In cazul in care instalati multe programe, sau nu folositi un firewall la navigarea pe internet, este recomandat sa aveti un anti-spywar care periodic sa verifice calculatorul impotriva eventualelor fisiere avand scopuri malitioase (spyware, troiani, dialere, malware, tracks etc).
Cele mai bune softuri, gratuite in acelasi timp, sunt:
SpyBot = Search & Destroy => http://www.safer-networking.org/
Ad-Aware => http://www.lavasoftusa.com/
In cazul in care doriti sa verificati online prezenta in browsere a unor programe tip spyware, accesati http://www.doxdesk.com/parasite/ (doar pentru IE).
La http://www.spywareinfo.com/~merijn/downloads.html regasiti mai multe utilitare ce va ajuta sa dezactivati paginile de start setate automat de unele softuri malitioase.
Eu folosesc Ad-Aware 6.0 de cand am primit un email de la cineva ca cica ii trimiteam eu emailuri aiurea. Evident aveam un spyware ceva... dar dupa ce am instalat programul mia gasit si sters vreo 20 de fisiere corupte.
Asa ca recomand obligatoriu unul din programele de mai sus.
Ps: aveam instalat nortonul, deci un program antivirus uneori nu e suficient.
Aceasta este continuarea discutiei de aici: http://www.hanuancutei.com/forum/index.php?showtopic=23&view=findpost&p=163107
bazac, iti raspund aici pentru ca nu prea are de a face cu Google.
QUOTE |
Da’ ma duc manual la “Enable All Protections” si le enable din nou. |
QUOTE |
Cum adica? Cate spyware ti-a gasit? Ad-aware si Spybot le-au gasit de asemenea? |
QUOTE |
>Da alarme false. Cate ? Ce procentaj ? |
QUOTE |
E gratis sa VEZI ce spyware ai. Eu am dat ieri $ 30 la londonezi ca sa pot STERGE spyware. Cred ca merita. |
QUOTE |
Nu mi-a sters imunizarile facute de Spybot S&D, doar cele lui SpywareBlaster. |
QUOTE |
Spybot imi tot da cu “DSO Exploit” care il sterg, dar degeaba, apare din nou data viitoare. |
QUOTE |
Ce sa vezi minune mare: SpyBouncer si Omnisquad AntiSpy iar zice ca am vre-o 200 de spyware. Asta dupa ce in urma cu 10 minute, zicea ca totul e ok. |
QUOTE |
Dupa ce am curatat computerul de spyware, am folosit din nou programele anti-spyware. |
QUOTE |
Uzez programul, si ce crezi? 204 new objects. |
QUOTE |
Nu stiu ce sa ma mai fac. |
dsrk3r, bine ca ai mutat post-urile despre spyware de la Google FAQs.
La ale noastre:
Tocmai am facut o verificare “la sange” a spyware.
Iata rezultatele:
Defender Pro AntiSpy (fost Omnisquad Antisoy) = 1 spyware (Common Name)
Mare progress de la 200 la 1.
Anti Trojan zice:
access file C:\WINDOWS\Temp\ZLT03bb4.TMP refused
access file C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsys.dll refused
access file C:\pagefile.sys refused
access file C:\Documents and Settings\Owner\Local Settings\Temp\~DFED94.tmp refused
access file C:\Documents and Settings\Owner\Local Settings\Temp\~DFAE13.tmp refused
access file C:\Documents and Settings\Owner\Local Settings\Temp\~DFADF9.tmp refused
Spy detect zice ca Spybot S&D are in folderul Includes un file cu numele KEYLOGGER. Asta chiar ca ar fi culmea ca un anti-spyware sa instaleze un spyware. Nu ar fi prima data ca aud chestia asta, dar nu ma asteptam de la Spybot S&D.
Trojan Hunter zice:
Port scan
Port 5180/TCP is open (Matches Peeper.120. Port being used by process Netscp.exe/PID 564)
Hijack This! da o lunga lista de gizmos, cum ar fi
Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-us\msntb.dll
Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
HKLM\..\Run: [SpywareStopper] C:\Program Files\SpyBlocker\Software\SpywareStopper\spywarestopper.exe
Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
Extra 'Tools' menuitem: RF Toolbar &2 (HKLM)
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
Tot Hijack This! Zice ca am 3 BHO:
BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
(din nou Spybot? Cu un BHO? Hm!?)
BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
Aceleasi BHO’s mi le da si BHO List si BHO Demon.
Habar n-am ce sa sterg in Hijack This! Logfile. Poate ma ajuta cineva.
CWShredder zice:
Found Hosts file: C:\WINDOWS\system32\drivers\etc\hosts (768 bytes, A)
Shell Registry value: HKLM\..\WinLogon [Shell] Explorer.exe
UserInit Registry value: HKLM\..\WinLogon [UserInit] C:\WINDOWS\system32\userinit.exe,
Found Win.ini file: C:\WINDOWS\win.ini (583 bytes, A)
Found System.ini file: C:\WINDOWS\system.ini (227 bytes, A)
Astept comentariile voastre relativ la rezultatele obtinute.
