Re: Question for all

[Brad Mills <millsmiami () usa net>]

Chris,

> Well, the best plan would be to wipe your hard drive and start over, but 
> barring that, my next step would be to use SpybotSD, it's pretty good at 
> cleaning out garbage like that.  If it works you might consider sending a 
> donation, the developer does all that work for free.
 Agreed. 
 
 1. Wipe drive with DBAN, then re-ghost from a clean LKG.gho ... seems the 
better-authored malware does a great job of hiding.
 
 2. I'm not a big Zone Alarm fan, but if anything pops up, it usually has to 
have permission to connect, thus giving itself away.
 
 3. Build a (GPL) Smoothwall.org stand-alone firewall, monitor it's web proxie 
logs, and firewall logs. All ports over 1024 automatically blocked. The 
built-in Snort is useful, as well. Linux based, even a Win guy can have a 3-nic 
sytem built and online in ~30 minutes.
 
 4. Additionally, have a look at 
 http://www.mlin.net/StartupCPL.shtml
 
 ***Startup Control Panel is compatible with all modern versions of Windows, 
including Windows 95, 98, 98SE, ME, NT 4.0, 2000, and XP.
 
 Allows you to see HKCU, HKLM, Run-Once, etc. Useful to keep other apps from 
launching, aside from critters ;)
 
 Good Hunting and remember, it' s only my .02,
 /b



---------------------------------------------------------------------------
----------------------------------------------------------------------------