Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Spyware
Old 06-24-2005, 09:30 PM   #1
Recycles dryer sheets
 
Join Date: Mar 2005
Posts: 90
Spyware

Suckered with Spyware is recent days. Slickest PC takeover I've ever seen.
NO obvious email attachments, downloads, java applets, or new plugins were involved.

Suspect it was a rogue activeX control stealthily downloaded from a popup webpage. But could also have been an open Port/Dcom style attack as documented by 'messysoft'.

Question is this:
Has anyone a simple method i.e. an IE Toolbar app, that expedites the enabling/disabling of IE Internet-Explorer Security options?
*
(Preferably a tool for multiple systems: Win98, NT, XP)

IE6.0 Examples :-
1. Tools->Internet options->Advanced-Show Pictures

2. Tools->Internet options->Security->Custom Level->Active Scripting

3.Tools->Internet options->Security->Custom Level->Run/Script/Download activeX controls . .
(whether signed/unsigned or marked/unmarked safe) . .
__________________

__________________
1.Convert Euro assets to US$ now or not?<br />2.Tax haven work, anyone ventured?<br />3.ER income from Real-Estate or Equities?<br />4.ER to Canada or US?<br />5.Lifesavings secure in Funds after Worldcon/Enrot/Equitable Life?<br />6.House price correction risk as rates go up?<br />7.Prop arbitrage i.e. CA &gt; 20% IL&lt;8%?
ER@40 is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Re: Spyware
Old 06-24-2005, 10:32 PM   #2
Moderator Emeritus
laurence's Avatar
 
Join Date: Feb 2005
Location: San Diego
Posts: 5,234
Re: Spyware

Hmm, well, find the keys in the registry, then throw two reg updates on your desktop, one with them on, one off. When you are worried, double click the hi security one and say yes to updating the registry, then when you need them changed, click the other. Best I can do while taking a mental break at work. If no one improves on this answer I'll find and get you the registry keys Tuesday (Big Heapum Presentation on Monday).
__________________

__________________
laurence is offline   Reply With Quote
Re: Spyware
Old 06-24-2005, 10:49 PM   #3
Recycles dryer sheets
 
Join Date: Mar 2005
Posts: 90
Re: Spyware

Quote:
Originally Posted by Laurence
Best I can do while taking a mental break at work.* If no one improves on this answer I'll find and get you the registry keys Tuesday (Big Heapum Presentation on Monday).
Have had many of those days. Thanks but please don't go to any great trouble.

Ideally I'd like to mimic the APPLY button on the Internet Options dialog, so that the immediate current session of IE is updated.

I don't know how to do this though by executing reg files manually, it would only impact future IE sessions I think?
__________________
1.Convert Euro assets to US$ now or not?<br />2.Tax haven work, anyone ventured?<br />3.ER income from Real-Estate or Equities?<br />4.ER to Canada or US?<br />5.Lifesavings secure in Funds after Worldcon/Enrot/Equitable Life?<br />6.House price correction risk as rates go up?<br />7.Prop arbitrage i.e. CA &gt; 20% IL&lt;8%?
ER@40 is offline   Reply With Quote
Re: Spyware
Old 06-24-2005, 10:57 PM   #4
Moderator Emeritus
laurence's Avatar
 
Join Date: Feb 2005
Location: San Diego
Posts: 5,234
Re: Spyware

Alas, you are correct sir. BTW, no big trouble, if I come up with something just by happenstance, I'll let you know.
__________________
laurence is offline   Reply With Quote
Re: Spyware
Old 06-25-2005, 01:16 AM   #5
Thinks s/he gets paid by the post
wabmester's Avatar
 
Join Date: Dec 2003
Posts: 4,459
Re: Spyware

Quote:
Originally Posted by ER@40
Suspect it was a rogue activeX control stealthily downloaded from a popup webpage.
What makes you think that? Virtually all of the web-borne viruses have been exploits of Microsoft bugs. Typically stack overflows in buggy code that doesn't do any bound checks. The virus then executes code on the stack to get control. IE will tell you if you're downloading an ActiveX control, but there's little you can do to stop an MS-bug exploit. Of course, make sure you've downloaded the latest security patches from Microsoft. And then switch to Firefox.
__________________
wabmester is offline   Reply With Quote
Re: Spyware
Old 06-25-2005, 06:15 AM   #6
Recycles dryer sheets
 
Join Date: Oct 2004
Posts: 178
Re: Spyware

The Firefox advice is spot on. Switch over immediately, or sooner.

http://www.mozilla.org/products/firefox/

Or better still, Mac yourself.

