Lyrics & Knowledge Personal Pages Record Shop Auction Links Radio & Media Kids Membership Help
The Mudcat Cafesj

Post to this Thread - Sort Descending - Printer Friendly - Home


Tech: spyware-etc..how it happens -what to do

Bill D 12 Apr 04 - 12:09 PM
Duane D. 12 Apr 04 - 12:44 PM
John MacKenzie 12 Apr 04 - 12:47 PM
michaelr 12 Apr 04 - 01:12 PM
michaelr 12 Apr 04 - 01:17 PM
Cattail 12 Apr 04 - 01:24 PM
Bill D 12 Apr 04 - 01:51 PM
Nemesis 12 Apr 04 - 01:58 PM
Q (Frank Staplin) 12 Apr 04 - 04:01 PM
Bill D 12 Apr 04 - 04:37 PM
Bill D 13 Apr 04 - 09:11 AM
John MacKenzie 13 Apr 04 - 11:31 AM
Bill D 13 Apr 04 - 11:38 AM
GUEST,MMario 13 Apr 04 - 11:39 AM
Stilly River Sage 13 Apr 04 - 12:08 PM
GUEST,leeneia 13 Apr 04 - 01:35 PM
Bill D 13 Apr 04 - 05:16 PM
John MacKenzie 13 Apr 04 - 05:30 PM
JohnInKansas 13 Apr 04 - 06:08 PM
Q (Frank Staplin) 13 Apr 04 - 08:38 PM
Stilly River Sage 13 Apr 04 - 09:10 PM
michaelr 13 Apr 04 - 10:17 PM
Bill D 13 Apr 04 - 10:50 PM
CarolC 13 Apr 04 - 11:01 PM
Q (Frank Staplin) 13 Apr 04 - 11:03 PM
CarolC 13 Apr 04 - 11:06 PM
Stilly River Sage 14 Apr 04 - 11:36 AM
michaelr 14 Apr 04 - 07:35 PM
Lancashire Lad 14 Apr 04 - 08:24 PM
Bill D 15 Apr 04 - 12:40 PM
CarolC 16 Apr 04 - 12:59 PM
GUEST,MMario 16 Apr 04 - 01:03 PM
GUEST,MMario 16 Apr 04 - 01:05 PM
CarolC 16 Apr 04 - 01:17 PM
JohnInKansas 16 Apr 04 - 01:27 PM
Bill D 16 Apr 04 - 02:04 PM
Stilly River Sage 16 Apr 04 - 02:08 PM
CarolC 16 Apr 04 - 02:17 PM
Stilly River Sage 16 Apr 04 - 02:24 PM
The Fooles Troupe 17 Apr 04 - 12:09 AM
CarolC 17 Apr 04 - 01:29 AM
Bill D 17 Apr 04 - 02:02 AM
JohnInKansas 17 Apr 04 - 02:09 AM
The Fooles Troupe 17 Apr 04 - 03:27 AM
Stilly River Sage 17 Apr 04 - 12:20 PM
CarolC 17 Apr 04 - 01:09 PM
Penny S. 17 Apr 04 - 05:44 PM
The Fooles Troupe 17 Apr 04 - 06:02 PM
Stilly River Sage 18 Apr 04 - 02:22 PM
JohnInKansas 18 Apr 04 - 09:41 PM
SueB 29 Apr 04 - 02:59 PM
Cluin 08 May 04 - 09:18 AM
JohnInKansas 10 May 04 - 01:04 PM
Cluin 10 May 04 - 03:29 PM
Q (Frank Staplin) 18 Sep 04 - 08:20 PM
Q (Frank Staplin) 19 Sep 04 - 01:02 PM
Share Thread
more
Lyrics & Knowledge Search [Advanced]
DT  Forum
Sort (Forum) by:relevance date
DT Lyrics:













Subject: Tech: spyware-etc..how it happens -what to do
From: Bill D
Date: 12 Apr 04 - 12:09 PM

if it has ever happend to you, or if you are just nervous reading horror stories by others---here is the straight dope about spyware..read as much as you can understand and have patience for. There is information about what CAN happen, how tricky it is to fight, and what can be done, including prevention. One of the major points is that protection is made much easier if you do not use the IE browser, as "Active-X" controls are one of the major ways this crap gets installed. (The 3rd item is the most 'interesting' perhaps, but is also the longest--if you don't read it in detail, scan it for the salient points)