Acum sa revin la raspunsurile tale din noul thread:
QUOTE |
A gasit vreo 201 alarme false. |
QUOTE |
M-am uitat atent la ce gaseste si am ajuns la concluzia ca nu e un program de incredere. |
QUOTE |
Nu mi-a sters imunizarile facute de Spybot S&D, doar cele lui SpywareBlaster. Cred ca e un motiv destul de serios sa scapi de el. |
QUOTE |
Exploit-ul este real. Lasa-l asa. |
QUOTE |
Dupa ce am curatat computerul de spyware, am folosit din nou programele anti-spyware. You have an obsession |
QUOTE |
Nu stiu daca si asta, dar pe SpyBouncer l-am gasit pe lista neagra a programelor anti-spy. |
QUOTE |
Foloseste browsere ca Mozilla FireFox |
QUOTE |
Foloseste browsere ca MYIE2 |
QUOTE |
Mozilla nu stie de ActiveX, asa ca adio spyware. |
QUOTE |
Foloseste un firewall gratuit (ZoneAlarm, Kerio, Sygate). |
QUOTE |
Fa update la Windows sa fie la zi. |
QUOTE |
Pune cele 4 programe anti-spy pe care le foloseste toata lumea |
QUOTE |
scaneaza HDD-ul o data / saptamana daca ai chef. |
QUOTE |
Pune un antivirus serios |
QUOTE |
Anti Trojan zice: access file C:\WINDOWS\Temp\ZLT03bb4.TMP refused access file C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsys.dll refused access file C:\pagefile.sys refused access file C:\Documents and Settings\Owner\Local Settings\Temp\~DFED94.tmp refused access file C:\Documents and Settings\Owner\Local Settings\Temp\~DFAE13.tmp refused access file C:\Documents and Settings\Owner\Local Settings\Temp\~DFADF9.tmp refused |
QUOTE |
Spy detect zice ca Spybot S&D are in folderul Includes un file cu numele KEYLOGGER. |
QUOTE |
Trojan Hunter zice: Port scan Port 5180/TCP is open (Matches Peeper.120. Port being used by process Netscp.exe/PID 564) |
QUOTE |
Chiar sa fie TOATE false ? |
QUOTE |
Cum determini un fals pozitiv ? |
QUOTE |
I-am sunat – pe SpyBouncer – si mi-au zis ca NU mai produc un software pentru keylogger |
QUOTE |
SpyBouncer is a spyware and adware scanner that can help you detect and remove common adware and spyware installations on your computer. The program comes with a backup feature and detailed/fast scan options. SpyBouncer does not disclose how many adware/spyware titles it can detect or remove, and it does not provide any information on detected items, other than the fact that it claims them to be spyware/adware. Overall, less features than the competition, and we were also able to install a popular keylogger without detection or warning. Trial version can detect, but not remove installed adware. |
QUOTE |
OK, dar tot folosesc IE pentru Hotmail. |
QUOTE |
E adevarat ca 2 sau mai mult firewalls sau anti-virus-uri se deranjeaza unele pe altele? |
QUOTE |
OK, dar chiar crezi ca e necesar sa STERG Omnisquad si Spy Bouncer? |
QUOTE |
Nu e prea rar ? |
QUOTE |
furat passwords si credit cards |
QUOTE |
Norton il consideri sufficient de serios sau ai alte recomandari ? |
QUOTE (dsrk3r) |
Da, orice ai folosi nu le combina. Un firewall si un AV. |
Care-ti place. Eu as merge cu Norton 2004 sau Kaspersky 5. Ambele pot detecta si scoate spyware & adware. Cel putin teoretic.
QUOTE |
Chiar sa fie TOATE false ? Da, imi pare rau ca te dezamagesc |
QUOTE |
OK, dar tot folosesc IE pentru Hotmail. Este alegerea ta. Eu prefer Yahoo! Hotmail nu mi se pare un site periculos, de unde poti lua spyware. |
QUOTE |
OK, dar chiar crezi ca e necesar sa STERG Omnisquad si Spy Bouncer? Absolut convins ! |
QUOTE |
Scaneaza-l cand vrei. Eu nici macar o data pe saptamana nu scanez pentru ca antivirusul meu Kaspersky se pricepe si la spyware, pornware, dialers si alte porcarii de pe net. |
QUOTE |
In log-ul incomplet de la HijakThis nu am vazut nimic suspect. |
QUOTE |
daca as putea face ceva ca mesajele sa le deschid AUTOMAT in Mozilla |
QUOTE |
Kaspersky si Norton vor avea probleme sa convietuiasca, right ? |
QUOTE |
SDHelper.dll |
QUOTE |
hosts |
QUOTE |
Pui Mozilla default browser si gata. Debifezi in MSIE "Internet Explorer should check to see wether it is the default browser". Presupun ca stii de unde. |
QUOTE |
Norton pune virusii in carantina. Kaspersky va gasi virusii de acolo si ii va sterge. |
QUOTE |
RoboForm.dll este un plug-in de la AvantBrowser. Parca-l aveai instalat. Daca-ti trebuie lasa-l, daca nu il poti dezinstala din AvantBrowser |
QUOTE |
Defender Pro - Asta ce face ? |
QUOTE |
Nu vad nici o problema. Nu ai nici un spyware, adware sau alte jeguri. ESTI CURAT ! |
QUOTE |
Cred ca ti-a scapat, poti comenta te rog, relativ la cele 3 BHO ? |
QUOTE |
Tot Hijack This! Zice ca am 3 BHO: BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (din nou Spybot? Cu un BHO? Hm!?) BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll |
QUOTE |
Am zis asta, daca citesti atent: |
QUOTE |
In light of recent vulnerabilities that have been exploited in Internet Explorer (see our coverage), major security organizations such as US-CERT and SANS are recommending that users find an alternative to IE |
QUOTE |
Some suggestions are Mozilla, Netscape, and Opera. If I had to pick one, Mozilla Firefox would be a strong recommendation. |
Este la fel si pentru Mozilla:
1. Deschide MSIE si in Tools - Internet Options - tab-ul Programs , debifeaza IE should check ...
2.
# Open Netscape 7. Click the Edit menu and choose Preferences.
# Expand the Advanced category by clicking the triangle next to it and choose System.
# Check HTML documents in the Windows should use Netscape 7 to open these file types. Note: If you would like image files (like jpg or gif) to open in Netscape 7, check those options as well.
