1-stop Answers here: Spyware, Secret Installs, Popups & related

Discussion in 'Tech Talk' started by MB-G26, Oct 12, 2003.


  1. MB-G26

    MB-G26 Bk2MiscResource
    Lifetime Member

    6,138
    396
    Came across the following which might be useful for anyone battling this new "about:blank" browser command infection/CWS variant:
    http://forums.spywareinfo.com/index.php?showtopic=24818&hl=messenger+pop+up

    Mentions a couple new tools helpful in detecting & dealing w/windows services and "about:blank" infections:
    m
     

    Wanna kill these ads? We can help!
  2. MB-G26

    MB-G26 Bk2MiscResource
    Lifetime Member

    6,138
    396
    This is a different beast than "instant messenger" and such, and the distinction is important to make.
    Culled research to date:
    *****************************
    www.itc.virginia.edu/desktop/docs/messagepopup/ - 20k - Sep 5, 2004
    ******************
    http://www.microsoft.com/windowsxp/using/security/learnmore/stopspam.mspx
    *********************************
    ************
    http://www.winguides.com/registry/category.php/67/
    m
     

  3. Could you repeat that please...?;)
     
  4. NetNinja

    NetNinja Always Faithful

    967
    0
    Please for the love of Pete don't use Outlook express as your email client.

    Outlook express has so many security holes in it that it should be called the Swiss Cheese email Client.

    Please use Outlook Or Mozilla Thunderbird.

    Mozilla Thunderbird is an open source email client.

    http://www.mozilla.org/products/thunderbird/
     
  5. gee..these replies aren't NEAR long enough. ;Q ;Q
     
  6. FThorn

    FThorn TV/Movie Club

    658
    0
    How do I get rid of the spyware,popups, viruses??

    Oh, that's right...I HAVE A MAC...don't GET THOSE THINGS!!!!!!!!!!

    Bwaaahahahhaahahahahahahah!

    :)
     
  7. MB-G26

    MB-G26 Bk2MiscResource
    Lifetime Member

    6,138
    396
    originally posted by FThorn...
    :::::::THWAP!!!!!!:::::::
    ;)
    m
     
  8. FThorn

    FThorn TV/Movie Club

    658
    0
    Thanks for the kind reply. (I just try to pepper the world with info about the goodness of macs! )

    :)
     
  9. MB-G26

    MB-G26 Bk2MiscResource
    Lifetime Member

    6,138
    396
    http://www.lurkhere.com/cgi-bin/forums/dcboard.cgi?az=read_count&om=660&forum=DCForumID4
    m
     
  10. David_G17

    David_G17 /\/\/\/\/\/\/\/

    2,046
    0
    what's insanely overpriced hardware and updates they make you pay for?


    oh that's right, I HAVE LINUX... don't get those things!!!!!
     
  11. If you don't have a MAC and want to explore sites without getting high-jacked. Or when doing a search and open "the multi screen pop-up from.....) Download Mozilla Firefox. It's a free browser and you can import all your bookmarks over. I tried it for about a month and seldom do I use I.E. Haven't had one high-jack while using. and i tried some sites i know that high-jack.
     
  12. While tempted to investigate Linux (being an old Unix guy), my concern is interoperability with my customers, who use Microsoft Office for virtually everything. And who occasionally use Adobe for docs.

    What's your perspective on desktop editing /publishing tools for Linux?
     
  13. Scribus is the number 1 Google hit on a search for desktop publishing linux and it looks pretty nice and it's open source. The screenshots look good, but I have never used the software. The same Google search turns up Pagestream and Artstream too. They're both commercial.

    StoneGiant, we had a brief exchange in the other Linux thread and I think these applications kind of reinforce my point. There really are some quality applications out there for Linux, and it can really be a viable home use OS, especially if you're savvy enough to understand what's involved in ensuring compatibility with your clients/customers/friends/family/etc. Want to send something out to someone you know uses a Windows environment? Most of the software will save PDF's or even direct MS formats. For a single person at home, it's not too bad. For an office full of people, it can get messy.
     

  14. Sounds like Mr. Gates has me by the short-and-curlies. If I want to ensure compatibility, I have to remain a Microsoft Slut.

    Oh well...
     
  15. epsylum

    epsylum Boolit Hoze

    3,868
    0
    That's exactly where he wants us.

