Re: Spyware/Malware
From: Sadie (anonymous_at_discussions.microsoft.com)
Date: 01/23/04
- Next message: anonymous_at_discussions.microsoft.com: "Re: easy question please help"
- Previous message: pedro: "Re: microsoft is making spyware ????????!!!!!!!!"
- In reply to: *Vanguard*: "Re: Spyware/Malware"
- Next in thread: Mike Burgess: "Re: Spyware/Malware"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 22 Jan 2004 21:05:23 -0800
Go to grc.com..download the DCOMBOBULATOR.Takes a second
it's a simple two switch device.Close port 135,and you're
halfway there.Next,check out Black Vipers list of
services you can safely set to "disable" or "manual".It
is very comprehensive.THEN...you could go to
security.kolla.de and download Spybot Search and Destroy.
that'll get rid of all those tracking cookies,etc.
You can even programme it to block traffic from the
notorious spamming sites...if your missus doesn't get
there first!
>-----Original Message-----
>"Randy Davis" said in news:1ff801c3e108$54ca5500
$a301280a@phx.gbl:
>> We have a computer that appears to be infected with
some
>> sort of pernicious malware/spyware. We have run Ad-
aware
>> and spywareblaster and removed unwanted software, but
it
>> seems that within hours, some of the same malware is
>> back. We have disabled Windows Restore, think that
might
>> be part of the problem. It is still occurring.
>> Interestingly, we are getting Popup ads on the computer
>> without any browser window being open first. The user
is
>> just working along in InterDev (she is a web developer,
>> of all things--she nows how to keep safe on the
Internet)
>> and all of a sudden, IE opens to some ad.
>>
>> Has anyone heard of this kind of behavior before? It
is
>> like there is something that stays resident in the
>> computer the reinfects it after it has been cleaned.
>
>I have found web sites that will open another browser
instance but without a
>window. This lets the other instance run a script timer
that will then
>trigger it to open yet another instance of the browser
to display their
>crapola. With all visible browser instances closed,
have her check Task
>Manager to see if there is still a hidden instance if
iexplore.exe running.
>If so, kill it. Rebooting would also get rid of the
windowless instance of
>the browser but is more drastic than just killing it in
Task Manager. Then
>tell her not to visit those sites again. She probably
also needs some
>training on how to get, install, and use popup blocker
utilities (which
>would stop the load of the second windowless copy of the
browser).
>
>Although you claim the popups are an instance of IE,
might they actually be
>Messenger Service popups? Does the popup look like a
browser window or a
>simplistic one with just some text in it with "Messenger
Service" in the
>title bar? If so, have her disable the "Messenger" NT
service in her
>NT-based Windows. But then I have to wonder about the
lack of expertise in
>whomever is managing your firewall to let this crap in.
>
>Besides using Ad-Aware and Spybot, and the HijackThis
mentioned by another
>respondent, also use CWShredder. SpywareBlaster is
handy in disabling
>spyware that happens to sneak in. SpywareGuard will
also help protect
>against downloads of the crap and your browser getting
hijacked without your
>permission.
>
>
>--
>_________________________________________________________
___
>*** Post replies to newsgroup. E-mail is not accepted.
***
>_________________________________________________________
___
>
>
>.
>
- Next message: anonymous_at_discussions.microsoft.com: "Re: easy question please help"
- Previous message: pedro: "Re: microsoft is making spyware ????????!!!!!!!!"
- In reply to: *Vanguard*: "Re: Spyware/Malware"
- Next in thread: Mike Burgess: "Re: Spyware/Malware"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
