Hi Wilhelm.
I know pretty much why all of these things you mentioned work the way they do
but I will not go into that here. What you have is a particularly nasty flavor
of spyware, that has several processes that checks up on the other bits of
itself to make sure you don't do exactly what you are doing. When they detect
that you are attempting to remove the other pieces they simply restore them.
There are a couple of approaches I could recommend, but none of them are
guaranteed to succeed, at least not completely. Once you get a bug like this,
only a wipe (including deleting the partition and creating a new one) and
reinstall of the OS is going to guarantee success.
If you take that approach, let me make a few suggestions:
1. Buy and have ready a good Antivirus/antispyware package to install
IMMEDIATELY as soon as your new OS boots
2. Install XP sp2 or higher (avoid Vista just because it sucks, Win 7 is great)
to make sure the Windows Firewall is on by default. If you do not have these,
as many old restore disks will not, then do not connect to ANY internet
connection until you have enabled the Windows firewall and installed the AV
package as described above.
3. At this point you *should* be safe enough to connect to the internet and
download and install ALL the Windows Updates you find. This process can take 3
to 5 passes. Be patient. Do not give up. Your computer needs to be fully
patched before you do anything else.
4. Several things to keep in mind after you are up and running:
a. Stay away from questionable sites. I don't need to elaborate.
Organized Crime pays good programmers to develop undetectable bugs.
b. Never EVER click a link in an Email, no matter WHO sends you the
email. Spam software can make an email look like it came from anyone.
c. NEVER install software that you haven't paid money for. Nothing is
free. NOTHING.
d. Turn off the preview pane in your email, at least until you have
trained your spam blocker about what is crap and what is not.
e. Use a non-administrator account as much as possible. Yes it's a
pain, but you've done half the hackers work for them by using an admin account.
f. NEVER let anyone you do not trust implicitly, use (and especially
"fix") your computer with the admin account. This includes your wife, kids and
family pet. Especially not the kids. More compromises happen because an
unwitting friend installs bad software to "fix" an ailing computer, than I can
tell you about.
That about sums it up. If all that seems unreasonable, I would suggest looking
into the Apple OS X. Nothing is perfect, but real exploits for this OS are very
rare, and there are none I know about presently that a fully patched OS can be
compromised by. I am an IT pro and I have to live and work in both worlds. Most
of my time is spent fixing and protecting the Windows side of things.
Bob
On Apr 15, 2010, at 1:44 PM, Wilhelm Sanke wrote:
> The subject of this thread - which was started by me - sounds somewhat harsh
> and unfair, but the ongoing story of annoying popups of phony messages
> transported by the Microsoft Internet Explorer - without having been launched
> by me in each case - reminds me of the fight between Microsoft and the EU -
> the European Union - about forcing Microsoft to deliver a Windows platform
> that is not necessarily tied to an embedded Internet Explorer. At the moment
> I am not fully clear about the outcome of the fight. I remember that
> Microsoft should pay an amount of several million dollars, but I do not know,
> whether they have paid this sum and at the same time have changed their
> strategy.
> <snip>
_______________________________________________
use-revolution mailing list
use-revolution@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