    DAMN YOU BILL GATES!!!

    oh well at least I don't have ablue apple on my computer and it doesn't glow fruity colors ,and doesn't cost about twice as much as any other computer, and has more than one mouse button (mine currently has 8 IIRC), and.......

    ;)

    Now if I weren't so close minded to new experiences I would convert my system convet ot Linux. But, I'm lazy and don't feel like learning anything new. ;f
     
  16. Builder

    Builder Always Learning

    12
    0
    MB-G26 --- an amazing set of posts, THANK YOU. You know far more Windows "tricks" than I do, that's for sure.

    However, I have one additional suggestion. A "limited" account cannot (so far as I know) perform installations. So for a Windows box that MUST cruise the Internet, I recommend performing installations with an Administrator account (what all users / accounts are by default), then setting up a Limited one and DOING ALL INTERNET SURFING with it (Firefox, Opera, whatever, anything but Internet Explorer). This will prevent "surprise" installations (because the limited user doesn't have this power to install anything).

    To set up such, do [Start] [Control Panel] [User Accounts], and add a new one. There will be a non-default (as in, you must select this manually) "Limited" radio button, pick that.

    And once you've done this, be SURE to password every other account on the box (including booting into F8 Safe Mode, and installing a password on the account named "Administrator", every WinXP installation has one of those).

    Builder

    P.S. This _isn't_ the way I do things. I may need Windows for some things, but not for the Internet. And both IE & WinXP are so full of holes (known and _unknown_) that I don't think we'll ever see a trustworthy XP (witness the recent discovery by Steve Gibson of a "backdoor" that dates back to Win98 days). We might see such in the upcoming Vista, but mainly as a dependence upon a hardware solution (which will have its own major implications for Digital Right Management, as in that CD / DVD in your drive belongs to The Corporation, not you...).

    So here's an _extensive_ alternative (for the *advanced*, except that you don't need to be as advanced as MB-G26 already is :) ) that turns a system into a "dual-boot" one (you're booted off of Windows, or you're booted off of something else, Linux here, but only one at a time). This makes _my_ system (what I'm using right now) as safe as I can manage (and note I'm giving the Big Picture, there are MANY steps along the way, contact me if you want to discuss any of it).

    Also note that this pretty much requires DSL or Cable Modem, external boxes that one connects to with an Ethernet cable. Don't blame me, years ago Microsoft took over the standard modems; part of the vast majority of "modems" are hardware, with the rest software, drivers in the OS, _etc._. AFAIK, the software emulations (many, different manufacturers) have proven difficult, troublesome, and generally not worth the trouble of the Linux community to reverse engineer, so Linux won't talk to most modems.

    [1] Make backups (you already do this, right???). This recreates your computer, loses most everything, you must be prepared....

    [2] Download & burn (or buy, not that many $$$) the ISOs for your favorite Linux (I like SuSE myself, it does something very important for me --- it allows a boot from floppy!).

    [3] Disconnect any cabling (Ethernet to DSL modem) that puts your box on the Internet. Then install Windows XP. Be reasonable about diskspace, as you'll need four partitions (they may, however, be on different drives, or on the same drive):

    [a] A reasonable size for the Windows partition, say 20_GB or better, but leave 10-30_GB for Linux. This will be NTFS by default (the kind of filesystem), your "C:" drive; keep it that way (XP *likes* NTFS).

    A second partition for "intermediate" storage. Set this one up to 1-to-5-to-10_GB, whatever. Don't format it (this will be D: down the road).

    [c] Leave untouched that 10-30_GB for Linux (no partitions).

    [4] When you're up and running off of XP, format that unused partition to FAT32 (it'll be too big for FAT, and I'm not convinced that all Linux distributions understand how to _write_ to NTFS, thus the admonition to create this intermediate partition).

    [5] Do [Start] then right-click on [My Computer], left on [Properties], tab [Hardware], button [Device Manager], click the "+" in front of "Network adapters", right-click on your LAN card, and select "Disable". This prevents Windows from using the LAN card to get to your DSL modem (cable modem, whatever), and isolates Windows from the Internet. Without this step, you're no better off than before.

    [6] NOW, install Linux:

    [a] Let it consume the unpartitioned diskspace.

    If you're comfortable with whatever advanced partitioning the installation user interface offers, flag the main Windows partition as "read-only" (so Linux won't allow writes to it), or even "don't mount at boot" (so it's not even visible).

