Re: Spyware/adware and Internet Explorer and Attack
From: Bert Gold (Bert_member_at_newsguy.com)
Date: 02/04/04
- Next message: John Fuses: "Re: Thawte "Web of Trust" a source of Identity Theft?"
- Previous message: Dazz: "Re: Open Source auditing"
- In reply to: donutbandit: "Re: Spyware/adware and Internet Explorer"
- Next in thread: CalamityKen: "Re: Spyware/adware and Internet Explorer and Attack"
- Reply: CalamityKen: "Re: Spyware/adware and Internet Explorer and Attack"
- Reply: Hairy One Kenobi: "Re: Spyware/adware and Internet Explorer and Attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 4 Feb 2004 04:58:25 -0800
Donutbandit and Ed,
As I explained, I removed the network plug last night before going
home, and, as expected found no adverse banners, pop-ups, or
other unexpected adware/spyware on my machine this morning.
It is now clear that a bot or person is tunneling in to my machine,
which is behind an elaborate firewall, to release this spyware/adware
through Internet Explorer.
Perhaps it is related to the hole in IE6 documented earlier in my
communiques to this group, perhaps not.
Of course I have Mozilla Firebird, Opera, and Netscape available
(Mozilla and Netscape are installed on the machine in question;
Opera is on a convenient detachable USB harddrive nearby).
I may try hobbling my system by removing IE this morning as explained
below but, so far my conclusions are:
1) There is someone or something attacking my static ip address
with documented junk.
2) That person or bot is violating the law.
3) There is a hole in my Internet Explorer.
4) Internet Explorer is so far the only browser that 'pops up'
and becomes intractable during these attacks.
5) Several compu-professionals have suggested completely wiping
and starting from scratch.
6) There are no a) detectable viruses (McAfeee Professional, updated
11 AM yesterday), b) Windows update is current (updated around 5PM on
2/2/2004 and again at 11 AM on 2/3/2004 to catch yesterday's patch).
and several anti-spywares find no offending files.
So, there is a serious problem, which will undoubtedly spread, and the
whole computing community should be up in arms, but isn't yet.
Bert Gold
In article <bvqdap$c9j$2@news.snowcrest.net>, donutbandit says...
>
>Bert Gold <Bert_member@newsguy.com> wrote in
>news:bvp4m302lg3@drn.newsguy.com:
>
>> I believe my system is under attack.
>>
>> I cannot remove internet explorer from my system to test whether
>> the pop ups can launch browsers in the absence of Internet Explorer
>>
>
>Ah, but you can.
>
>www.litepc.com
>
>Download and use IEradicator.
>
>However, this will not remove the HTML engine from Windows, as too many
>programs rely on it. IE is eradicated on my system, but I was able to use
>MyIE2, and when I checked it out, the engine was reported as "MSIE."
>
>There IS a way to get rid of the HTML engine completely. Download and
>install 98Lite (free version) from that same site. Trigger through the
>options, and choose to make your desktop "sleek." This will remove all
>vestiges of IE and the HTML engine from Windows.
>
>However, you will have a version of Windows that looks like 95 with a bad
>haircut. Still, it's useful for testing.
>
>Never fear - you can easily reinstall IE and put things back the way they
>were.
>
>Is there any chance that these popups are Windows Messenging?
- Next message: John Fuses: "Re: Thawte "Web of Trust" a source of Identity Theft?"
- Previous message: Dazz: "Re: Open Source auditing"
- In reply to: donutbandit: "Re: Spyware/adware and Internet Explorer"
- Next in thread: CalamityKen: "Re: Spyware/adware and Internet Explorer and Attack"
- Reply: CalamityKen: "Re: Spyware/adware and Internet Explorer and Attack"
- Reply: Hairy One Kenobi: "Re: Spyware/adware and Internet Explorer and Attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