# Check http: (Hypertext Transfer Protocol) and https: (Secure HTTP) in the Windows should use Netscape 7 to handle these protocols.
# Check the option Alert me if other applications change these settings.
# Click OK to save the changes.
QUOTE |
Open Netscape 7. |
QUOTE (bazac @ 1 Jul 2004, 02:51 PM) | ||
Open Netscape 7. to make Mozilla default browser? |
QUOTE |
In textul dat de mine citeste in loc de Netscape, Mozilla si ai rezolvat problema. |
QUOTE |
Inauntru ambele browsere sunt la fel. |
Multa lume stie, credeam ca stii si tu
QUOTE |
Multa lume stie, credeam ca stii si tu |
Am facut urmatoarele:
In MSIE: Tools \ Internet Options \ Programs + unchecked Internet Explorer should check to see weather it is the default browser
In Mozilla: Tools \ Options \ General + CHECKED the box of Firefox should check to see if it is the default browser when starting.
Rezultatul: mesajele din Hotmail se incapataneaza sa apara in IE si nu in Mozilla cum doreste subsemnatul.
Am Windows XP, si in Mozilla Firefox nu functioneaza: Click the Edit menu and choose Preferences, ca in Netscape 7
Deci astept noi instructiuni.
Cu FireFox am avut si eu probleme. Instaleaza Mozilla 1.7 si se rezolva.
http://www.mozilla.org/products/mozilla1.x/
E adevarat ca FireFox e tot marca Mozilla, dar nu prea seamana cu Netscape din cate ai constat si tu.
Eu m-am referit la Mozilla 1.7 si nu la FireFox.
Am instalat Mozilla 1.7 am urmat indicatiile tale, totul a mers smooth, dar mesajele se incapataneaza sa se deschida in Explorer.
Apropos, exista vre-o modalitate in Mozilla 1.7 sa pun Home si Bookmarks pe acelasi rand cu Back, Forward, Refresh, Stop and Address box?
Sunt gata sa renunt la optiunea Print de dupa Address box si inainte de logo-ul M (Mozilla)
QUOTE |
dar mesajele se incapataneaza sa se deschida in Explorer. |
QUOTE |
Pot sa pun Home si Bookmarks pe acelasi rand cu Back, Forward, Refresh, Stop and Address box ? |
QUOTE |
Pentru siguranta fa inainte un system restore point, ca sa te poti intoarce daca gresesti ceva. |
QUOTE (bazac @ 2 Jul 2004, 04:05 PM) |
Fi antenna, ce ignorant sunt ca nu stiu ce e “un system restore point” Vreau sa zic ca stiu eu ce e un "system restore", dar nu stiu cum se face un system restore... "point” |
Versiune noua HijackThis!
v. 1.98.0
Download aici:
http://www.spywareinfo.com/~merijn/files/hijackthis.zip
QUOTE |
bazac, nu te supara, |
QUOTE |
pentru asta s-a inventat Google. |
QUOTE (bazac @ 2 Jul 2004, 09:00 PM) |
Nu ma supar |
Pai nu m-am suparat. Pe bune! Ca daca ma suparam nici nu mai treceam pe la Hanu' Ancutei.
Ca m-au deranjat unele chestii, aia e adevarat.
QUOTE |
Sper ca te opresti la al doilea link si nu cauti 185,000 de pagini pana sa te lamuresti. |
In C:\Windows apare doar un folder System care nu contine nici un folder/file Restore.
Imi permit sa-ti amintesc ca am Windows XP
Tot in C:\Windows apare un System 32, care YES! Are un folder Restore.
M-am bucurat degeaba: folder-ul Restore contine:
MachineGuid
rstrui
srdiag si
srframe
files care – ai ghicit – habar n-am ce sunt.
O cautare in computer mi-a dat un folder/file? System Restore,
In Start menu\Programs \Accessories\System Tools
M-iam luat inima-n dinti si am creat un “point”
QUOTE |
> Dupa ce faci un restore point |
QUOTE |
modifica doar "Internet Shortcut" in File Types. |
CoolWebSearch castiga razboiul
Merijn Bellekom (http://www.spywareinfo.com/~merijn/) a abondonat lupta cu troianul CoolWebSearch. CWShredder, unealta care putea sa scoata acest troian de pe PC, nu va mai fi dezvoltata in continuare. Noi variante ale CoolWebSearch apar prea des si studentul olandez nu mai poate tine pasul.
Solutia: lucru manual, folosind HijackThis!, dezvoltat tot de Merijn Bellekom.
SpywareBlaster 3.1 nu protejeaza FireFox 0.9.x
SpywareBlaster 3.1 nu asigura protectie pentru FireFox 0.9. si 0.9.1 din cauza unor modificari facute de Mozilla. Se asteapta in curand un update pentru SpywareBlaster.
SpywareBlaster 3.1 asigura in continuare protectie pentru Mozilla 1.7.
http://www.javacoolsoftware.com/spywareblaster.html
Spyware pentru Mozilla
Mozilla nu a scapat de spyware. Fata de Internet Explorer, Mozilla insa permite utilizatorului sa aiba un control asupra extensiilor, instalate direct de pe un site vizitat. Tot secretul este sa nu apesi install atunci cand extensia nedorita vrea sa se instaleze. "Software instalation" poate fi dezactivat complet atat in Mozilla 1.x cat si in noul FireFox.
Mozilla 1.x sau Netscape7.x : Edit - Preferences - Advanced - Software instalation - se debifeaza "Enable software instalation"
FireFox 0.9.x : Tools - Options - Advanced - se debifeaza "Allow web sites to install software"
Alternative la Internet Explorer
Alternativele la MS Internet Explorer http://www.myie2.com sau http://www.avantbrowser.com pot fi folosite pentru protectia impotriva spyware sau adware: pop-up blocking, posibilitatea de a dezactiva usor ActiveX, etc.
