Another Question - Youtube Threat? [Resolved]

I wonder if Kevin or one of the other mods could tell me if BOClean, CMG or CFP will protect against the threat of Viruses, Trojans, Key Loggers, Spyware or Adware embedded within Codecs in Youtube videos?

See the BBC report of last month…

The reason I ask is that I sent a genuine direct Youtube link to a friend on the internet and she experienced a rather strange thing afterwards.

This sounds a bit bizarre but every now and then she would get some audio from the speakers of what she believed to be a small portion of the end of the Youtube video. Even after rebooting, this still occurred; smelt of adware to me (instead of pop up boxes, some audio).

However scans of the system brought up no results; although a system restore, clearing Internet files and cookies did the trick and this problem disappeared.

I still have the link to the Youtube video but will not post it unless requested for obvious reasons.
It has no effect on my computer having played it several times.

Has anyone ever had a similar experience with Youtube, and could it be that due to using CFP, BOClean and CMG I am immune from this threat?

Thanks,

Mike.

I can tell you that BOClean has you covered. :wink:
I haven’t seen or heard of YouTube actually hosting any of these though I’ve seen a number of cheesy looking fake YouTube sites with them that come from spammed email links.

Thanks, I’ll recommend that she uses BOClean in future. :slight_smile:
Mike.

mike, my guess is that the guy who wrote the bbc article doesn’t know what he is talking about… yes, there are “fake codecs”, but i think the guy is just assuming that fake codecs are associated with playing any videos, like videos at “youtube”… i don’t believe that is the case…

i don’t know how people manage to run across websites where they are prompted to install the fake codecs… i never see them so it is a mystery to me… i use the “winhelp2002 HOSTS file” and maybe that is part of the reason why i never see anything associated with the fake codecs… i also have firewall-rules that block access to ip addresses that are frequently used for hosting the fake codecs…

interestingly, someone told me, recently, where i could find a sample of a “fake codec”, but when i went to the webpage and tried to play the video that supposedly would prompt me to install the fake codec, the video just played, without any prompt to install the fake codec…

i am pretty confident that, if i downloaded a fake codec, my av program would flag it…

the “bad” ip addresses that i block are:

85.255.112.0 - 85.255.127.255

69.50.160.0 - 69.50.191.255

216.255.176.0 - 216.255.191.255

probably, the best thing to do is, if you are prompted to install some fishy codec, don’t install it…

mike, i found another “ip address-range” that probably should be blocked in your firewall-rules:

64.28.176.0 - 64.28.191.255

the ip address-range is for “cernel”… this webpage makes “cernel” look to be the heart of the zlob/dns-changer 'fake codec" world:

i would advise people to use the “winhelp2002 HOSTS file” to block access to some bad websites and to use eric howes’ “IESPYAD” to add “bad” websites to IE’s “restricted sites” zone…

Thanks Redwolf, will pass on the info and block those addresses.
Mike.

P.S. What is the easiest way to block addresses in CFP 2.4?

Hi Mike :slight_smile:

I am sorry, but I am no CFP expert at all :-\ , although I once bookmarked a topic from pandlouk were he explains how to make network rules for blocking IP’s. See this post ( with screenshot :slight_smile: ):

https://forums.comodo.com/frequently_asked_questions_faq_for_comodo_firewall/summary_of_network_rules-t5340.0.html;msg39470#msg39470

From this topic :

https://forums.comodo.com/frequently_asked_questions_faq_for_comodo_firewall/summary_of_network_rules-t5340.0.html;msg39470#msg39470

Btw. when making a network rule in CFP you can also choose an IP range instead of a single IP like in pandlouk’s post. I hope it will help you :slight_smile:

Greetz, Red.

P.S. With questions about it you can better ask pandlouk instead of me m8 :wink:

There’s basically only one way: ** FAQs/Threads - Read Me First **:

[b]Block Websites by URL[/b] https://forums.comodo.com/index.php/topic,822.0.html

However, should you have additional questions/comments on this subject, a new thread needs to be opened in one of the CFP boards.

Thanks Soya, will plough my way through that info when I have a spare moment. :slight_smile: Mike

Lol Soya :slight_smile: Mike and me belong to the “older” guys here. We know the rules, we respect the rules but we don’t always live by the rules :wink:

Greetz, Red.

Since posts on the forum are public, it’ll at least help herd the newbies out there in case there are future posts that continue on a different path (:WIN)

You forget we must keep you bussy as well :stuck_out_tongue:

Greetz, Red.

If I was really busy I wouldn’t be here right here right now.

Anyhooo Mike’s topic question was answered several posts ago, so case closed. Mike, if you need to open this thread PM an online mod (or Rednose because he likes this kind of thing).