replies.
  1. LowJat99

    LowJat99 Registered Member

    Joined:
    Sep 29, 2006
    Posts:
    3
    Hello,

    I'm a long time user of NOD32. Today I descided to run Housecall by Trend-Micro and it found well over 300 items - including Adware_adclicker and Tspy_Dumador. It said they were located in Windows and it said local hosts 127.0.0.1?

    I keep NOD32, CounterSpy and Adaware, Spybot and Spyware blaster updated and running. Could those be false positives and what would you recommend with respect to NOD32?
     
  2. ASpace

    ASpace Guest

    NOD32 as well as Ad-Aware se + Spybot S&D do have definitions for Adware/AdClicker and Dumador ... Although it is less likely to be infected with this setup , the possibility still remains .


    I would recommend you find the exe/dll files which TM housecall thinks are infected and submit them to both

    1) VirusTotal (www.virustotal.com)
    2) ESET Labs (samples@eset.com)


    Check your NOD32 settings and make them as per Blackspear's tutorial


    Tell us how you going then . Regards! :thumb: :D
     
    Last edited by a moderator: Sep 29, 2006
  3. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I respectfully disagree. Trends Antispyware is one ofthe best. I use it and have found it beats Spy Sweeper and Counter Spy with no problems and few false positives. But, submitting the files is the correct thing to find out in your case.
     
  4. ASpace

    ASpace Guest

    Let me bold it is my personal option which is based on my experience and from what I have read on reputable sites . Let us not comment it but concentrate on LowJat99's problem . Thanks very much ! :thumb:
     
    Last edited by a moderator: Sep 29, 2006
  5. LowJat99

    LowJat99 Registered Member

    Joined:
    Sep 29, 2006
    Posts:
    3
    I do have NOD32 set up per Blackspear's recommendations. What I can't figure out is why NOD32 wouldn't pick it up-even while running the computer in Safe Mode.

    Housecall states they are located in:

    C:\Windows\system32\drivers\etc\hosts\127.0.0.1
     
  6. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,330
    Location:
    Netherlands
    If these entries are found in the hosts file (which I suspect from your posts), I wouldn't worry about them.

    It just means that traffic to these sites is being blocked by your hosts file.
    Maybe you are using this one: http://www.mvps.org/winhelp2002/hosts.htm
    Highly recommended

    At that link you can also read what the hosts file does.

    Regards,

    Pieter
     
  7. ASpace

    ASpace Guest

    I second Pieter's post :thumb:

    TM's detection is not a real threat so absolutely nothing to worry about !:D
     
  8. LowJat99

    LowJat99 Registered Member

    Joined:
    Sep 29, 2006
    Posts:
    3
    Thanks so much guys! You're the best!
     
  9. ASpace

    ASpace Guest

    You are welcome ! :thumb:
     
  10. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Did I say something wrong? I wasnt trying to sell the frigging product. I just expressed my thoughts and agreed that he should continue down the path of advice he was given. Geez people.
     
  11. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Ladies and Gentlemen, please remember we are on an international forum, and with this take into consideration language barriers. There will also be varying opinions as to the correct solution to a problem, and not every problem has one solution, so yes, looking down a different path can be a good thing to resolving an issue.

    Cheers

    Blackspear.
     
Thread Status:
Not open for further replies.