Comments to the FTC

Junkware: A New Name for Spyware
(21 kb)


The Anatomy of a Drive-by-Download (952 kb)


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Duane D.
Date: 12 Apr 04 - 12:44 PM

We've had problems galore at work from unwanted spyware invading our computers and the only completely successful free removal software we've been able to fully use is Spy Sweeper. We have free downloads of Spybot and Adaware, but were only able to partially remove the unwanted garbage. Something else to be aware of, if you are on a LAN and one user on one node has Kaza installed, your whole network is accessable to outsiders.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: John MacKenzie
Date: 12 Apr 04 - 12:47 PM

I use Spy Hunter, as I am not impressed by people spying on my computer habits, it is in its way, worse then spam.
John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: michaelr
Date: 12 Apr 04 - 01:12 PM

Thank you, thank you, thank you, Bill D, for the links to Eric Howes' work. I have now a much better understanding of crapware, how it gets installed, and what it does to my PC.

Interestingly, I have some of the same problems he encountered during his test, and recognize the lyrics site and some of the toolbars that appeared on his system.

Thanks again, this is very helpful.

Cheers,
Michael


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: michaelr
Date: 12 Apr 04 - 01:17 PM

Here's a link I found in the Google ads at the bottom of the page: Compare Spyware Removers. Is anyone familiar with these programs?


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Cattail
Date: 12 Apr 04 - 01:24 PM

Many thanks for this Bill D, any help to understand and get rid of this crap is much appreciated.

Cheers for now

Cattail !


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Bill D
Date: 12 Apr 04 - 01:51 PM

a personal note...I use the AdAware and SpyBot S&D programs now & then, just in case...but the major way I avoid GETTING the stuff is thru a good firewall, (I use Kerio), and especially by using The Proxomitron. This may be the single more useful security item I know of. It functions as a web filter, passing everything your browser goes to thru a set of rules that YOU pick..(or use its defaults). Truly amazing product...no longer under development, but will be used for years to come.

Also, I 'almost' never use IE, relying instead on Opera and Mozilla browsers.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Nemesis
Date: 12 Apr 04 - 01:58 PM

Just on line again after two weeks (see "BS: TECH Buggary Bastards Rant" .. N-Case... nightmare...

This is a timely thread!


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Q (Frank Staplin)
Date: 12 Apr 04 - 04:01 PM

Spy Sweeper now retails on the net for $29.95. It seems to be PC Magazine's choice, but I would appreciate more comments before I shell out. How does it affect cookies? Outlook Express? Etc.?.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Bill D
Date: 12 Apr 04 - 04:37 PM

by the way--if anyone wants to do more than the default settings for The Proxomitron, here is a page that is a source for more of the filters that do the work...there are more than you will ever need, but you might find some that do special tricks for your needs.

http://www.jd5000.net/proxo/ ...


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Bill D
Date: 13 Apr 04 - 09:11 AM

and at least one refresh...because folks should know...


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: John MacKenzie
Date: 13 Apr 04 - 11:31 AM

Well I use Zone Alarm, and the crap still sneaks past it. I don't know about Spy Sweeper, but Spy Hunter cost me the same, and it doesn't appear to affect my cookies.
John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Bill D
Date: 13 Apr 04 - 11:38 AM

Zone Alarm and other firewalls only do part of the chores that are needed....and even in the firewalls there are details and levels of settings to adjust.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: GUEST,MMario
Date: 13 Apr 04 - 11:39 AM

the plain bald truth is that no matter What kind of blockers you have there will be some spillover because NO-ONE can update as fast as the worms/virii/trojans/spam/adware/spwware etc are modified.

