This site that of COURSE hits the top of the search engines–freeze.com (don’t go there) —managed to offer a legitimate download of a useful program, Filezilla, but AS the legit program downloads, about the time your normal little black and white ‘Accept these conditions’ screen pops up—viola! you get a popup made to look exactly like that familiar screen that says Accept and once you do, then starts wildly downloading everything but the kitchen sink. I was tired, I was rushed: at the last instant something didn’t ‘feel’ right about a sudden new start of downloads and I aborted it quick as I could hit the button, but not before I had 3 of the blighters AND the Yahoo toolbar. Going into ‘add/remove programs’ showed NADA, nothing.
That’s how they get past the watchdog programs — you’ve ‘Allowed’ it.
Once on, they mask themselves so that they don’t show as what they are in ‘add/remove programs’ and don’t show in Firefox’s ‘add-on manager’ —so you have to go another route: look for things that just installed and nuke them forthwith. It’s still a pita to do and you risk blowing off something essential by mistake. The date-installed is the best guide.
Hot spot in Hell, for sure, and I and most other computer people would take a stint turning the spit.
Be careful in downloads. My protection suite didn’t take alarm at this site; didn’t stop the downloads; and it dumped icons on my desktop that, had I clicked on them, would probably have unpacked God knows what.
The purveyors of these programs have enough computer-un-savvy grandparents and mostly-confuseds out there in internet-land that they can keep themselves in clover just from the clicks. Dis-gusting.
If you’re not sure about a download you want, ask on Wave. One of us is bound to know a safe download site. This morning I was pre-coffee and too complacent. I should have gone to CNet. Those usually are clean.
Boy, do I know what that’s like. I accidentally got McAfee Security Scan because I failed to click OFF the option to download it along with something I actually did want (how considerate of them to just assume I wanted that, as well). Once I realized I had something I didn’t want I went to my Uninstall Programs page, attempted to remove it…and was asked if I was sure I wanted to uninstall Windows. Ummm…heck, no!! So there it is, prompting me every now and again to run a system scan, which I will not do–because I don’t trust programs that sneak onto my computer when my guard is down. I have learned my lesson, but I’m sure something else will get me in some other devious way.
McAfee used to be my anti-virus of choice, but ever since they started that …. stuff… I’ve put them on my nuke-on-site list. Unfortunately, they have ganged up with adobe and I ended up accidentally allowing them a couple days ago. The uninstall program actually worked though, so I’m not stuck with them again. Now if only I could remind windoze I HAVE a legitimate copy so I don’t have to deal with THAT pop up a couple times a day….
I fall into the mostly confused category, but I’m damned suspicous. I’ve had Bing toolbar and some other toolbar show up and finally figured out how to turn the wretched things off. Then I hunted things by days in the programs like CJ said. And held my breathe. I now glower at any download to make sure there are no little boxes lurking that haven’t been scrutinized first.
I will remember the pillow suggestion — usually I just yell lots of bad words. Getting up and away before saying bad words might work better, although it’ll probably still scare the kittehs.
It’s a good general practice on any OS to not use an Admin account as your every day account. It does cut down on accidental permission-granting.
The non-admin idea is a good thing.
FileZilla is a pretty good choice. But my preferred FTP client is FireFTP – a Firefox Add-on. It’s very well designed and has everything you need, and nothing you don’t need. It’s easy to use and very stable. I’ve been using it regularly for a couple of years without a a single problem. It’s convenient to have an FTP client in your browser, and it will also import all your settings from FileZilla.
https://addons.mozilla.org/en-US/firefox/addon/fireftp/
Thanks for the tip.
Browsers like Chrome and Safari can also warn if you’re connecting to a site that contains malware, or other kinds of naughty things.
At least you’re not using IE, but I’d try Chrome out and see if it helps.
You may need to find something else to do the FTP though. Personally I use Cyberduck http://cyberduck.ch/
Filezilla is, itself, a clean program; it wasn’t their site. It was someone using their freeware as bait, a form of piracy. But as above, having more than one is not a problem, either.
I have had AdAware, and McAfee; I have Norton, I have all those things, but Norton doesn’t register this site as malware. If I get a free neuron I’m going to write Norton about freeze.com and advise them what they are. They don’t always know until someone complains.
