2009-12-31

pc antivirus with avg

12.4: proj.addn/xpw/security/avg:
. look at avg free antivirus:
has download time cutoff issues;
... but softpedia.com points out that's just ms`ie: try firefox
[later I'd learn that you download a downloader]

web.addn/xpw/security.ware:

Avira AntiVir Personal - Free Antivirus 9.0.0.415
A file change monitor. Used with BlackICE Defender.
can monitor a given file for changes.
Monitoring can detect file size changes or simply file writes,
both with minimal impact on system resources (no polling is performed).
The primary use of this utility is for monitoring
changes in the log file of a personal firewall program
and being able to spawn a separate application
when changes are detected,
but the tool can be applied to any number of other uses.

12.17: mis.addn/xpw/busy overnight with script:
. xpw is very busy with fan blaring
after seamonkey has found a script that won't quit?
and yesterday it kept thrashing?
re-login to flush things .

mis.addn/xpw/thrashing:
. get more fields in view that might be related to thrashing,
and give some idea if some app has a mem leak .

12.18: mis.xpw/Exploit Rogue scanner attacker:
. agv complains accessed file is infected:
antivirusguard22.com/1/img/listfile.js
threat name:Exploit Rogue scanner (type 961),
. it wouldn't let me close the popup alert,
I used the close button, but after I did that it started scanning
until I closed the parent window .
. anyway,
there's the reason I don't have my password.file on this!
you have to be smarter than foggy headded about
whether all your browsers on every system have noscript
and whatever else ... .
. don't I have noscript on seamonkey?
maybe that was just mac, do it now .
. seamonkey did not record where it was coming
from with that rogue page .
[... not sure how I lost it; found history page later]


12.19: mis.addn/xpw/low v.mem with much page faulting:
. why is mem furiously page flipping right now?
I must have a virus;
see what is doing mem io and kill it: file explore? close;
seamonkey? kill process tree .
41: restart,
on the way out it said my v'mem was low,
so maybe things were just flipping because of a leak,
and the wild disk activity was gc
which it might do when it sees I have done much in a while
(mostly staring at the editor ) .

mis.addn/xpw.seamonkey/confused about history:

12.20:
. I did find history
and the link was found with the bad redirect:

How complexity rules our lives - CultureLab - New Scientist
http://www.newscientist.com/blogs/culturelab/2009/12/how-complexity-rules-our-lives.php
go.php
http://new-count.cn/go.php?id=2006-51&key=0522c7066&d=1
computer security
http://antivirusguard22.com/1/?sess=%3DGG39jDwMS01MSZpcD03Mi4yMDAuMTI3LjE0NCZ0aW1lPTEyNjYxMgkMMQkN
. trying the newscientist.com site again,
http://www.newscientist.com/blogs/culturelab/2009/12/how-complexity-rules-our-lives.php
and this time the redirect was to
http://fast-scan37.com/1/?sess=%3DGGz9jDwMS01MSZpcD03Mi4yMDAuMTI3LjE0NCZ0aW1lPTEyNjYzMcgMMQkM
I again got another avg alert, again for
Threat name: Exploit Rogue scanner (type 992),
and it said threat was blocked .

. so then I searched the site for the original page:
http://www.newscientist.com/blogs/culturelab/2009/12/
how-complexity-rules-our-lives.php
seems to have something to do with
new-count.cn counting how many times you been there?
going to it again didn't result in a new redirect .

12.21:
. can't find any mention of the site;
whois claims it's available .
. might be some trick in the spelling of the name
or in some other way affects the say browser records the link ?