Pentru a oferi protectie ActiveX trebuie sa fie dezactivat !!
Dezactivarea ActiveX in MYIE2: Options - MYIE2 Options - Download - se debifeaza "Allow ActiveX"; si JavaScript, Flash, Java, etc. pot fi dezactivate de aici.
Posibile rezolvari la problema lui bazac (si a altora)
Link-urile din MSN Messenger se deschid in IE, cu toate ca Mozilla sau FireFox este default browser
1. Nu se mai foloseste Hotmail si MSN Messenger
2. Se foloseste Trillian Pro (nu e free) - http://www.ceruleanstudios.com/downloads/ (nu bag mana in foc, utilizatorii zic ca merge)
3. Se asteapta un WorkAround, daca va apare vreodata
QUOTE |
Alternativele la MS Internet Explorer MY IE 2 sau Avant Browser |
QUOTE |
Se foloseste Trillian Pro (nu e free) – |
QUOTE (bazac @ 4 Jul 2004, 04:44 AM) | ||
Mi se pare ca e un “basic” free. |
Cum sa scap de spyware, adware, BHO, troieni, viermi, gandaci, moluste, etc. ?
Reteta este urmatoarea:
A. Se folosesc urmatoarele programe, gratuite, cu update-uri la zi:
http://www.download.com/3000-2144-10045910.html?part=69274&subj=dlpage&tag=button,
http://www.download.com/3000-8022-10122137.html
http://www.snapfiles.com/get/spywareblaster.html
AdAware si Spybot S&D pot recunoaste si elimina spyware si adware; Spybot S&D si Spyware Blaster pot imuniza PC-ul impotriva spyware prin scrierea in Windows Registry a unui killer bit care blocheaza instalarea spyware cunoscute; Spybot S&D dispune de un download blocker pentru Internet Explorer si Opera.
B. Daca blocarea si eliminarea automata nu a avut rezultatele asteptate spyware trebuie eliminate manual.
Pentru asta se foloseste de exemplu http://www.spywareinfo.com/~merijn/files/hijackthis.zip
Procedura este urmatoarea
1. Se executa HijackThis! si se apasa "Scan"
2. Se cauta liniile suspecte:
- HijackThis permite vizualizarea "Running processes", "BHO" - Browser Helper Objects din Internet Explorer, "Toolbars" in Internet Explorer, "Windows Registry", etc.
- se analizeaza fiecare linie in parte pentru a vedea daca trebuie bifata; de mare ajutor sunt urmatoarele site-uri:
http://www.liutilities.com/products/wintaskspro/processlibrary/ si http://www.pestpatrol.com/Search/
- daca analiza esueaza se poate cere ajutor pe un forum, postand LogFile-ul HijackThis!
3. Dupa ce s-a stabilit care linii sunt suspecte, se deschide Windows Task Manager pentru a opri (kill) procesele suspecte:
se apasa Ctrl-Alt-Del in XP/2000/Me/98/NT4/95
click dreapta pe Task Bar in XP/2000/NT4
se alege tab-ul Processes in Task Manager si se face click dreapta pe fiecare proces suspect, urmat de End Process
4. Unregister DLL-uri suspecte
Click pe "Start" si "Run"
Se introduce in "Run" o linie de comanda:
de exemplu
regsvr32 /u [adresa pe HDD]\suspect.dll
unde [adresa pe HDD] poate fi ceva de tipul asta C:\WINDOWS\system32
denumirea si adresa DLL-ului suspect se pot copia din log-ul HijackThis!
5. Se sterg intrarile din Windows Registry:
Se bifeaza liniile in HijackThis si se apasa "Fix"
sau
Click pe "Start" si "Run"
In "Run" se tasteaza regedit si se apasa "Enter"
Se deschide Windows Registry Editor
Se face un backup al intregului Registry
In meniul "Edit" se alege "Find"
Se cauta fiecare intrare suspecta, se marcheaza (1xClick) si se sterge apasand tasta "Del" (Delete); se confirma stergerea
Editarea Windows Registry se face cu mare grija
Instructiuni pentru editare se afla aici (site-ul Symantec): http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2000060422485506
Un tutorial pentru Windows Registry Backup se afla aici: http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/199762382617?OpenDocument&ExpandSection=1#_Section1
6. Stergerea intrarilor din AutoStart
Dezactivarea lor se poate face cu utilitarul "msconfig"
"Start" si "Run"
In "Run" se tasteaza "msconfig" si se apasa tasta "Enter"
In ultimul tab "StartUp" se pot debifa procesele suspecte.
7. Se scaneaza din nou PC-ul apasand "Scan"
Se bifeaza toate liniile suspecte ramase si se apasa "Fix checked"
8. Stergerea fisierelor si directoarelor suspecte
Dupa efectuarea operatiunilor de mai sus fisierele si directoarele suspecte pot fi sterse.
Se deschide Windows Explorer, se cauta suspectii si se sterg.
Daca operatiunea nu poate fi efectuata, din cauza ca procesul nu a putut fi oprit sau DLL-ul nu se lasa unregistred, se noteaza toate adresele lor, se booteaza in "Safe Mode" (tasta F8 la reboot) si se sterg acum.
Tutorial pentru pornirea calculatorului in Safe Mode aici:
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406?OpenDocument&src=sec_doc_nam
9. Dupa bootarea normala a calculatorului se executa din nou HijackThis!
Se cauta liniile suspecte care au mai ramas (unele pot sa scape), se bifeaza si se apasa Fix.