NOT using IE is good protection. NOT enabling java is good protection. NOT enabling auto-updates is good protection.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Stilly River Sage
Date: 13 Apr 04 - 12:08 PM

Bill,

Last night after viewing a page that was linked from Mudcat (I wish I could remember which one!) I started getting messages from my firewall that "bundle.exe" and several other programs wanted to connect to the internet. My firewall recommended blocking it. I read that script carefully and it looked like my Windows Update couldn't get out to check my software status. I initially let one connect, but was peppered with a whole bunch more. I did a search on Bundle.exe and found it was a malware program. I tried to delete it but kept getting the message that it was in use and couldn't be deleted. I started up the AdAware and it found a whole bunch of little things that I dropped. Bundle was still in there. I updated AdAware and ran it again. It got more stuff, but still Bundle.exe stayed put. I finally opened AdAware again and did a custom scan. I took it to this address (modified to reflect what your computer might be called)
C:\Documents and Settings\Your Computer's Name\Local Settings\Temp and said "scan this" and it picked up Bundle.exe and quarantined it.

I then went in and dumped most of the cookies in that file (there were so many I simpled selected all of them and went through and deselected the ones I wanted to keep). It had been a while since I last did this. I hadn't read this thread of yours yet, but it's good timing, and if you hadn't started it I would have. Thanks for the recommendations on programs. I'll go take a look at those later.

SRS


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: GUEST,leeneia
Date: 13 Apr 04 - 01:35 PM

I really appreciate the information you all have supplied here. This morning I downloaded Adaware from the PCWorld site, and it found 71 bad items. Thanks!


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Bill D
Date: 13 Apr 04 - 05:16 PM

SRS...yeah, and if it can happen to someone like you, who is pretty computer literate, think what is happening to folks who wouldn't know a byte if it bit 'em!....I get those "blah,blah wants to connect to your PC at port 1234" or "Program XYZ requests outgoing connection to send a datagram..." unless I know exactly what they are doing, the answer is "no"..if it is important, they'll try again.

The better firewalls will keep a log, if you ask 'em, of all the traffic for 'x' number of days, and you can go read it at your leisure and do some deciding. Some of those requests are just random 'door knocking', looking for a place to sneak in, some are spy programs trying to send messages out...and some ARE just benign attempts to do an update, or to access a CDDB file for a music program (but these you can make rules allowing activities you approve of)...

It's really tedious having new problems to fight every year, and I can't comprehend what the makers of intrusive software hope to gain by pissing everyone off!


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: John MacKenzie
Date: 13 Apr 04 - 05:30 PM

What happens to IE if I download Netscape, it is after all built in to Windows? Will it affect other things on XP Pro because it's not a Windows programme?
John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: JohnInKansas
Date: 13 Apr 04 - 06:08 PM

Stilly River Sage -

I don't recall which system you're using, but in WinXP (and I believe in Win2K) when you get the "file in use" thing trying to delete something, you can Ctl-Alt-Del to bring up Task Manager and select the "Processes" tab. You should be able to "end process" on the thing you want to delete, and then immediately use WinExplorer to delete it.

For older systems, if you can get a good i.d. on the file, you can usually reboot to DOS and delete there, if you're sufficiently handy with simple DOS commands.

A lot of this crud puts itself in the Start/Startup folders so that it turns on every time you start Windows. Sometimes just removing it from startup (which you can usually do, since the "file" in startup is usually just a shortcut to the one actually running) and then restarting Windows will let you get to it in older systems as well.

Giok - Quite a few people use Netscape, and it seems to get along with XP pretty well. You can't actually remove IE, since it's linked into a whole bunch of basic Windows functions, but you can tell it not to be your web browser and it shouldn't complain about it.

John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Q (Frank Staplin)
Date: 13 Apr 04 - 08:38 PM

For dubs like me only-
Because the local cable system suggested using Outlook Express for mail, and IE for the net since they were no longer going to support Netscape, I switched to IE-OE. I had left several messages in my Netscape mail, and I went back to get copies. By doing so, I not only changed preferences, by just clicking on the Netscape desktop logo, but I couldn't go back and start up OE. The cable technician had to take me through a number of steps to get back to OE.
Just changing back on Preferences was not enough.
Someone more familiar with computers would be able to go through the steps without assistance, I presume, but this dub was stuck.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Stilly River Sage
Date: 13 Apr 04 - 09:10 PM

These programs are quite territorial--many of the music and other programs want to make themselves default and ask any time you activate them.