Ed
__________________
gratefuled is offline   Reply With Quote
Re: Spyware
Old 06-25-2005, 07:41 AM   #7
Full time employment: Posting here.
 
Join Date: Apr 2005
Posts: 577
Re: Spyware



Mac and firefox for sure.

Got 'em both.
__________________
kat is offline   Reply With Quote
Re: Spyware
Old 06-25-2005, 10:50 AM   #8
Moderator Emeritus
laurence's Avatar
 
Join Date: Feb 2005
Location: San Diego
Posts: 5,234
Re: Spyware

You see? Don't listen to me when I'm working late, I was using Firefox right that moment and failed to mention it. Also, Ewido is a great anti-spyware tool, much better than ad-aware or spybot, and it's priced right for ER.....FREE!
__________________
laurence is offline   Reply With Quote
Re: Spyware
Old 06-25-2005, 12:48 PM   #9
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
cute fuzzy bunny's Avatar
 
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,697
Re: Spyware

Firefox, norton antivirus and the free microsoft antispyware. Occasionally run spybot and adaware as those snag some cookies that microsoft antispyware and NAV dont get.

So far no hijacks, no viri, and no spyware that didnt come preloaded with software I intentionally loaded.
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
cute fuzzy bunny is offline   Reply With Quote
Re: Spyware
Old 06-25-2005, 09:32 PM   #10
Thinks s/he gets paid by the post
charlie's Avatar
 
Join Date: Mar 2004
Location: Dallas
Posts: 1,211
Re: Spyware

Thanks for the tip, Lawrence. I downloaded Ewido and it found
39 infected files. It took about 4 hours to run, however.

Cheers,

Charlie

__________________
charlie is offline   Reply With Quote
Re: Spyware
Old 06-26-2005, 08:56 AM   #11
Thinks s/he gets paid by the post
BUM's Avatar
 
Join Date: Feb 2004
Location: Mid Hudson Valley
Posts: 1,778
Re: Spyware

AAAIIIIEEEEEEEEEEEEE! I hate that f' in s**t. I've been happy with FFox for almost a year now. But DW can't play certain games or visit certain sites (no not those sites) without IE. So she ocassionally uses IE and a few days later WHAM!

"Honey, my computer is frozen again and I can't get this annoying shopping thing off my screen, and I DIDN'T DO ANYTHING. Can you fix it please, but don't lose my bookmarks, IM stuff and homepage, and..." .


"Don't worry. Bring your laptop over here and I'll fix it (AGAIN)

__________________
In a panamax down by the river.
BUM is offline   Reply With Quote
Re: Spyware
Old 06-26-2005, 11:32 AM   #12
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Brat's Avatar
 
Join Date: Feb 2004
Location: Portland, Oregon
Posts: 5,913
Re: Spyware

Caution

I downloaded "ewido" and have two issues at the moment:* there is no remove feature; and there is no way for me to tell it that cookies from this website are OK, delete all the others.
__________________
Duck bjorn.
Brat is offline   Reply With Quote
Re: Spyware
Old 06-26-2005, 11:40 AM   #13
Moderator Emeritus
laurence's Avatar
 
Join Date: Feb 2005
Location: San Diego
Posts: 5,234
Re: Spyware

Hmmm, I have it under control panel-add/remove programs. I'm able to unselect files when I scan for infections, and this site remembers me when I come back. What OS are you running? (XP here).

Note-not saying I'm an expert on Ewido or saying it's the second coming, but it has helped me succesfully remove spy ware that spy bot and adaware could not, and it finds files they don't, where I have not found the reverse. Plus some white hat hacker boards I lurk at recommended it. It is important to vet your anti-spyware products though. So many of them are really just spyware themselves.