Masuri preventive
Surfing-ul pe site-uri suspecte (porno, crack-uri, download mp3, site-uri ale hackerilor, etc.) se face cu un browser in care s-au dezactivat ActiveX, Java Script si Java
Un tutorial se gaseste aici:http://cma.zdnet.com/book/idiotpc/ch25/ch25.htm
Cele mai sigure browsere in acest moment sunt Mozilla 1.7 si Mozilla FireFox 0.9.1.
Pentru a le face si mai sigure trebuie luate urmatoarele masuri:
a. Disable Software Instalation
- in Mozilla 1.7 - Edit - Preferences ... - Advanced - Software Instalation - se debifeaza "Enable software instalation"
- in FireFox 0.9.x - Tools - Options ... - Advanced - se debifeaza "Allow web sites to install software"
b. Blocare pop-up windows
- in Mozilla 1.7 - Edit - Preferences ... - Privacy & Security - Popup windows - se bifeaza "Block unrequested popup windows"
- in FireFox 0.9.x - Tools - Options ... - Web Features - se bifeaza "Block popup windows"
c. Optional, pentru navigarea pe site-uri periculoase
Disable Java & Java Script
- in Mozilla 1.7 - Edit - Preferences ... - Advanced - se debifeaza "Enable Java"
- in Mozilla 1.7 - Edit - Preferences ... - Advanced - Scripts & Plug-ins - se debifeaza "Enable JavaScript for Navigator"
- in FireFox 0.9.x - Tools - Options ... - Web Features - se debifeaza "Enable Java" si "Enable JavaScript"
QUOTE (dsrk3r) |
Optional, pentru navigarea pe site-uri periculoase Disable Java & Java Script |
QUOTE (Onix @ 4 Jul 2004, 01:22 PM) |
dar cum stiu daca nimeresc pe vreun site "periculos"? Sau sunt doar cele date ca exemplu mai sus ? |
Si asta ce presupune? Disable Java permanent? Eu chiar am nevoie sa intru pe site-uri care utilizeaza Java.
Btw: Mozilla FireFox 0.9.1. de cand ai pus link-ul
Off-topic: Motanu', parca, inserase niste smilies din YM - ala mic cu limba scoasa care e simpatic foc. Cum a facut asta?
QUOTE (Onix @ 4 Jul 2004, 01:44 PM) |
Si asta ce presupune? Disable Java permanent ? |
QUOTE (bazac @ 4 Jul 2004, 04:44 AM) | ||
Dar intrebarea mea e: ce email adresa pun ca am doua? |
QUOTE (bazac @ 29 Jun 2004, 01:39 AM) |
L-am intrebat pe technicianul care mi-a reparat computerul, daca stiind URL-ul Website-ul meu, poate sa-mi trimita un virus/spyware. S-a uitat luuuuuung la mine si a zis: BINENTELES. Probabil ca intrebarea mea va figura in fruntea topul lui personal de intrebari stupide primite de la clienti. |
QUOTE (bazac @ 29 Jun 2004, 05:02 AM) |
Ce voiam sa spun este ca e deosebit de simplu sa incasezi un virus/spyware, fie prin simpla vizionare a unui sit Web, sau a unui mesaj email – nu numai prin deschiderea de attachments cum se stia pana acum. |
QUOTE |
Off-topic: Motanu', parca, inserase niste smilies din YM - ala mic cu limba scoasa care e simpatic foc. Cum a facut asta? |
(quote)Tot off si eu(/quote)
QUOTE (Nico @ 4 Jul 2004, 03:24 PM) |
QUOTE (dsrk3r) |
Onix, lasa netu si uita-te la TV. |
Ce fel de probleme in vizionarea unei pagini, pot aparea daca Java si Java Script sunt dezactivate?
>Se folosesc urmatoarele programe, gratuite, cu update-uri la zi: AdAware, Spybot S&D si Spyware Blaster
Pest Patrol, Spy Sweeper, Bazooka, Tauscan & Co. chiar nu-s bune la nimic?
Ca de Omnisquad si SpyBouncer m-am lamurit. Tot la 2 checking-uri imi da 200 de fals pozitive. Ce-o fi in capul lor nu stiu.
Ca sa blocheze, SpywareBlaster TREBUIE "minimalizat" (minimize) sau POATE FI "inchis" (closed)?
>Masuri preventive: Surfing-ul pe site-uri suspecte (porno, crack-uri, download mp3, site-uri ale hackerilor, etc.) se face cu un browser in care s-au dezactivat ActiveX, …
Unde dezactivez Active X pentru Mozilla si Firefox?
>Spybot S&D dispune de un download blocker pentru Internet Explorer si Opera.
Nu si pentru Mozilla si Firefox?
Ce fac cu DSO Exploit, care apare – chiar dca il sterg – in Spybot S&D?
>Dupa evenimentul "Download.Ject & hackerii rusi" toate site-urile pot fi periculoase
Asta trebuia scris cu litera mare, ca e - IMO - cea mai importanta stire a anului.
Napoleon9th wrote:
> Pai iti faci cate un cont in interiorul lui Trillian pentru fiecare.
OK, voi incerca. Multumesc.
Napoleon9th wrote:
>Si totusi, nu ai explicat cum poate el sa-ti trimita un virus/spyware stiind doar URL-ul Website-ului.
Pai cum sa explic eu, daca EL, nu mi-a dat nici o explicatie. In plus daca imi amintesc bine, mi-a zis ca poate sa-mi trimite un nasty spyware/virus daca stie DOAR numele meu. Nu ma intreba CUM, ca nu stiu. A bodoganit ceva de IP-ul computerului meu, pe-acolo. Dar eu cum sunt cam paralel cu programarea, n-am prea inteles mare lucru. Poate ne luminati voi, cei care stiti.