DOS is an option, and I used to use it quite a lot, so I think it would come back to me. It was easy enough to go online and find DOS commands.

I hadn't thought of the control/alt/delete, but I would have gotten there eventually if AdAware hadn't dumped it for me.

I tell my kids "say no!" to any time it asks and come tell me. I have friends who are babies at computers, elderly folks, and I can see the need to sit down with them and encounter these things and show them what to do. I fear viruses are going to attack them soon if they haven't already. Time to call and ask, since they don't send email often. I ran AdAware at work on my computer there, and while it found obnoxious cookies, there were no applications to remove. We have texts and programs running to remove that stuff system-wide, though there have been notable failures also. Updates have to be done manually, and the IT folks go from computer to computer to do them. I would do it, but I am not an administrator so I have to wait for them to get there. It must be tedious for them to know there are those of us who would maintain our computers just fine, but they have to deal with the lowest common denominator, a group who don't know how and don't care to know how.

SRS


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: michaelr
Date: 13 Apr 04 - 10:17 PM

a group who don't know how and don't care to know how.

That group would include me... I never signed up for all this crap when I bought my PC, and I'm reluctantly learning.

I thought it would all be automatic! I think Microsoft has an obligation to build protections into Windows which would make the use of firewalls, anti-virus programs, spy hunters etc. unnecessary.

Just give us a box that asks "Do you want your system to be vulnerable to this crap?" and if you click No, it isn't.

They could do that, couldn't they?

Cheers,
Michael


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Bill D
Date: 13 Apr 04 - 10:50 PM

I 'think' this has been mentioned before, but not recently...so...

One VERY useful program is WinPatrol It has a Scotty dog mascot/icon which 'stands guard' and monitors many things, especially any attempt to add commands to your startup list..(the things which start automatically with Windows)...so even if a malware program does get onto your computer, Scotty barks (if you want) and asks you if you approve and allow these new commands! It also monitors cookies and allows you to delete the ones you are not sure of..and it will read what processes are actually running on your machine...in case something 'feels' funny...like too slow.

You can almost forget it is running until it does you a favor!


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: CarolC
Date: 13 Apr 04 - 11:01 PM

I love this page in the proxomitron site:

Shonenware

Shonenware is a concept dedicated to the support of the one-and-only, world famous, female power-trio from Osaka Japan Shonen Knife - kawaii creators of the very best music in the world!

Under the terms of Shonenware, Proxomitron is free for personal use. You can use the program as often as you like for as long as you like. You are under no restriction to stop using it after so many days, or indeed ever! You can also, of course, freely copy it as long as you abide by certain conditions (see below). However, If you find the program useful you're encouraged to "register" it.

How to register....

To register simply go out and buy any CD, record, or tape by Shonen Knife, listen to it carefully, and e-mail me your impressions of the album. Be sure to include detailed-enough descriptions of the songs to convince me that you actually *did* buy the album ;-). Alternately, mail (not email - no binary attachments please) me a picture of you holding the CD. If you can convince me you really do own a Shonen Knife album, well, then you're registered...

...Why register...

Although not required, Registration accomplishes they following nifty things.

It makes me happy (because I like Shonen Knife)!
It makes Shonen Knife happy and allows them to make more albums which...
It makes the entire world a happier place!
And most importantly, it can make you happy since it results in owning a magical Shonen Knife album of your very own!
Now, how often does registering a program give you the chance to improve the entire world? ;-)


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Q (Frank Staplin)
Date: 13 Apr 04 - 11:03 PM

Just remember that much of this stuff apparently is legal- stopping it dead could end in court action. One such case in the paper yesterday, didn't read the details which looked scrambled by the news staff.
Luddites arise! Storm the Congress!


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: CarolC
Date: 13 Apr 04 - 11:06 PM

Just give us a box that asks "Do you want your system to be vulnerable to this crap?" and if you click No, it isn't.