If there’s an industry buzzword for the fake ‘Agree’ blank I’d like to know it.
Downloading from cnet doesn’t guarantee you anything either, unfortunately. There was a recent case where cnet wrapped some perfectly safe software up with some sort of trojan installer – browser toolbars etc like you saw.
Ah – http://seclists.org/nmap-hackers/2011/5 describes it.
You’re a brave person to browse the Internet using Windows!
The source site for FileZilla:
http://filezilla-project.org/
Most people will want the “FileZilla Client” version, rather than “FileZilla Server”.
GreenWyvern’s suggestion of FireFTP is very fine also. The programmer gives donations to charities and, although FireFTP is still independent, the man himself was hired by the Mozilla team, which speaks to the quality and integrity there.
I’ve used both FileZilla and FireFTP.
A recent Java update tried to include an Ask.com toolbar and search engine as the defaults. Not nice. — It seems like everything and its brother wants to install some browser gizmo or toolbar lately. Phooey!
Regarding such: I used to use Ad-Aware as an anti-malware program. At the moment I’m using the older version of it…because the “new” version wants to be an antivirus as well as an anti-malware, it won’t let you turn off the anti-virus, and I already **have** an anti-virus I am happy with…!
And, once I’d realized all this mess was going on: there’s NO uninstall.exe for the new Ad-Aware. I had to do a system restore, in safe mode, to get the blasted thing off my machine.
Very unhappy. And I used to respect Lavasoft…
I’m glad that the damage was (relatively) minimal for you, CJ; if only we could send some kind of return-the-favor nastiness back at these folks. For instance redirecting their revenue clicks to our own accounts so WE make money from THEM for a day or two. Seems like fair repayment and justice to me…!
Oh shame on Lavasoft. I too, have used them for years.
Semi-related, for anti-virus, I use Avast – good ratings from multiple sources, even for their free-version. My BFF has been using it for around 3 years, with no events that I’m aware of.
For mal/spy ware – SpyBot Seek & Destroy has done me well, and I don’t believe it’s bundled anything.
*Now to go back through my son’s system – no telling what I accidentally bundled thx to As-Aware*
Presently in our house, we are running Microsoft Security Essentials for detection, and Malwarebytes for the actual removal. I know Microsoft isn’t exactly in good odor with many people, but presently, they seem to have a very effective malware and virus sniffing suite. It seems to cycle around, where a company that used to be good loses its edge or sells out, then another company develops a better piece of software. Swapping out no-longer-useful for the next iteration is annoying but necessary.
ANNNNNNNNNNNNNNNNNNNNNNNNND………….dear friends….
I’m a suspicious sod. I ran a Malwarebytes check on my disk, and yes, those bastards had installed a bundled software bomb IN the Filezilla folder. It is now gone.
I do recommend Malwarebytes: they have a freeware and a payware version, and both are good. It might be worth 8 minutes of your time to go to CNET, or malwarebytes.org, download the thing, and let it run a scan, just to see if your malware protection is as good as you hope it is.
Eeek. But the thing is that *anybody* can be snagged like that. I know it’s happened to me, and I’m paranoid and careful and nonetheless clicked the wrong ‘download’ button by chance and occasionally find ‘.exe’ files on my computer that my Mac happily ignores. Hope you got all of it.
Yup, Malwarebytes is the real deal. I run scans with that and Spybot Search & Destroy once a week. They complement each other well, Spybot is especially good at rooting out tracking cookies.
Thanks for the tip on Spybot.
I do a lot of genealogical research, so I do go to strange websites…some of them in French…and having a good screen is a good thing.
Javascript can be as dangerous as anything! It’s safer to have it disabled until you really need it, and then only for the duration. Lots of content uses it, but a malicious java script can pretty much do anything it wants to, including download things on its own. If it has to ask for permission you know it’s not going to tell you what nor why!
Malwarebytes is presently a really good tool to have about. If you use FireFox, I suggest getting NoScript, an addon that makes unauthorized things ask permission before running. It can be a bit inconvenient sometimes, as many websites load up their pages with all sorts of Java rubbish, but it adds some peace of mind. And yes, the people who try to sneak in those bits of cruft should be barbequeued; they are filthing and rotsome and maggot-wise.