Napoleon9th wrote:
>Ca acces acolo nu se capata usor decat daca e hacker pana la os, imo.
Pai o fi “pana la os” mai sti?
QUOTE |
Ce fel de probleme in vizionarea unei pagini, pot aparea daca Java si Java Script sunt dezactivate ? |
QUOTE |
Pest Patrol |
QUOTE |
Ca sa blocheze, SpywareBlaster TREBUIE "minimalizat" (minimize) sau POATE FI "inchis" (closed) ? |
QUOTE |
Unde dezactivez Active X pentru Mozilla si Firefox ? |
QUOTE |
Ce fac cu DSO Exploit, care apare – chiar dca il sterg – in Spybot S&D ? |
Spybot zice ca am
C2lop
7 FaSSt
Aornum
CoolWWWSearch
Searchalot si
Unknown
Omnisquad zice:
CommonName si
Covenanteye
Spy Bouncer zice:
Lop.com
Pest Patrol zice:
RestV si
Client Sniffer
Sfaturi / comentarii?
Pune un log de la HijackThis! aici sa vedem ce putem face. Inainte de a scana inchide toate programele pe care le poti inchide. Daca inchizi firewall si antivirus deconecteaza-te mai intai de la net !! Cand te conectezi la net pune FW si AV la loc !!
>Pune un log de la HijackThis! aici sa vedem ce putem face.
Nu stiu daca nu e prea tarziu. Am sters deja tot ce am putut; cu exceptia lui Pest Patrol carora inca nu le-am dat banii. Oricum voi pune log-ul lui HijackThis!
>Daca inchizi firewall si antivirus deconecteaza-te mai intai de la net !!
Firewall si antivirus afecteaza HijackThis!? Am inchis toate programele cu exceptia Firewall si antivirus.
Urmeaza llog-ul lui HijackThis!:
Logfile of HijackThis v1.97.7
Scan saved at 8:34:15 PM, on 6/11/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mybookmarks.com/marks
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.mybookmarks.com/marks"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\ijdcbw2i.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\ijdcbw2i.slt\prefs.js)
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-us\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Customize Menu &4 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms &] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Save Forms &[ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Fill Forms (HKLM)
O9 - Extra 'Tools' menuitem: Fill Forms &] (HKLM)
O9 - Extra button: Save (HKLM)
O9 - Extra 'Tools' menuitem: Save Forms &[ (HKLM)
O9 - Extra button: RoboForm (HKLM)
O9 - Extra 'Tools' menuitem: RF Toolbar &2 (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38156.4495717593
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4371/mcfscan.cab
Nu am vazut nimic. Esti curat si uscat.
QUOTE |
Firewall si antivirus afecteaza HijackThis !? |
Cateva programe interesante si folositoare pentru eliminarea spyware
http://www.sysinternals.com/ntw2k/freeware/procexp.shtml
Ce programe si DLL-uri sunt deschise + informatii complete. Tot ce nu face Task Manager din Windows.
http://www.sysinternals.com/ntw2k/source/tcpview.shtml
TCPView ofera lista detaliata a tuturor endpoint-urilor TCP si UDP: denumirea procesului, adresa locala si remote, starea conexiunii. Cu acest program se pot urmari spyware, viermii, virusii, etc.
http://www.sysinternals.com/ntw2k/freeware/autoruns.shtml
Acest program permite vizualizarea tuturor programelor din Startup folder, Run, RunOnce, etc., deci a tuturor programelor care pornesc automat.
Ad-aware zice OK.
Spybot S&D zice OK - cu exceptia a 5 DSO Exploit.
SpyBouncer zice: 195 Infected Items (incl. Lop.com, CoolWebSearch, Ezula, Alexa toolbar, 180SolutionInc., Claria/Gain, BrowserAid, etc. etc. etc. )
Fals pozitive toate, nu?
Omniquad AntiSpy zice:
Registry Keys Identified: 239
Registry Values Identified: 1
The whole nine yards: BrowserAid, ClearSearch, ClientMan, CoolWebSearch, Dialer, DialerActiveX, XDialer, OnlineDialer, Hotbar, Morpheus, SpyBot, SpyBlast,
After deleting in Omniquad AntiSpy:
Detected Objects: 240
Deleted Objects: 189 (??? !!!) Oare de ce nu a sters TOATE spyware?
Ah, era sa uit: nu toate Detected Objects erau bifate “by default”. Unele – nu le-am numarat, dar parca erau mai putine decat 51 (240-189) – a trebuit sa le bifez manual.
Cele 240 sunt fals pozitive toate, nu?
Pest Patrol zice:
RestV si
Client Sniffer
Trojan Hunter zice - dar nu zicea pana acum, cu toate ca Mozilla e instalata de mult.
Port scan
Port 1601/TCP is open (Matches DirectConnection.100. Port being used by process MOZILLA.EXE/PID 3124)
Port 1601/TCP is open (Matches DirectConnection.100. Port being used by process MOZILLA.EXE/PID 3124)
Port 1602/TCP is open (Matches DirectConnection.100. Port being used by process MOZILLA.EXE/PID 3124)
Port 1602/TCP is open (Matches DirectConnection.100. Port being used by process MOZILLA.EXE/PID 3124)
Pana acuma zicea:
Port scan
Port 5180/TCP is open (Matches Peeper.120. Port being used by process Netscp.exe/PID 564)
Comentarii / sfaturi ?
SpywareBlaster 3.2
Ultima versiune SpywareBlaster a aparut azi:
Se recomanda dezinstalarea versiunii vechi inainte de instalarea celei noi:
1.) Se face click pe "Disable All Protection" in "Quick Tasks".
2.) Se inchide SpywareBlaster.
