Full Disclosure mailing list archives
Re: Spyware installs with no interaction in IE on fully patched XP SP2 box
From: Harlan Carvey <keydet89 () yahoo com>
Date: Sun, 3 Oct 2004 12:36:38 -0700 (PDT)
This machine is a fully patched XP SP2 box, withthe default securitysettings for IE's Internet Zone. Does anybody knowwhat method this crapcould be using to install without any userinteraction?
It's a little hard to tell accurately without taking a look at what you removed; ie, saying that you cleaned things out of the Registry is great, but without knowing what keys you "cleaned", it's hard to tell. However, doing a quick search on Google for "atpartners", some of the info I found points to BHOs... Sorry, wish I could help more, but I'd need more info... ===== ------------------------------------------ Harlan Carvey, CISSP "Windows Forensics and Incident Recovery" http://www.windows-ir.com http://groups.yahoo.com/group/windowsir/ "Meddle not in the affairs of dragons, for you are crunchy, and good with ketchup." "The simplicity of this game amuses me. Bring me your finest meats and cheeses." ------------------------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Spyware installs with no interaction in IE on fully patched XP SP2 box Geraldo Rivera (Oct 03)
- Re: Spyware installs with no interaction in IE on fully patched XP SP2 box Joel R. Helgeson (Oct 03)
- Re: Spyware installs with no interaction in IE on fully patched XP SP2 box Harlan Carvey (Oct 03)
- Re: Spyware installs with no interaction in IE on fully patched XP SP2 box GuidoZ (Oct 03)
- <Possible follow-ups>
- Re: Spyware installs with no interaction in IE on fully patched XP SP2 box Geraldo Rivera (Oct 04)
- Re: Spyware installs with no interaction in IE on fully patched XP SP2 box Matt Andreko (Oct 04)
- Re: Spyware installs with no interaction in IE on fully patched XP SP2 box Mark Shirley (Oct 04)
- Re: Spyware installs with no interaction in IE on fully patched XP SP2 box Matt Andreko (Oct 04)
- RE: Spyware installs with no interaction in IE on fully patched XP SP2 box Carr, Robert (Oct 04)
- RE: Spyware installs with no interaction in IE on fully patched XP SP2 box Michael Simpson (Oct 04)
- Re: Spyware installs with no interaction in IE on fully patched XP SP2 box Alla Bezroutchko (Oct 05)
- RE: Spyware installs with no interaction in IE on fully patched XP SP2 box Todd Towles (Oct 04)
- RE: Spyware installs with no interaction in IE on fully patched XP SP2 box Todd Towles (Oct 04)
- Re: Spyware installs with no interaction in IE on fully patched XP SP2 box Willem Koenings (Oct 04)
(Thread continues...)
- Re: Spyware installs with no interaction in IE on fully patched XP SP2 box Joel R. Helgeson (Oct 03)