*G*

That kind is called a Mac.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Stilly River Sage
Date: 14 Apr 04 - 11:36 AM

I went in this morning again to see what popped up after I'd removed stuff yesterday. I did another deep scan, sending it into Windows to look for stuff lodged in there. I came up with one more malware, a parasite called "e2give" that has a couple of variants. It's loaded by (drum roll, please) an ActiveX drive-by. I set the IE browser to ask me if it may run ActiveX scripts and so far it only comes up with places it should be--like on banking and such. But I'll be curious to see who else tries to run them.

http://www.doxdesk.com/parasite/E2Give.html has some interesting information about e2give.

Description
E2Give is an Internet Explorer Browser Helper Object that redirects accesses to web merchants in order to claim their affiliate fees.

Distribution
Installed by ActiveX drive-by download, believed to be used in pop-up advertisements.

What it does

Advertising
No.

Privacy violation
Not known.

Security issues
Not known.

Stability problems
No, though it can make opening new Windows Explorer windows very slow.

Removal
The E2GBHO variant has an entry in the Control Panel's Add/Remove Programs feature — choose 'E2Give Browser Add On'

Oh, by the way. Windows has more important security updates they released yesterday. Go ahead and visit Windows Update and get them installed.

SRS


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: michaelr
Date: 14 Apr 04 - 07:35 PM

CarolC -- I'm tempted, I surely am.

Cheers,
Michael


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Lancashire Lad
Date: 14 Apr 04 - 08:24 PM

I dont want to sound smug but...........
I have had zero per cent problems with spyware, viruses, etc ever since I changed from PC to a Mac....I should have done it years ago

LL


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Bill D
Date: 15 Apr 04 - 12:40 PM

the problem is...many folk are committed to PCs for business reasons, and it would be a very major expense to switch. And...if most people did switch to Macs, it would only be a matter of time before viruses were written for them. There are 40 or more Mac specific viruses now...but most writers of viruses are ON PCs, and although many happen because they hate Microsoft, others are written just because some idiots want to cause trouble.

I do agree that Macs have various features which are superior, and if it were easy, it would be 'better' to switch..If I were rich, I'd have both.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: CarolC
Date: 16 Apr 04 - 12:59 PM

I was under the impression that the Mac is less prone to viri and problems like that because its OS doesn't have a lot of holes and other flaws in it like Windows does. Is this incorrect?


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: GUEST,MMario
Date: 16 Apr 04 - 01:03 PM

to a certain extent that is true Carol - however there ARE some mac virii and worms, trojans, etc. they are just far less common.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: GUEST,MMario
Date: 16 Apr 04 - 01:05 PM

more insidiously - there are trojans and worms that will not effect a mac - but DO effect documents created with MS products ON a mac - therefore making the mac effectively a 'typhoid mary'.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: CarolC
Date: 16 Apr 04 - 01:17 PM

Ah. Well there you go then ;-)

I installed the Adaware and Spybot programs as well as getting free 30 day trials of McAffee's firewall and privacy protection (we already subscribe to McAffee's virus protection), and I got a security update from Microsoft and installed a pup-up blocker, all because of reading this thread. I'm very impressed so far.

I also installed the Proxomitron stuff, but I can't tell if it's working or not.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: JohnInKansas
Date: 16 Apr 04 - 01:27 PM

The most recent eWeek virus report includes at least one new virus affecting Apple/Mac systems. It has not (?) been found "in gneral distribution" as yet, but is probably just waiting.

In addition, several of the "Multimedia Player" programs have found similar "holes" in their programs that could be used by malware to gain access to your machine. RealPlayer was one (noted because almost everyone has it), and there were several others. Patches are "pending" for most of them, but no info on how effective the current fixes are. Since the threat here is "undeveloped" it probably makes sense to give them a week or so before worrying too much about getting fixed. It's not clear whether this particular hole depends on what OS you're using the program on, or whether it's confined to specific versions of the programs.

