October 21st, 2009 01:06 PM
The thing is probably an unwanted "Browser Helper Object" perhaps. Maybe, your web browser trusts it ...but not you.
Just install a good BHO disabling program like Bho Demon or Bho capture.
October 21st, 2009 07:42 PM
Next time try combofix. The newest version removes even the nastiest bug/root kits I have come across.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
October 22nd, 2009 07:43 AM
It got into three of my four browsers. I even uninstalled FF and reinstalled the newest version and it was there. I don't know what Chrome does differently but it didn't get to Chrome.
I appreciate the tips.
"Somehow saying I told you so just doesn't cover it" Will Smith in I, Robot
October 25th, 2009 05:38 AM
People say that... intil you write a perl script that causes problems for an estimated 30,000-50,000++ machines, most running linux.
Originally Posted by fourdc
Windows is built for toddlers and grandmothers. If you can't launch the policy editor and update a few adobe products then just accept that you know next to nothing about computers.
October 25th, 2009 07:01 AM
Yea because someone is MUCH more likely to open a Perl Script they can see the source for, or, if it's been shadowed or whatever, or they don't know Perl, the chance they'll run a Perl script as root, without knowing what it does, is so likely... ?
Originally Posted by The-Specialist
I've got a bunch of Linux and BSD boxes here, the only Perl scripts running are system scripts and mine, and I'm not sure I even know anyone who'd go "Oh wow, a .pl file on my machine, I should su and run it as root!" lol.
I know what you're getting at, and what you meant, but with Windows, an infection is a web page or in some cases a media file away. People and Linux and BSD boxes all need to TRY to get an infection. The back roads of the net probably do have thing a lot like 5 mile in Detroit where you're going to be "itching" your "ports" after doing something"fun" but... Ah hell the puns are making it to easy, you know what I mean
October 25th, 2009 05:29 PM
Under nobody you can still edit certian files and in some cases setup crone jobs. A windows guest account won't even give you write access to text files without editing the policy first. And exploits.... you can't even find exploits to escalate privileges under a windows install.
October 25th, 2009 08:59 PM
You need to escalate? Hmm, last 50 patches I installed said they were to stop someone from having complete control heh.
The average Linux and BSD user, have multiple accounts on their machines:
I have books going back to about 1999 and 2000 for Linux AND BSD, and they all talk about setting up the machine once it's installed. All of them mention you need to make a non root account for you to use. Windows on the other hand, you install and it logs in as admin as soon as the install is finished. A lot of people don't ever make another account, they use Admin accounts. and some even auto log in. So having admin logged in and no where does it say you should create another account that isn't admin. In other words, even if it doesn't let you do that, editing a text file as guest isn't a problem when most people leave only the default admin account on the machine to begin with.
Also, the nobody user, doesn't have as many real access points. And most of the stuff you install right now, like, for example, the newest version of BSD, isn't going to let "nobody" do much of anything. The idea behind the nobody account is a good one in my book.
Also, most Linux distros don't let the nobody account do too much either. I think I have seen some versions where nobody had access to certain system files, which is, as you said, a bad idea, but I don't think it takes but 5 minutes to fix that.
By jamicach in forum Newbie Security Questions
Last Post: August 10th, 2005, 12:54 PM
By mikem0327 in forum AntiOnline's General Chit Chat
Last Post: March 24th, 2004, 03:36 AM
By Spyrus in forum Microsoft Security Discussions
Last Post: September 12th, 2003, 08:02 AM
By Szafran in forum Miscellaneous Security Discussions
Last Post: September 7th, 2003, 09:41 PM
By E5C4P3 in forum Product / Book / Training / Conference Reviews
Last Post: March 3rd, 2002, 02:24 PM