3.) Se dezinslaleaza SpywareBlaster din Add/Remove Programs
4.) Download ultima versiune si instalare
http://www.webattack.com/dlnow/rdir.dll?id=105693
http://allsecpros.com/download/spywareblastersetup.exe
SpywareBlaster 3.2 asigura protectie [Edit] si pentru FireFox 0.9.1.
QUOTE |
SpywareBlaster 3.2 asigura protectie pentru FireFox 0.9.1. |
Stiti ce va rog eu? Sa imi spuneti un site de net unde imi pot scoate online toate softurile ascunse din comp - alea de le zice spyware si care nu se vad, da' se simt ca ingreuneaza traficul si se apuca si unde imi instaleaza niste tampenii de nu mai inteleg nimic...
Cele date de Mihai le-am incercat dar nu merg...
Acuma dau jos ceva soft Ad-aware... sa vedem cum e...
Multzam oricum!
Antivirusi online recomandati pentru spyware:
http://www.pandasoftware.com/activescan/
http://housecall.trendmicro.com/
Programe AtiSpy:
http://www.lavasoftusa.com/support/download/
http://www.safer-networking.org/en/download/index.html
Tutoriale:
http://www.bleepingcomputer.com/forums/index.php?showtutorial=43
http://www.bleepingcomputer.com/forums/index.php?showtutorial=48 - un pic invechit
AdAware si Spybot S&D, amintite de dsrk3r, sunt excelente programe Anti Spyware. In plus sunt gratuite.
Un alt program bun este Pest Patrol folosit de Yahoo! in noul lor toolbar. Vezi:
http://www.computerworld.co.nz/news.nsf/0/9C41BE6846F72291CC256EEA002275D7?OpenDocument&More=Security&pub=Computerworld
Pest Patrol NU e gratuit – dar ofera o verificare a pyware in computerul personal gratuit. Pentru a sterge eventualii spyware trebuie cumparat soft-ul ($ 40) Daca aveti posibilitatea cumparati-l. Merita.
Recomand de asemenea SpywareBlaster. Acesta NU verifica si nici NU sterge eventualii spyware prezenti in computerul Dvstra. ci pur si simplu impiedica cca 3.100 spyware sa INTRE in computerul personal. SpywareBlaster e gratuit.
Vezi:
http://www.javacoolsoftware.com/spywareblaster.html
Ah! Nu uitati sa update des respectivele softuri antispyware.
Daniel.
PS
Aveti grija ce soft-uri folositi contra spyware. Unele soft-uri ce pretind ca STERG spyware de fapt INTRODUC spyware in computerul Dvstra.
Eric L. Howes in Spyware Warrior descrie cca. 75 astfel de programe.
Vezi:
http://www.ctnow.com/business/nyc-biz-spy0809,1,2414394.story
si
http://www.spywarewarrior.com/rogue_anti-spyware.htm
Ah, uitasem: Pest Patrol ofera 30 de zile pentru a incerca soft-ul inainte de a-l cumpara.
Vezi
http://www.pestpatrol.com/Products/PestPatrolHE/Single_User_Evaluation.asp
Daniel
http://www.virtualchase.com/tvcalert/aug04/16aug04.html#ad
QUOTE |
http://www.lavasoftusa.com/software/adaware/ released new anti-spyware software last week and then patched it twice. If you downloaded Ad-Aware SE Plus or SE Pro prior to 13 August, your computer might be vulnerable to browser hijackers. PC World discovered flaws in the software that allowed hijackers to make changes to the System Registry unchallenged. While Ad-Aware responded quickly with a patch, users who update the program using the update feature will not install the fix. (You have to download and install it anew.) Moreover, PC World speculates that the quick fix does not address all the holes that let spyware in. |
Multumesc pentru raspunsuri!
AdAware l-am descarcat si eu si mi-a gasit fro 130 de fisiere de-alea ciudate. Le-am sters. Sper ca o sa fie ok de acuma inainte!
Foloseste si Spybot si Pest control, ca sa fi mai sigur.
Si nu uita de Spyware Blaster.
bazac wrote:
QUOTE |
Foloseste si Spybot si Pest control... |
bazac wrote:
QUOTE |
poate cineva sa-mi spuna de ce Pest Patrol nu sterge trojan-ul Twain-Tech pe care l-a gasit in computerul meu? |
Pest Patrol tocmai imi spune ca am achizitionat un adware cu numele “Unknown Trojan” (?!) I-auzi nume la asta!
Link-ul vis-à-vis de info despre respectivul in cauza, zice ca Pest Patrol este capabil sa-l DETECTEZE si sa-l STEARGA.
Deci nu prea imi fac probleme. Oricum ma intreb oare cum l-oi fi achizitionat.
Anyway, citind in respectiva http://pestpatrol.com/PestInfo/u/unknown_trojan.asp, la Manual Removal zice:
“Follow these steps to remove Unknown Trojan from your machine.
Begin by
· backing up your registry and
· your system, and/or
· setting a Restore Point, to prevent trouble if you make a mistake.”
E cineva asa de bun sa disece respectivele operatii step-by-step, si sa explice DE CE sunt necesare. Aaa, stiu, mai sus zice ca sa eviti probleme in caz ca fac vre-o greseala. Intrebarea e CE FEL de greseli as putea face?
Ah, si inca o intrebare: Ad-Aware SE zice ca am 45 “neglijable objects” Sa le sterg sau nu? Ceva de genul
* Type: MRU List,
* Description: list of recent programs….
* Location: HKEY_USERS-1-5-21-802162358-…-microsoft\search assistant\acmru.