John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Bill D
Date: 16 Apr 04 - 02:04 PM

Carol..the Proxomitron MUST have settings in your browser telling Proxo to filter stuff. You would go to the proxy settings and enter 'localhost' and '8080' in the proper boxes. After that it is almost transparent. (With some of the settings you can choose, Proxomitron will eliminate most 'banner ads', but will replace it with a little [ad]
that shows it is working...or you can choose nothing at all).....it has MANY possible filters you can set even in the 'out-of-the-box' version, and many more in the page I noted..


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Stilly River Sage
Date: 16 Apr 04 - 02:08 PM

and installed a pup-up blocker

Carol, if you subscribe for an entire year they'll send you the dog-blocker. The cat-blocker is extra. :)

A note if you buy music over the interent--back up your licenses. I had only one song, purchased for my daughter. I had to sign up for the licensing stuff at the time, but I didn't think of that and when I got rid of all of the tracking material this week with AdAware, I lost the license. I'll have to buy that song again if I want it, and this time I'll know to back it up on a disk somewhere.

Here is the Windows Media Player info about this problem. You might want to bookmark this page--it took me a while last night to find it, and it took me a while again just now to relocate it.

SRS


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: CarolC
Date: 16 Apr 04 - 02:17 PM

I thought I did do that, Bill, but I have to admit that I don't understand a lot of the things I'm seeing in the place where you choose your preferences. For instance, I thought I chose to have it stop banners from being animated or from flashing or anthing like that, but they're still moving around and flashing, etc. I'll go have another look.

SRS- you got me ;-)


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Stilly River Sage
Date: 16 Apr 04 - 02:24 PM

Oh, well, don't look to me for spelling perfection either:

    A note if you buy music over the interent


Whatever.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: The Fooles Troupe
Date: 17 Apr 04 - 12:09 AM

CarolC "I was under the impression that the Mac is less prone to viri and problems like that because its OS doesn't have a lot of holes and other flaws in it like Windows does."

Well every OS does have holes that can be exploited. There are relatively few Macs out there compared with Windows Boxes, and furthermore, Macs, being usually more expensive, are less likely to be acquired by the "script kiddies". Also, the availability of the technical info for creating the nasty stuff is more easily available for Min boxes than Macs.

This merely means that there have been very few virus creators out there spending anywhere near the same total amount of resources on the task.

Robin


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: CarolC
Date: 17 Apr 04 - 01:29 AM

I understand Robin.

On a different note... so now I'm really disappointed. After installing the McAffee firewall and privacy thingie, I found that I couldn't access some sites that I very much needed to access. So I had to uninstall them and just keep the other stuff (Spybot, AdaWareI, and pop-up blocker) installed. I also uninstalled the Proxomitron, but I don't think that was a part of the problem, so I'll probably try re-installing that one as well.

Has anyone else had a problem like this?


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Bill D
Date: 17 Apr 04 - 02:02 AM

Proxomitron deosn't need to be uninstalled...you can just right click on the icon and select 'bypass' to turn it off briefly if you think one of its settings is interfering with something.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: JohnInKansas
Date: 17 Apr 04 - 02:09 AM

CarolC -

It sounds like you've run into the same sort of setting/option thing described above for IE. You should be able to "give permission" on a case-by-case basis to accept cookies (usually the problem) or to "trust this site" (another euphemism, but descriptive).

Unfortunately, decent driver's manuals are seldom to be found; but appropriate adjustment of settings should allow you to go anywhere you want with the firewall in place. It should warn you about any questionable sites, but should be "setable" to allow you to decide whether to block or permit the access. All you have to do is find the right place to tell it you're still in charge.

John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: The Fooles Troupe
Date: 17 Apr 04 - 03:27 AM

Yes. I recently upgraded from Win98 to SE and upgraded to the new IEv6SP1, and was puzzled, until I realised that the "security" (a bit of a misnomer for Mickey$oft I agree!) settings were different in the new version.

A very few places such as Mudcat that I regularly visit, I have now entered into the "trusted" (I have already made my comment!) zone.

CarolC, you will need to do the same sort of "fiddle" (rather appropriate what!) with the Macafee stuff propbably as described for the IE stuff. In spite of being less impressed with Macafee than I used to be, having it is probably much better than no such firewalling etc stuff. I have no experience with Prox.