Completely and totally off topic, but I just saw 2 trailers for a live action Bleach movie…and it looks so unbelievably bad I want to think that someone is spoofing us.
Oh……no.
Well…you have to wade through a lot of chaff on the U-tube. Looks like part CGI, as they’d have to; and then there’s a lot that’s very underbudget and sketch. I think it’s possibly fen grabbing any clip they can, when it’s still pre-production and nothing’s what it will be.
I can declare that some of the guys do look very nice. But I do think some of the film clips are cosplayers doing a production…and there’s one upscale stage play that’s quite fun: good costumes. A lot seems to be in Spanish. Then there are the ones where fen cast their own: I think Johnny Depp as Uruhara has possibilties. Of course it’s only the chap’s wishful thinking.
I sure hope that’s the case, ’cause at the moment it looks pretty cheesy. Where would fen even get the early footage? Looking around further, I stumbled across Bleach, the Rock Musical. I’m still laughing.
(Gotta say, the live action Rurouni Kenshin looks like it’s going to be pretty awesome though.)
Honestly, I think the anime LOSE a level of reality when they go live-action. It’s that willing suspension of disbelief thing. If you are ‘believing’ in the anime figures, your suspension of disbelief can extend to everything being composed of ‘spirit particles’, ergo the fact a chap can reconstitute a missing arm is credible. If it’s live-action, not so much: the mind starts saying ‘cheesy special effects’ and critiquing the job: the ‘contract’ between art and viewer has been violated, and now the viewer is no longer consenting on a blanket-permission level…if that makes sense. It’s the reason that modern sf on the screen risks losing the ‘sense of wonder’ in a welter of sfx. Back when it was Tom Corbett on the radio, your mind painted things the sfx people can’t remotely touch. Now you take a mental step back and see the maskmaking, the visual tricks—
I will say there’s one heckuva moment in the Naruto Shippuden anime, where the Akatsuki Purple Rose (I forget her name)throws up her ultimate attack—that was brilliant, brilliant animation, real think-about-it-later stuff. That it COULD be done in animation was an amazement. The concept was just blow-you-away. But if it had been done in film live-action—I’m not sure it would have worked as well.
I think you’re probably right. I enjoy live action fantasy (Onmyouji for instance), but the only anime I’ve seen translated to live action so far is DeathNote. I liked it a lot, but I did notice those moments when the lighting on the CG shinigami didn’t match the lighting in the room. Interestingly, really good fx can throw you out of a movie too if you’re thinking, “woah, how’d they do that?!” (Avatar, for instance, was one long SFX extravanganza where the “woah! fx!” factor far outweighed the storytelling.) The actors in the Bleach clips look pretty awesome, but right now there’s a high cheese factor in the way they leap at the camera, and in the swordfighting, not to mention the fx. Perhaps those are the sections you’re speculating are actually cosplayers?
Haven’t seen Naruto. I got a couple episodes into it, but none of the characters really grabbed me. And I have to admit that no matter how much I love Inuyasha, I hope they never do a live action version. I think the dog ears would be endlessly distracting. 🙂
We skipped Naruto for years, until we got into it from the very beginning and went all the way through one entire arc. Now we rank it up there with Bleach, and it does very good characters. They go completely over the top now and again in the gag bits, but the over all arc and the character development and back story just keeps getting richer and richer as time passes. We have voted we want to strangle Sakura, but even she acquires depth—yes, she really is the obsessed idiot she seems, and after several seasons she is in danger of growing older without growing up, but she’s starting to have her reality checks; the other interesting Sakura bit is that in an American production, she and Naruto would be a number…NOT in this. She’s not interested and it matures into an actual strong friendship. If you can get past Sakura, the early segments start to make sense.
As writers, one of the things we both so enjoy about Naruto is that the story doesn’t go for all the quick neat solutions most American fiction tends to, and we actually get surprised in the story. We love that.
Perhaps you should do like Hilfy did in Chanur’s Legacy – she put the secret message into an isolated cargo computer which could be suicided at will without interacting with any other computer program.
In practice, have a single computer JUST for the internet and do your serious novel typing on a computer not connected to anything.
Not a bad idea. At least we have backup!