Nu stiu alti cum sunt dar eu cand vad HKEY_USERS… De ce oi avea o teama – asa - transcedentala la chestia asta, zau nu stiu. O fi o aplicare a proverbului: “cin' se arde cu supa fierbinte sufla si-n iaurt” Ca nici nu vreau sa-mi amintesc cand a dat spyware in mine. Habar n-ai ce fancy e sa te uiti la un ecran negru.
http://www.adwarereport.com/mt/archives/000004.html
Top 5:
http://www.aluriasoftware.com/homeproducts/spyware/
http://www.webroot.com/land/spysweeperb.php?rc=993
http://www.pestpatrol.com/
http://esd.element5.com/product.html?productid=511866&languageid=1&affiliateid=78407
http://www.safer-networking.org/en/index.html
Eu folosesc: Spyware Stormer.
TriRegnum wrote:
QUOTE |
Eu folosesc: Spyware Stormer. |
QUOTE |
Eu folosesc: Spyware Stormer. |
L-am dezinstalat...imi pun acum Spybot 1.3
TriRegnum wrote:
QUOTE |
L-am dezinstalat. |
QUOTE |
imi pun acum Spybot 1.3 |
QUOTE (bazac @ 28 Sep 2004, 06:22 PM) |
Eu NU folosesc Spyware Stormer, NU il voi folosi niciodata, si sugerez forumistilor sa NU il foloseasca. |
bazac wrote:
QUOTE |
Eu NU folosesc Spyware Stormer, NU il voi folosi niciodata, si sugerez forumistilor sa NU il foloseasca. |
QUOTE |
Nu stiu de ce va stresati. |
QUOTE |
AdAware mi se pare cel mai adevarat din cate am incercat |
QUOTE |
si credeti-ma ca le-am incercat pe toate |
Da, doar Spybot S&D 1.3, trebuie mai multe? Stormer imi gasea mereu cate ceva, acesta le-a gasit o data si le-a curatat, acum nu mai apar. (ma enervez si revin la Linux ca e mai sigur)
QUOTE (bazac @ 29 Sep 2004, 07:31 PM) |
Eh, da-mi voie sa ma indoiesc ca le-ai incercat pe toate http://www.adwarereport.com/mt/archives/000007.html. |
TriRegnum wrote:
QUOTE |
imi pun acum Spybot 1.3 |
QUOTE |
DOAR Spybot S&D? |
QUOTE |
Da, doar Spybot S&D 1.3, trebuie mai multe? |
QUOTE |
Da, doar Spybot S&D 1.3, trebuie mai multe? |
QUOTE |
Stormer imi gasea mereu cate ceva, |
QUOTE |
ma enervez si revin la Linux ca e mai sigur |
bazac wrote:
QUOTE |
Google – monstrul – are 4 milioane de pagini Web indexate, alti au 1 alti 2 arareori 3 milioane de pagini indexate. |
Va recomand sa cititi urmatoarele articole:
http://www.pcworld.com/news/article/0,aid,118069,00.asp si
http://www.pcworld.com/news/article/0,aid,117908,00.asp, ambele aparute in PC World..
Poate se termina odata pentru totdeauna cu porcaria asta ce se numeste spyware.
Numai cei care nu au vazut ecranul monitorului NEGRU - dupa un atac al spyware - nu stiu ce e aia spyware.
In aceiasi ordine de idei va mai recomand sa cititi
http://www.virtualchase.com/tvcalert/oct04/5oct04.html#pcrisks aparut in excelentul TVC Alert (The Virtual Chase) a lui Genie Tyburski.
Asta ca sa vedeti cat de habarnisti sunt utilizatorii de computere vis-à-vis de teribilele pericolele ce-i paste la tot pasul.
Un articol interesant ce analizeaza McAfee Personal Firewall Plus 6.0 si Norton Personal Firewall 2005.
http://www.pcmag.com/print_article/0,1761,a=136342,00.asp
Conform lui
http://www.spywareinfo.com/newsletter/archives/1104/24.php#hacked
http://www.spywareinfo.com/newsletter/archives/1104/24.php#hacked
QUOTE |
Security researchers are warning of a new method of installing unwanted parasitic software onto the computers of unsuspecting victims who use Microsoft Internet Explorer (MSIE). |
QUOTE |
Any of the following parasitic software may be installed on the victim's computer: 180solutions BlazeFind BookedSpace BullsEye Networks CashBack (Bargain Buddy) ClickSpring CoolWebSearch DyFuca Hoost IBIS Toolbar Internet Optimizer ISTbar Power Scan SideFind TIB Browser WebRebates (TopMoxie) WhenU (VVSN) Window AdControl WindUpdates YourSiteBar The installers for each of these have been modified to make them harder to detect with antivirus and antispyware software. |
QUOTE |
am pus si un Firewall de nu imi intra nici dracu pe comp |
http://www.flexbeta.net/main/printarticle.php?id=84
QUOTE |
Though still in beta, Microsoft AntiSpyware was able to detect more infected files than the current leading anti-spyware applications in the market today, Ad-Aware and SpyBot S&D. AntiSpyware’s user interface is better looking than both SpyBot and Ad-Aware, not to mention much easier to use than SpyBot. Though Microsoft AntiSpyware was able to use better detection than both Ad-Aware and SpyBot, there is still the difference of cost between the three. Ad-Aware and SpyBot offer great performance for free, yet when Microsoft debuts its AntiSpyware application, it will require a subscription fee. Is Microsoft AntiSpyware really worth the subscription fee when there are currently good spyware removal applications out there that will do it for free? My answer to that question would be, if you can afford the fee, it is absolutely worth it; however, if you chose to use Microsoft AntiSpyware as your spyware removal tool, you will still need to run other tools such as Ad-Aware and SpyBot. |
Tehnic:Invision Power Board (http://www.invisionboard.com)
© Invision Power Services (http://www.invisionpower.com)