Here's a review:

http://www.anti-trojan-software-revi...view-ewido.htm

__________________
laurence is offline   Reply With Quote
Re: Spyware
Old 06-26-2005, 08:32 PM   #14
Recycles dryer sheets
 
Join Date: Mar 2005
Posts: 90
Re: Spyware

Quote:
Originally Posted by wabmester
What makes you think that?* *Virtually all of the web-borne viruses have been exploits of Microsoft bugs.* *Typically stack overflows in buggy code that doesn't do any bound checks.* *The virus then executes code on the stack to get control.* *IE will tell you if you're downloading an ActiveX control, but there's little you can do to stop an MS-bug exploit.*
Yep - suspect it was a 'buffer overrun' style attack that set in motion seed code to kick-off download of the actual Spyware. There was also a CAB file created with an activex - suspect this was a follow on to the initial attack - more spyware maybe or an additional app to enable macro level OS changes like registry and file manipulation etc. (a guess)

Had ventured towards IE alternatives such as Opera/Mozilla a few years ago but was disappointed at how slow and uncustomisable they were. Perhaps its time to take another look . . .
__________________
1.Convert Euro assets to US$ now or not?<br />2.Tax haven work, anyone ventured?<br />3.ER income from Real-Estate or Equities?<br />4.ER to Canada or US?<br />5.Lifesavings secure in Funds after Worldcon/Enrot/Equitable Life?<br />6.House price correction risk as rates go up?<br />7.Prop arbitrage i.e. CA &gt; 20% IL&lt;8%?
ER@40 is offline   Reply With Quote
Re: Spyware
Old 06-26-2005, 08:41 PM   #15
Recycles dryer sheets
 
Join Date: Mar 2005
Posts: 90
Re: Spyware

Quote:
Originally Posted by gratefuled
The Firefox advice is spot on. Switch over immediately, or sooner.
http://www.mozilla.org/products/firefox/
Or better still, Mac yourself.
Ed
Congrats Gratefuled on being recently FIREd (literally).
Downloaded Firefox, so far its pretty good - and only a 4.x MB foot-print - nice!

FireFox is better built to work with 'Load Images' turned off. Another reason for the original post was to look at speeding up page loading and minimize ads. Currently only have dial-up (neighborhood has '3rd world' broadband coverage), and LYBM means not ordering a deluxe burst satellite transmitter .
__________________
1.Convert Euro assets to US$ now or not?<br />2.Tax haven work, anyone ventured?<br />3.ER income from Real-Estate or Equities?<br />4.ER to Canada or US?<br />5.Lifesavings secure in Funds after Worldcon/Enrot/Equitable Life?<br />6.House price correction risk as rates go up?<br />7.Prop arbitrage i.e. CA &gt; 20% IL&lt;8%?
ER@40 is offline   Reply With Quote
Re: Spyware
Old 06-26-2005, 08:59 PM   #16
Recycles dryer sheets
 
Join Date: Mar 2005
Posts: 90
Re: Spyware

Quote:
Originally Posted by Notth
Firefox, norton antivirus and the free microsoft antispyware.* Occasionally run spybot and adaware as those snag some cookies that microsoft antispyware and NAV dont get.
Traditionally have been afraid to rely on Anti-spyware/anti-virus apps because they offer a false sense of security :-
1. Frequently too slow to prevent world wide virus/spyware outbreaks.
2. Frequently register false positives for adware&spyware - sometimes even viruses. They can block legitimate software installs.
3. Have dial-up only. Download of updates therefore is a headache.

Is there a common view that Ewido, free Microsoft antispyware spybot and adaware etc are updated sufficiently (catching everything) and have small file-size downloads and updates?
__________________
1.Convert Euro assets to US$ now or not?<br />2.Tax haven work, anyone ventured?<br />3.ER income from Real-Estate or Equities?<br />4.ER to Canada or US?<br />5.Lifesavings secure in Funds after Worldcon/Enrot/Equitable Life?<br />6.House price correction risk as rates go up?<br />7.Prop arbitrage i.e. CA &gt; 20% IL&lt;8%?
ER@40 is offline   Reply With Quote
Re: Spyware
Old 06-26-2005, 09:27 PM   #17
Moderator Emeritus
Nords's Avatar
 
Join Date: Dec 2002
Location: Oahu
Posts: 26,616
Re: Spyware

Quote:
Originally Posted by ER@40
Is there a common view that Ewido, free Microsoft antispyware spybot and adaware etc are updated sufficiently (catching everything) and have small file-size downloads and updates?
To me it seems to be the price of roaming the big bad Internet. Do you have a better solution?
__________________
*
*

The book written on E-R.org, "The Military Guide to Financial Independence and Retirement", on sale now! For more info see "About Me" in my profile.
I don't spend much time here anymore, so please send me a PM. Thanks.
Nords is offline   Reply With Quote
Re: Spyware
Old 06-26-2005, 10:12 PM   #18
Recycles dryer sheets
 
Join Date: Mar 2005
Posts: 90
Re: Spyware

Quote:
Originally Posted by Nords
To me it seems to be the price of roaming the big bad Internet.* Do you have a better solution?
Even Microsoft see its about time that virus/spyware security (& updates) be included in the OS. There should be hardware locking of system files on a hard drive, similar to how the BIOS write-protects the boot-sector. And memory allocated to executable code should only be populated by files stored on this locked drive, and afterwards be read-only.

