Hi Duncan,
Though I do use NR, I don't use any of the versions you mention, so I can't
really say anything about those, sorry.
Best,
Soren
DSinc wrote:
Soren,
Could you share your thoughts about the suggested FF add-on 'No-Referer,
v1.3.2?'
I test is now on FF v3.6.17. It is not available for FF v4.0.1 yet.
I just have not been able to keep up with all the good/bad of HTML over the
past 10yrs.
Yes, I do use No-Script. Brian beat me into submission when I started
using FF some
years back..... :) (Brian, no harm, no foul..... LOL!)
Thanks,
Duncan
On 05/24/2011 02:06, Soren wrote:
Rootkit virus? Nice ;)
Assuming this is XP:
Check what's in your Run folder in the Registry (HKEY_LOCAL... etc.)
Also, check the Temp folders for Administrator and Windows, as well as
other user accounts. Erase the content of these
temp folders.
Next:
1. boot up a Knoppix distro (in this case the 5.3.1 DVD) with the
following commands at the boot prompt:
knoppix forensic noswap nodhcp noapm noacpi
2. mount your HHDs, and enable write access, as you progress
3. delete every single file that you can see within the folders System
Volume Information and Recycled, on every drive in your system. Then
delete these two folders, also. Don't worry, the O/S will rewrite
current System Volume Information and Recycled folders to sustitute.
4. unmount the mounted drives
5. reboot (remember to remove dvd), and rescan for malware... and
maybe do the same thing to the drives that you attach.
6. Get a cheap system (e.g. noiseless mini-ITX) for use as a
gateway/firewall. This will do you **very** good in the
long run.
7. As Christopher Fisk said, install the Secunia PSI - it's highly
recommended, and this util is worth gold, as it's
free for private users.
8. only use Firefox for internet browsing, and install and use the
NoScript, and the NoReferrer plug-ins.
Following the simple steps above should make your system immune to
about 97-99 pct. of the present and future internet
trash, if you remember to update everything involved, that is.
HTH
Soren
Winterlight wrote:
Somewhere in the last 24 hours I picked up the rootkit virus
TrojanDownloader:Win32.Mesmer.A . Just about every time I try to use
a link I get redirected somewhere else. I am running Security
Essentials and a scan did find and eliminate it but of course when I
rebooted it was back. I know rootkit viruses are difficult or
impossible to get rid of.
If I restore a clean Acronis image file of my OS partition, from
last month would that do it? Or should I spend the time trying to
kill it and if so what is the best way.. anybody have experience with
this?
Thanks.
