Wot’s that you say? No, not me from here but me saying a fond farewell to a bit o’ kit on the tap-top.
I’ve used Open Live Writer since the death of Windows Live Writer. It’s a nice simple bit o’ software for composing this here rubbish.
However, starting early last week, upon clicking to start said program I instantly got a virus alert flash up. It informed me the virus was dangerous and had been quarantined. Wot to do? Scan with everything at my disposal. Clean. Locate the folded he might be hiding, Inet, and scrub everything in there. Reload OLW and bang sama-sama.
Clean-up again and thunk it through. Now the virus was identified as something that could connect to the Interweb and share information. This, of course, is wot OLW does so’s it can post the Blog to Blogger and/or download old posts if editing is needed. Was that wot was suddenly being ‘identified’ as a dangerous Trojan?
Keep it and risk it? I decided to say bu-by to OLW and revert to using Softmaker for doing wot I’m doing now, then copying and pasting into Blogger to do the final editing; that being font, font size and colour as formatting don’t copy across. I can live with that for a quiet life. Oh, you tried Geek Uninstaller? That sucker deletes the software and then finds stuff related to wot you’re uninstalling all over the place for removal.
Next step, figure out how to set the default font, size and colour in the compose window of Blogger.
As an aside, looking for a free alternative threw up a few but they all seem to be discontinued and lost.
As another aside, while doing the checking for cleaning, I looked in the Recent folder, an action to save everything you do I disabled long ago. Guess wot? Full... I guess Billy at the window reactivated it with one of his upgrades. Downgrades? If you haven’t, check that folder out, take a look. If I was a hacker, it’d be my first call to see everything used and pick wot looked ‘important’.
I’ve used Open Live Writer since the death of Windows Live Writer. It’s a nice simple bit o’ software for composing this here rubbish.
However, starting early last week, upon clicking to start said program I instantly got a virus alert flash up. It informed me the virus was dangerous and had been quarantined. Wot to do? Scan with everything at my disposal. Clean. Locate the folded he might be hiding, Inet, and scrub everything in there. Reload OLW and bang sama-sama.
Clean-up again and thunk it through. Now the virus was identified as something that could connect to the Interweb and share information. This, of course, is wot OLW does so’s it can post the Blog to Blogger and/or download old posts if editing is needed. Was that wot was suddenly being ‘identified’ as a dangerous Trojan?
Keep it and risk it? I decided to say bu-by to OLW and revert to using Softmaker for doing wot I’m doing now, then copying and pasting into Blogger to do the final editing; that being font, font size and colour as formatting don’t copy across. I can live with that for a quiet life. Oh, you tried Geek Uninstaller? That sucker deletes the software and then finds stuff related to wot you’re uninstalling all over the place for removal.
Next step, figure out how to set the default font, size and colour in the compose window of Blogger.
As an aside, looking for a free alternative threw up a few but they all seem to be discontinued and lost.
As another aside, while doing the checking for cleaning, I looked in the Recent folder, an action to save everything you do I disabled long ago. Guess wot? Full... I guess Billy at the window reactivated it with one of his upgrades. Downgrades? If you haven’t, check that folder out, take a look. If I was a hacker, it’d be my first call to see everything used and pick wot looked ‘important’.
Quote; Steven Magee.
“Computers and mobile devices are becoming known for their inherent insecurities and the ability to damage the long term health of the users.”
6 comments:
Mac,
Are you sure that its not a false positive? What antivirus software do you use?
I'm asking because OLW is an open source fork of WLW. Being open source means that malware would quickly be picked up and eliminated, since everyone has access to the code. I have known other open source software in the past where the anti malware program has flagged it up as a virus. So many private individuals work on open source software that its rare to non existent for it to contain malware code when downloaded (always stick to the software author's download links).
With that in mind, what I would do is uninstall OLW, do a malware scan, then download and install the latest version of OLW. If your anti malware program then flags up a virus, then ditch the anti malware software and run something else. Or not, because most of them are shit.
Personally I don't bother with any of the popular programs, especially Norton. The only thing I have running is Windows Defender (originated on Linux) which gets updated regularly and is much better than people think. My machine is locked down to the max, so if I need to go deeper there are some excellent online scanners.
Another thing to remember is, malware only gets onto your machine by downloading and running stuff without checking, or through email. Since Billy7, any code you download cannot access the Windows kernel, so you have to give it permission to run. So - the malware code would appear not only in OLW but also in the code/program that was downloaded and run.
A useful way of detecting malicious code is to go to ShieldsUP! and see which, if any ports are open and communicating. Mine are closed as tight as a nun's chuff.
How simple life is today with computers and such to do all of our thinking. In the bad old days we had to find an empty envelope, write out our shopping list, check pockets for change for the bus, wallet for ten bob note for the groceries. Now all we need to do is tune in, turn on and hope to get everything done before connection drops out.
Ripper,
Yes, I’m thinking false positive. Already did all you suggested and still got the alert. Although no big deal, and I’m guessing this goes for you as well, I don’t like being beaten by a keyboard with a screen.
One last thing to try is to fire-up the old laptop and see if anything’s changed with Windows updates over there and if not copy all settings from there to hear and see what happens.
I’m with you regards security; Defender, with occasional scans with Windows Malicious Software Removal Tool and Super Anti Spyware - yup, the free version - which is good for finding sneakily buried cookies.
ShieldsUp? Yup. But recently, it alerts me to incoming PING. Done all I can think of to no avail so when you have time, let me know your easy, quick and dirty way you’ve blocked inbound pings. Would be appreciated.
Andy5759,
Wot are these envelopes of which you speak?
And now smartphones. It's close to 6 out of every 10 folk you walk past will now have their faces buried in a little handheld screen. Oh, and that little screen will even pay for you at the checkout...
Mac,
As you probably know, PINGs are used to check for the existence of any IP address and if it is available for communication. As long as your machine isn't returning any data packets you are safe. ShielsUP may be notifying you that there is an open port that should be closed, so you then need to find out which port and the IP address that it is communicating with. Port are pinged for specific reasons, for example, if memory serves me, port 113 is pinged for email. Anyway, ShieldsUP has a port scanner which should tell you which ports are open.
My first guess (suspicion?) is that some Billy software on your machine is attempting to phone home, or Billy is trying to probe particular ports to get those data packets.
I run a combination of Privacy Badger and UBlock Origin. They do a great job of keeping the machine airtight. UBlock also has a dashboard that lets me block certain items on web pages, such as login and cookie panels that can prevent viewing of a page. I also run IBM Trusteer Rapport, a browser plugin which operates invisibly and alerts me to anything going on in the background, such as anyone using a keylogger or any suspicious activity running in RAM.
Ripper,
Yup, Rapport has been used for many a long year and as an addition, have you tried KeyScrambler? The free version - no surprise there then.
Regards Shields Up, what’s got me puzzled is I get a clean sweep of green squares then, further down, failed stealth owing to;
Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests...
I’m working on it...
Post a Comment