Robin


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Stilly River Sage
Date: 17 Apr 04 - 12:20 PM

I have several programs installed for checking what cookies and small programs are on my computer, but I don't have them set to run in the background because they are too limiting. I instead am careful in my browsing and every so often open one of these programs and scan for stuff to remove it. My firewall limits some access, and I move the cursor over the icon in the "tray" (bottom of the screen) and a right mouse click brings up a short menu so I can disable it temporarily. Keep in mind, you don't necessarily want to remove everything you find. If you don't want to keep logging on at Amazon or telling it not to create "my page" you should leave the Amazon cookies alone, etc.

The Google Toolbar has been very helpful in preventing the annoying popup ads, and that can easily be set on a case by case basis.

SRS


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: CarolC
Date: 17 Apr 04 - 01:09 PM

I'm currently researching companies that use certain kinds of steering wheels in their products (ATVs, fork lifts, garden tractors, etc.), and I found that some of their websites have such obnoxious features (check out the Honda and Polaris ATV pages), that I couldn't get into either of them with the McAffee firewall and privacy programs running. I also couldn't get into the Webster's online dictionary, which puzzles me a bit.

They probably won't let me re-install them, since they were 30 day free trials, but I'll give it a try and see what happens.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Penny S.
Date: 17 Apr 04 - 05:44 PM

I've run into a problem with the FriendsReunited site, since it changed its look a little while back. They seem to want my cookie settings much lower than I feel comfortable with, and though I set both IE6 and McAfee Firewall and Internet Security to let everything in while I tried it, it still wouldn't run. (I didn't change the pop-up settings though.) They didn't seem bothered when I contacted them, so I don't go there any more. (Not at home, anyway.) I find it a little unhelpful of them, and other sites, to demand a low security setting from their visitors.

Penny


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: The Fooles Troupe
Date: 17 Apr 04 - 06:02 PM

CarolC,

re the "Once only free-trial stuff". They have to leave a foot print somewhere on the PC, often in the Registry, to prevent re-installation. I am not fully up-to-date on all the techniques of how you track them down, but I am sure someone here can help.

Robin


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Stilly River Sage
Date: 18 Apr 04 - 02:22 PM

I have IT friends at work who have software like that, and simply tell the computer to "go back" to a time prior to when it was installed and can use it again.

I'm sure you can lose a lot of other stuff this way if you don't back up stuff and replace it after that maneuver.

I have been tweaking the security settings. In the middle of that this morning my DSL modem crashed. I had to turn everything off and turn it back on again. For some time now my IE hasn't been able to open the web page for access to the web version of my email. Netscape has no such problems. It must be the settings I've been toying with. I even trying restoring the IE default and it still doesn't open. Looks like I'll be reading my web mail via Netscape.

SRS


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: JohnInKansas
Date: 18 Apr 04 - 09:41 PM

Most of the "free trial" stuff I've run into puts a "timestamp" on the machine when you install it, so that they know when to bug you about paying for it; but if you uninstall, the "timestamp" is also removed, since it's usually in an install log that goes away with the program. You can usually re-install and start fresh without much hassle. (I've reinstalled the demo Sibelius about 4 times - and still can't convince myself I should cough up the extortion fee to buy it.)

The problem with reinstalling AV or Firewall stuff from an "old" version is that the "signature" files will be out of date so rapidly that you probably should see if you can download a "fresh" copy (if you got it via download), just so it's got what's going on now (or at least recently) instead of "protecting you" from stuff that's so old it doesn't circulate much any more.

John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: SueB
Date: 29 Apr 04 - 02:59 PM

Bill D, you have my eternal gratitude for creating this thread. (This morning I became aware that my computer had been violated! Having read this thread recently, I was able to recognize the symptoms, and knew what to do.)
Thank you thank you thank you -Suzanne


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Cluin
Date: 08 May 04 - 09:18 AM

A quick primer site covering the basics we should all learn before venturing forth to grandmother's house, picnic basket full of cookies in hand....    http://www.cjwd.demon.co.uk/compsafetyonline.html

Especially see the bit about malware/spyware/adware, download and run buth Spybot S&D and Ad-Aware, as per instructions here.
(Don't forget to click the IMMUNIZE button in Spybot S&D to change your browser settings to make things more secure)

