SCOUG-HELP Mailing List Archives

<< Previous Message <<

Date:	Tue, 17 Feb 2004 23:52:04 PST8
From:	"Dr. Jeffrey Race" <jrace@attglobal.net >
Reply-To:	scoug-help@scoug.com
To:	< "scoug-help@scoug.com" > scoug-help@scoug.com >
Subject:	SCOUG-Help: Spyware

Content Type: text/plain

=====================================================
If you are responding to someone asking for help who
may not be a member of this list, be sure to use the
REPLY TO ALL feature of your email program.
=====================================================

On Tue, 17 Feb 2004 23:27:28 PST8, jack.huffman@worldnet.att.net wrote:

>I just got a Mozilla window from an Enigma Software Group saying someone
>could install software on my box and keep track of everything I do. They
>offer a free program, spyhunters.exe (which works only with Windoze), to
>search for such programs that could provide info on Explorer use. The
>company calls these programs spyware and says they are undetectable by
>anti-virus software.
>
>Has anybody ever heard of spyware? Is it a problem? If so, how does one
>check for it with OS/2 and Mozilla?

From a post I just made to another group (applies to Win98; apply to
OS/2 mutatis mutandis):

----------------------------------------------------------------------------

From: "Dr. Jeffrey Race"
To: "Thinkpad Users Group"
Date: Mon, 16 Feb 2004 09:08:57 +0700
Subject: [Thinkpad] Report on results of malware detectors

Further to my previous messages, I have now some important news for
Windows sufferers, from an ideal test case: TP600E naively operated
by my somewhat clueful 12-year-old daughter. We began to see a lot
of strange behavior (by the computer, that is; hers is about to come).

Installed Adaware
Adaware detected 122 items, claimed to kill them all
(incl LOP, Peopleonpeople)

Reboot, operate a while, many nasties still there (esp. APROPOS).

Installed Bazooka from <http://www.kephyr.com/>
Bazooka detects Aprops, GMSoft porn dialer, Hotbar
Hotbar hostie, ISTBar
Long struggle with many reboots.
ufezemlmast, suregrim (deadcopy) and autoupdate, envolo keep returning
Go to safe mode remove surfgrim, timesink, sbnet/showbehind and other
locked executables

Rerun adaware
finds 39 registry keys
4 registry values
6 files
apropos malware, bonzibuddy, claria, hotbar dataminer

Install spybot 1.2e
Detects 11 problems, fixed

Now regclean on reboot shows no nasties reappearing.

Note that it was necessary to run all 3 malware killers [plus regclean
multiple times] and even this did not suffice. A lot of manual
intervention and addled-brainpower was still necessary.

Jeffrey Race, today in Bangkok Thailand
----------------------------------------
USA tieline (rings at Bangkok residence)
TIME ZONE GMT +7
-------------+1 617 395-4111------------

Tel +66 2 291-2235 Fax +66 2 688-4540
Tel +66 6 709-7645 (mobile -- 24 hours)
Tel +66 6 563-5682 (mobile -- odd times)

ADVENTURES IN THAI JUSTICE
Cautionary real-life case studies for
potential investors or visitors

<http://pws.prserv.net/studies/>

=====================================================

To unsubscribe from this list, send an email message
to "steward@scoug.com". In the body of the message,
put the command "unsubscribe scoug-help".

For problems, contact the list owner at
"rollin@scoug.com".

=====================================================

Return to [ 17 | February | 2004 ]

SCOUG, Warp Expo West, and Warpfest are trademarks of the Southern California OS/2 User Group. OS/2, Workplace Shell, and IBM are registered trademarks of International Business Machines Corporation. All other trademarks remain the property of their respective owners.