one for the computer security experts

Discussion in 'Off Topic [BG]' started by nonsqtr, Jul 17, 2004.

  1. nonsqtr

    nonsqtr The emperor has no clothes!

    Aug 29, 2003
    Burbank CA USA
    "Hijack This" saves the day!

    Okay, so I'm surfing, looking for a picture of Nina Hagen (in one of her more aggressive attitudes). Suddenly, wierd things start happening. Gazillions of popups all over the place. My "Zone Alarm" goes nuts. Several programs I've never seen before are trying to get out to the Internet.

    Sure 'nuff, I look in my registry in the HKLM...\Run and I see new stuff that wasn't there before. Oh oh. I clean everything up, delete the files that are being referenced, and reset my IE security to "high". I'm pretty sure I have everything fixed.

    But NO! Every five or ten browser flips, I get a popup ad. It looks legit, like University of Phoenix and that kind of stuff. But still, I'm worried. I immediately run "Hijack This" to see what I may have missed. Oh boy. There are 14 entries I can't account for. 13 of them are dated today. Anyway, to make a long story short, "Hijack This" is a wonderful thing.

    My question is, how can I keep this browser hijacking stuff from happening in the first place? Will an ordinary popup blocker stop it? Is there any way to tell when someone's trying to download a .exe into my machine?
  2. Toasted


    May 26, 2003
    Leeds, UK
    Popup blockers just stop the symptom.

    You've picked up the .exe's via unauthed activeX controls.

    Set your activeX controller in IE to "F*** off" (thats a techincal term)

    Althernatively, since you seem to be relatively competent with ICT i reccomennd knocking IE on the head totally and going with a mozilla browser like Firefox, or Opera (both avaiable free!!)
  3. dave_clark69

    dave_clark69 Guest

    Jan 17, 2003
    Exactly what i was going to say. I recomend mozilla firefox. I love it because it is tabbed browsing, so it saves space on your raskbar. Also there is a search bar bit at the top where you can add search engines. Also, buy Ad Aware then turn the auto protect thing on
  4. You probably don't need a third opinion telling you to use Firefox, but here it is anyway.

    Use Firefox. It has a smaller memory footprint, better standards support, more extensibility, built in pop-up blocker and it offers tabbed browsing to boot. And it doesn't use ActiveX. Hackers pray to Bill Gates at night telling him to put things like ActiveX in every piece of software his bloated, horrible company releases.

  5. nonsqtr

    nonsqtr The emperor has no clothes!

    Aug 29, 2003
    Burbank CA USA
    Wow, thanks guys. Here's a couple of questions. I'm currently using IE6. I seem to recall that somewhere in the security tab there was something about allowing signed and unsigned ActiveX controls, that kind of thing. But, I can't seem to find that anymore. Was that only in IE5? There's nothing in my "Advanced" tab that says anything about ActiveX controls. And, where can I get FireFox?
  6. It's in 6 to. Probably just got moved on you. In either event, just go to Tools > Internet Options > Security Tab on that Window > Make sure the Internet Globe is highlighted > Click on "Custom Level" and in there you can set the access permissions on the Active X controls.

    Personally, I thought it was great in Linux, but the Windows version just felt wrong to me. Haven't tried it since 0.7, though.
  7. Petebass


    Dec 22, 2002
    QLD Australia
    Great thread. I'm having similar trouble on my PC lately and I'm going to put all this good info to use. Thanks guys.
  8. Coma-Toast


    Apr 9, 2004
    N E Texas
    Here's a link to a great piece of software called Spyblaster, It blocks spyware from downloading in the first place. It's easy to use too. I likey.
  9. Petebass


    Dec 22, 2002
    QLD Australia
    Hey that seems to work. I did a little experiment. I used Adaware to clean out my registry.

    Then I spent some time opening and closing a whole bunch of websites from my favourites list, clicking on links and generally giving my cable modem a workout. I did another adaware scan - 8 objects found!

    Then I activated Spyblaster and did the same exercise - 0 Objects found! SUCCESS!

    Is it just me is is this the product they should have invented in the first place?
  10. Petebass


    Dec 22, 2002
    QLD Australia
    Guys can I re-hash this thread for a moment?

    Firefox is working well. But I have a small problem. I recieve an email notification (MS Outlook) when a TB thread has been updated, which contains a link to the thread. When I click on it, it opens the thread twice is 2 seperate Firefox browsers. Why is that happeneing and how do I fix it?
  11. jive1

    jive1 Moderator Staff Member Supporting Member Commercial User

    Jan 16, 2003
    Owner/Retailer: Jive Sound
    It's not just Active-X controls. The Microsoft Java Virtual Machine has vulnerabilities that let people put code onto your computer. Remove the Microsoft Virtual Java Machine. You can go to and find the information on how to do it. Replace it with Sun Java runtime, and you'll be in better shape.

    There are other things to keep in mind as well:

    Turn off the preview window in Outlook - that may allow malicious code to be run within your e-mail client. The preview window is basically a browser.

    Take a look at your cookies. Sometimes there are cookies on your computer that are used to send info to other places, or to instigate an action like opening a pop up window.

    If you are using Windows, open up task manager and see what programs are running. If you see something suspicious, do a search and see what you can find about specific filenames, and see what they do or if they are malicious.

    Some AntiVirus programs will sniff out annoying programs, as well as Viruses.
  12. Tom Crofts

    Tom Crofts

    Mar 15, 2001
    Don't double-click ;)


    I'm sorry.