    [c] Leave the default settings for the intermediate (FAT32) partition (and Linux, which has no problems with either FAT or FAT32, will happily allow you to copy files there, which you may then access by booting Windows later on).

    [d] IMPORTANT: You should be able to specify a place where the boot loader goes. I'm not entirely convinced that Linux "plays" with Windows, but you're welcome to experiment (and then you want to use the boot loader called GRUB, modify the Windows "boot drive"). What I use instead is to place the boot loader called LILO onto a blank floppy (and skip the offer to put a filesystem on the floppy, I've had problems down that road).

    [7] And once you're up on Linux, create a spare floppy or two by running (as root):

    # /sbin/lilo

    This will stamp the previously formatted and writeable floppy in the drive with LILO, which will enable it to boot Linux next time. Remember, no floppy, Linux _LOST_, no further access (that I know of anyway), so you want some spares.

    *****

    When both installations are complete, you'll have a Windows XP that you boot normally, and a Linux install that you boot by inserting your magic boot floppy into the drive and booting from it (so enable "boot from floppy" ahead of "boot from hard drive" in the BIOS). And each will have read/write access to that intermediate partition, so that files may be shared between OS's.

    Normal use of Linux will use the LAN card to get to your broadband modem and out into the wide Internet (and every account but for "root" is a limited account, no way will viruses have a hold on your box). Normal use of Windows will _not_, it will then be a "standalone" box, as safe as possible.

    My apologies, this glosses over _many_ details, and barely scratches the surface of the wonderful operating system known as Linux (_e.g._ there's only one "look" to Windows, but SuSE has two main ones, and a host of older more primative "window managers").

    Any who try this, Abandon Hope All Yee Who Enter Here, no wait, I mean "Good Luck" (and write me if you need to, I may or may not be able to "crack" problems, but I can hopefully advise where to check next :) ).
     
  17. Blitzer

    Blitzer Cool Cat

    12,111
    0
    Microsoft Says Recovery from Malware Becoming Impossible

    By Ryan Naraine
    April 4, 2006

    LAKE BUENA VISTA, Fla.—In a rare discussion about the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation.

    "When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit," Mike Danseglio, program manager in the Security Solutions group at Microsoft, said in a presentation at the InfoSec World conference here. Offensive rootkits, which are used hide malware programs and maintain an undetectable presence on an infected machine, have become the weapon of choice for virus and spyware writers and, because they often use kernel hooks to avoid detection, Danseglio said IT administrators may never know if all traces of a rootkit have been successfully removed.

    He cited a recent instance where an unnamed branch of the U.S. government struggled with malware infestations on more than 2,000 client machines. "In that case, it was so severe that trying to recover was meaningless. They did not have an automated process to wipe and rebuild the systems, so it became a burden. They had to design a process real fast," Danseglio added... :shocked:


    Microsoft Says Recovery from Malware Becoming Impossible
     
  18. MB-G26

    MB-G26 Bk2MiscResource
    Lifetime Member

    6,138
    396
    Thanks!! It's great that people keep this thread updated and add new and developing tricks, work-arounds, protective steps, and keep it moving into the 'now everything is XP world' :)

    I think I started it so long ago, the thread, that I was still only on a 98 machine, hehehe..... I've since learned to tolerate XP (but still kinda hate it) *snarf*

    Getting into alternative OSs is on my long-range list of To Do's - but sheesh there's a lot of stuff in front of that particular entry LOL!

    Keep adding new stuff!!
    m
     
  19. pellertpale

    pellertpale ReMember

    258
    0
    So if I follow the steps outlined in the original post will this remove the rest of this Sysprotect crap? i already ran a windows search for "sysprotect" and deleted all the files. Ran ad-aware, and ran norton. Do I need to reinstall xp?
     

Loading...
Similar Threads Forum Date
Updated 1-stop answers: Spyware, Secret Installs, Virus and related Tech Talk Jan 9, 2005
Time for a new laptop...So this is where I go to get answers. Tech Talk Apr 23, 2015
GOP senator demands answers for DOJ issues at Lynch hearing Political Issues Jan 28, 2015
Sometimes the answers are... The Okie Corral Dec 27, 2014
Questions And Answers The Lighter Side Dec 12, 2014

Share This Page

Duty Gear at CopsPlus