Then try running the browser test at this site to see how vulnerable you are: http://www.jasons-toolbox.com/BrowserSecurity/

I ended up infected with the COOLWEBSEARCH malware (crapware, pusware, shitware, prickware, pukeware, etc.) a little while ago (I don't know how but it was definitely through web-browsing, not e-mail) but it took running CWSHREDDER (several times in fact to get it all), Spybot S&D, and Ad-Aware to finally clean it all off and get my browser back to normal. My searches were being hijacked and links and downloads all being pulled to the same justsowrong sleazy "search" page full of their targetted products. It also kept resetting my start page and putting a chubby-chasers porno site in my Favorites list, no matter how many times I deleted it. Some of this stuff even keeps Spybot S&D and its ilk from working or won't allow you to download anything else. SOMEbody out there deserves a good steel-toed boot to the groin, I tell ya...


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: JohnInKansas
Date: 10 May 04 - 01:04 PM

Not really spyware, but this is the most recently active thread remotely related:

Police track down creator of Sasser worm
BY MATTHEW SCHOFIELD
Knight Ridder Newspapers

BERLIN — In the end, police discovered the source of the Sasser computer worm, which in recent days shut down Finnish banks, the British Coast Guard and millions of computers worldwide, in the homemade computer of an 18-year-old kid.
Acting on a tip from software giant Microsoft, police on Friday raced into the northern German village of Wafferisen to search the home of a technical school student-programmer and hacker. By Saturday, the student had confessed, experts had reviewed seized materials and the case was seen as a wrap. "We found the source code on a computer he had made by himself," said Frank Federau, spokesman for the police. A statement by investigators added that "as a result of the student's detailed testimony about the viruses he spread, he has been identified clearly as the author." Police declined to name the young man, whose four variants of the Sasser worm are still out there and are expected to cause damage for some time.
The teenager is being investigated on suspicion of computer sabotage, which carries a maximum sentence of five years in prison, said Detlef Ehrike, a spokesman for the state criminal office. After being questioned, he was released pending charges.
The teenager told officials that his original intention was to create a virus that would combat the "Mydoom" and "Bagle" viruses, removing them from infected computers. In the course of that effort, he developed the "Netsky" virus further - and after modifying it, Sasser. "The student did not give any thought to the resulting consequences or damage," investigators said.

Contributing: Associated Press
As published, Wichita Eagle, May 9, 2004, page 4A.

Once in while, they DO get caught.

John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Cluin
Date: 10 May 04 - 03:29 PM

For punishment, he should be forced to do free tech support for a year to everybody's grandparents.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Q (Frank Staplin)
Date: 18 Sep 04 - 08:20 PM

Information please-
Spyware Doctor (the pay version) has removed everything that has shown up except one item. On average, about a dozen per day show up on scan, mostly from searching the internet. The one that can't be removed doesn't cause any problems that I can find, but information on it would be appreciated.
Can it be removed? Should I subscribe to Ad-aware as well?

On the system scans it shows as:
"General Scanner. Marketed as a program to add graphical skins to IE toolbars, it also adds its own --- Location- Multiple." It cannot be removed or quarantined.

I have Norton installed and updated by Symentec.
I haven't disabled or changed Security settings on internet options. An article in Oct. 2004 PC World seems to have the "how-to" but it is for the latest X version, not 98. There are slight differences in the tools instructions.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: spyware-etc..how it happens -what to do
From: Q (Frank Staplin)
Date: 19 Sep 04 - 01:02 PM

refresh


Post - Top - Home - Printer Friendly - Translate
  Share Thread:
More...

Reply to Thread
Subject:  Help
From:
Preview   Automatic Linebreaks   Make a link ("blue clicky")


Mudcat time: 23 October 6:22 PM EDT

[ Home ]

All original material is copyright © 1998 by the Mudcat Café Music Foundation, Inc. All photos, music, images, etc. are copyright © by their rightful owners. Every effort is taken to attribute appropriate copyright to images, content, music, etc. We are not a copyright resource.