After all code whether running or stored shouldn't be editable in the same way say an Office document is. And it shouldn't be possible to part modify an executable whatsoever. (Self-modifying code went out with memory constraints).

But previously was really asking - where dial-up is the only available net service,* *how practical are many of these options on an ongoing basis? (i.e. the above review of FREE Ewido states that the free version is missing all the key features!)
__________________
1.Convert Euro assets to US$ now or not?<br />2.Tax haven work, anyone ventured?<br />3.ER income from Real-Estate or Equities?<br />4.ER to Canada or US?<br />5.Lifesavings secure in Funds after Worldcon/Enrot/Equitable Life?<br />6.House price correction risk as rates go up?<br />7.Prop arbitrage i.e. CA &gt; 20% IL&lt;8%?
ER@40 is offline   Reply With Quote
Re: Spyware
Old 06-27-2005, 01:07 AM   #19
Moderator Emeritus
Nords's Avatar
 
Join Date: Dec 2002
Location: Oahu
Posts: 26,616
Re: Spyware

Quote:
Originally Posted by ER@40
Even Microsoft see its about time that virus/spyware security (& updates) be included in the OS. There should be hardware locking of system files on a hard drive, similar to how the BIOS write-protects the boot-sector. And memory allocated to executable code should only be populated by files stored on this locked drive, and afterwards be read-only.

After all code whether running or stored shouldn't be editable in the same way say an Office document is. And it shouldn't be possible to part modify an executable whatsoever. (Self-modifying code went out with memory constraints).

But previously was really asking - where dial-up is the only available net service,* *how practical are many of these options on an ongoing basis? (i.e. the above review of FREE Ewido states that the free version is missing all the key features!)
OK, lemme rephrase that.

If you have a better solution then go do it.

You asked a question, several posters volunteered their answers, but instead of trying them (or at least thanking those who took the time to offer their ideas) you started polling the rest of the board for a "common view" opinion.

At some point it's time to stop nit-picking everyone else's suggestions and make your own decisions about how practical or up-to-date they are.
__________________
*
*

The book written on E-R.org, "The Military Guide to Financial Independence and Retirement", on sale now! For more info see "About Me" in my profile.
I don't spend much time here anymore, so please send me a PM. Thanks.
Nords is offline   Reply With Quote
Re: Spyware
Old 06-27-2005, 01:38 AM   #20
Recycles dryer sheets
 
Join Date: Mar 2005
Posts: 90
Re: Spyware

Quote:
Originally Posted by Nords
You asked a question, several posters volunteered their answers, but instead of trying them (or at least thanking those who took the time to offer their ideas) you started polling the rest of the board for a "common view" opinion.
Appear to have touched a nerve- not the intention – sorry!
I had edited an earlier message (Gratefuled above) indicating I took the FireFox route.

In a round about way, I was asking the question what's the future for 3rd party tools (free or not) and how effective are they really? As not everyone was in complete agreement. I suspect because of Microsoft’s recent interest that we'll eventually be seeing tighter integration of the OS and likewise defensive tools in the future . . .

Anyway, thanks everyone for all the suggestions.
__________________

__________________
1.Convert Euro assets to US$ now or not?<br />2.Tax haven work, anyone ventured?<br />3.ER income from Real-Estate or Equities?<br />4.ER to Canada or US?<br />5.Lifesavings secure in Funds after Worldcon/Enrot/Equitable Life?<br />6.House price correction risk as rates go up?<br />7.Prop arbitrage i.e. CA &gt; 20% IL&lt;8%?
ER@40 is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
72% of PCs have Spyware Michael Other topics 39 11-22-2005 12:34 PM
Free Spyware detection and removal Paul Other topics 4 12-06-2004 04:55 AM
How to deal with adware and spyware Dante Other topics 41 08-17-2004 07:15 PM

 

 
All times are GMT -6. The time now is 09:44 AM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.