How are they infecting my PC!
Results 1 to 9 of 9

Thread: How are they infecting my PC!

  1. #1
    Junior Member
    Join Date
    Oct 2005
    Posts
    4

    How are they infecting my PC!

    Hi

    I understand the basic's of how some spyware works.

    e.g: Using ActiveX controls on a web page, that prompt the user to install it and then the ActiveX control proceeds to download applications which it then launch's, infecting you computer.

    Can anyone tell me or point me to a website that explains exactly how this is done.

    Also i have visited some sites that still manage to download DLL's and executables onto my hard disk with out my consent, even with ActiveX blocked and spyware running, although my anti spyware does detected it and delete it.

    Are these [insert vulgar name] using known IE exploits and what are they? I would like to have a good understanding of exactly how they are doing this!

    I'd appreciate any help.

    Thanks

    DrGonzo

  2. #2
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    How bout a firewall???

    You got one of those?

    What kinda sites are we talking about that downloads exes with out your consent??

    Maybe you should review your surfing\clicking habits...

    Also you could try another browser ??/

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  3. #3
    Banned
    Join Date
    Apr 2003
    Posts
    1,147
    Generally, there is something in your configuration or setup (in IE or Windows) that allows the infections to continue to come down without your authorization. You can find some of the problem in IE by selecting Tools, Manage Add-ons and looking over the list of add-ons installed and being used by IE. You may have removed some things via spyware and AV software, but there are ActiveX or Java add-ons that may have been missed or not recognized as nasties and are still active and working in your browser.

    The other place to look is in the registry. HiJackThis is a very good tool for examining harmful things still residing in your system after scanning by AV and spyware tools. Another tool for seeing what is currently running on your system is ProcessExplorer (www.sysinternals.com). It is a free download and will give you a good look at processes that are running and what is controlling them.

    That is "how" they do it, by slipping other things past you, past the AV and past the spyware to continue infecting and controlling.

    As morganlefay points out, once you clean your system, a good personal firewall (and a hardware firewall on your DSL or cable modem if you have one) are helpful in keeping the system from being re-infected. Constant vigilance is the price we pay for an open internet.

  4. #4
    The ******* Shadow dalek's Avatar
    Join Date
    Sep 2005
    Posts
    1,564
    This is a good read for explaining how you got infected in the first place.Infected How?

    Understanding the Active X settings http://www.alexandermagazine.com/bab...24explorer.htm

    Get Spywareblaster

    and Spywareguard
    PC Registered user # 2,336,789,457...

    "When the water reaches the upper level, follow the rats."
    Claude Swanson

  5. #5
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    One reason that the malware is able to run without your consent is if you don't update your system on a regular basis. You should run windows update.

    As for how it's done... That depends on the malware in perticular. Most anti-spyware/anti-virus sites have information on what the malware does and how it infects your machine.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  6. #6
    Member
    Join Date
    Dec 2004
    Posts
    48
    Create a limited account that doesn't have run/install privelages. Use that for browsing the net.

    As for the "how it's done part" I think you have enough resources in this thread to get you started

    Cheers
    Blankety Blank Blank Blank!

  7. #7
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Originally posted here by morganlefay
    <snip>

    Maybe you should review your surfing\clicking habits...

    <snip>
    Stop. Think. Click.

    Not just a catchy phrase...

    LMAO @ MLF

    Awesome.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  8. #8
    Banned
    Join Date
    Apr 2003
    Posts
    1,147
    Originally posted here by zencoder
    Stop. Think. Click.

    Not just a catchy phrase...

    LMAO @ MLF

    Awesome.
    Actually, this is a pretty good site to send newbies and others to. At least now they don't require that you download questionable ActiveX and Flash updates to view the site.

  9. #9
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Stop. Think. Click.
    That is an excellent link.....I printed it and put it in the staff room here. Great for users....newbies etc.

    Actually the users here are pretty savy.....it one of my other sites that needs a slap upside the head.

    Running an older server suite...have just convinced them to upgrade finally

    Norton live updates...as we all know can be slow unless you manually download the updates.

    Anyway...2 weeks ago..receptionist recieves a pricelist.exe via email...trys to open...she gets some pop up...no pricelist...go figure...

    So..she sends it out to a couple of other people in the office...to see if they can open it.

    My kids know better than that!!!!! and they are 11 (twins)

    The new mailserver...will stop exes dead!!! (and other file types)

    Wont even see the client.....

    I might miss the extra cash.....but not the grey hairs!

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •