Full Disclosure mailing list archives
Re: !! Internet Explorer !!
From: Rachael Treu-Gomes <rara () navigo com>
Date: Fri, 11 Jun 2004 13:47:14 -0500
Sploit-du-jour, throwback from yesteryear, unpatched hole, pr0n, javascript, careless install, operator error...you name it. You might as well throw a dart at a page of possibilities if you're trying to blindly diagnose the infection details. If the suggested spyware removal agents don't fully do the trick and you find all web requests continually redirected to an alternate site, don't forget to visit and do some housekeeping on your hosts file. I'll happily second those in this thread who prescribe deployment of FireFox or Netscape or Opera or any other http MO than IE as a prophyllactic measure. ;) ymmv, --ra -- K. Rachael Treu-Gomes, CISSP rara () navigo com ..quis costodiet ipsos custodes?.. On Fri, Jun 11, 2004 at 07:48:22AM -0700, Harlan Carvey said something to the effect of:
Yesterday i was visitng web sites. so i felt my computer slow. and that time i shutdown my computer and go somewhere. now today i restarted my computer and when i open internet explorer i got Web Page. Which i didn't SET. and now i am not able to write www.anydomain.com . when i type it gave me error. and it is also opening Popup window advertise. and it has 2 files in my windows directory. when i removed them it comes back again. So please tell me, 1) what is it?Sounds like some sort of spyware/annoy-ware, that hijacks your default web page, feeds pop-ups, etc.From what little you've said, sounds like a BrowswerHelper Object, perhaps. Some things you might mention are, what's this web page that you see, but didn't set? What's the URL?2) how i can delete/remove it ?Spybot Search and Destroy. AdAware. HijackThis. Run them all.3) how i got this thing ?From web surfing. It's also likely that you don'thave (up-to-date) antivirus software.4) how to secure from this thing ?Stop using IE. Try FireFox or Netscape. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- !! Internet Explorer !! Farrukh Hussain (Jun 11)
- Re: !! Internet Explorer !! Matthew Jonkman (Jun 11)
- Re: !! Internet Explorer !! Brian Toovey (Jun 11)
- Re: !! Internet Explorer !! Harlan Carvey (Jun 11)
- Re: !! Internet Explorer !! Rachael Treu-Gomes (Jun 11)
- Re: !! Internet Explorer !! Andrei Zlate-Podani (Jun 11)
- Message not available
- Re: !! Internet Explorer !! Koen (Jun 11)
- Re: !! Internet Explorer !! Pavel Kankovsky (Jun 13)
- Re: !! Internet Explorer !! Koen (Jun 11)
- RE: !! Internet Explorer !! Syed Imran Ali (Jun 12)
- PestPatrol (was: !! Internet Explorer !!) Michal Zalewski (Jun 12)
- Re: PestPatrol (was: !! Internet Explorer !!) yossarian (Jun 12)
- Yahoo upgraded all accounts to 100MB Syed Imran Ali (Jun 15)
- Re: Yahoo upgraded all accounts to 100MB William Warren (Jun 15)
- Re: Yahoo upgraded all accounts to 100MB Joseph Peterson (Jun 15)
- Re: Yahoo upgraded all accounts to 100MB randall (Jun 15)
- PestPatrol (was: !! Internet Explorer !!) Michal Zalewski (Jun 12)