Gnutella Forums  

Go Back   Gnutella Forums > Current Gnutella Client Forums > LimeWire+WireShare (Cross-platform) > Open Discussion topics
Register FAQ The Twelve Commandments Members List Calendar Arcade Find the Best VPN Today's Posts

Open Discussion topics Discuss the time of day, whatever you want to. This is the hangout area. If you have LimeWire problems, post them here too.


Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old August 29th, 2005
Sgt Sgt is offline
Gnutella Muse
 
Join Date: August 24th, 2005
Location: Not Where I'd Liked To
Posts: 225
Sgt is flying high
Angry HIT By spyware While Browsing Forums

Hi Guys

Just wanted to warn you was hit by spyware called

Myway Search Assistant, while browsing the forum, the only way I knew straight away was when BHODemon warned me a browser helper object was installing into Internet Explorer

Here's The Report

HODemon 2.0.0.23 Report File:
C:\Program Files\BHODemon 2\__BHODemonReport_0912165a43ed892d4397cb40fa2507a b_20050829_133912_18753.txt

Legal Copyright: Copyright © 2003
Desc: MyWay Search Assistant
ReportsCount: 422
Clsid: {04079851-5845-4dea-848C-3ECD647AA554}
DLL Path: C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL
Last Load Time: 29/08/2005 12:28:59
Blocked Load Attempts: 0
Modified Date: Wednesday, August 24, 2005 16:46:35
Created Date: Wednesday, August 24, 2005 16:46:35
Load Attempts: 210
Product Name: My Way Search Assistant for Internet Explorer
Product Version: 1, 0, 0, 8
Original Filename: mySrchAs.DLL
File Description: My Way Search Assistant
Company Name: My Way
URL: http://www.doxdesk.com/parasite/MySearch.html
Enabled?: Yes
Internal Name: mySrchAs
Size (bytes): 98,304
EnabledCount: 175
MD5 Checksum: 0912165a43ed892d4397cb40fa2507ab
Comments:
Status: Malware

Funny ZA secutity suite Should have stopped it in it's tracks (didn't)

Adaware couldn't even find it when run

ZA Found it after running the spyware scan (but didn't find all of it)

Ran Spybot
http://www.safer-networking.org/en/index.html

Which Destroyed it

Didn't get it anywhere else was only surfing The forums at the
time And Also Uploading


Running Za Security Suite
Peer Gaurdian 2
Adawre resident Guard

Really p***** me of about these B*******



Sgt

Last edited by Sgt; August 29th, 2005 at 09:05 AM.
Reply With Quote
  #2 (permalink)  
Old August 29th, 2005
Valued Member
 
Join Date: May 30th, 2004
Location: United Kingdom
Posts: 2,866
ukbobboy01 will become famous soon enough
Default Attacks while in this forum

Sgt

I am not surprised, I have been attacked with a possible Trojan before while browsing this forum and, believe it or not, I was just now attacked again. But, like you, I have a firewall in place, Norton Internet Security 2005 which contains NAV 2005 and NPF 2005.

You say you have Zone Alarm Security Suite, which I understand is a good product, but did you configure the firewall for maximum security. I have found that the default "out of the box" configurations are, in most cases, not enough to protect a surfing PC.

A few years back, when I was using dial-up and only using an AV, I was looking at a fan site (Willow from Buffy) when I got hit by various things designed to take over my PC. Since then I have always reconfigured my AV and PF for maximum security.

Although these maximum settings makes surfing more difficult I feel that the extra security outweighs the inconvenience.




UK Bob

PS. SpywareBlaster & SpywareGuard are additional (free) security software that will help against browser hijackers.
Reply With Quote
  #3 (permalink)  
Old August 29th, 2005
Gnutella Jewel
 
Join Date: October 22nd, 2004
Posts: 75
BeerBottleBill is flying high
Default

I have noticed pop-ups when broswing members forum profiles for yucky web sites either ads for products or pornography so I stopped looking am forum profiles for now
Reply With Quote
  #4 (permalink)  
Old August 29th, 2005
et voilà's Avatar
+Modérateur à ses heures+
 
Join Date: July 26th, 2002
Location: Le Québec
Posts: 2,904
et voilà is a great assister to others; your light through the dark tunnel
Default

Does it happen on firefox too? Or only IE? I never got trouble on mac (of course ) and on win xp and firefox.

Ciao
Reply With Quote
  #5 (permalink)  
Old August 29th, 2005
Sgt Sgt is offline
Gnutella Muse
 
Join Date: August 24th, 2005
Location: Not Where I'd Liked To
Posts: 225
Sgt is flying high
Default

Hi Guys

Yes I did the firewall is set to maximum settings

all the spyware blockers were on.

I also have a program that tells me if my startup setup has been added to ie to stop unautherised programs starting

The only way i knew was when BHOdemon informed me about the browser helper object being added to Internet explorer

I think it was when I was accessing a question to get back a
.dat file (it was when I was informed of the malware)

http://www.gnutellaforums.com/showth...threadid=44244

I Have Spywareblaster as well, it runs all the time

Sgt

Last edited by Sgt; August 29th, 2005 at 05:45 PM.
Reply With Quote
  #6 (permalink)  
Old August 29th, 2005
Sgt Sgt is offline
Gnutella Muse
 
Join Date: August 24th, 2005
Location: Not Where I'd Liked To
Posts: 225
Sgt is flying high
Default

Hi et voilà

I Only ever use IE at the moment

i'm trying new browsers just now, but always seem to get hassle from Windows xp Pro Sp2

This OS really gets annoying sometimes

Sgt
Reply With Quote
  #7 (permalink)  
Old August 29th, 2005
Sgt Sgt is offline
Gnutella Muse
 
Join Date: August 24th, 2005
Location: Not Where I'd Liked To
Posts: 225
Sgt is flying high
Default

Hi Dagam3

Your right about the OS

Plug n Play (When)

Easy To Install Software Into (Not found it yet)

Easy to update drivers (Not when their new)

Much More slows to crawl when asked to do over 2 tasks

Getting Hardware installed (Not always, even with whql drivers)

Printers (Nightmare)



Sgt
Reply With Quote
  #8 (permalink)  
Old August 29th, 2005
u2btrfly's Avatar
Gnutella Admirer
 
Join Date: July 20th, 2005
Location: FL
Posts: 71
u2btrfly is flying high
Wink

I don't want to belabor a subject, but ever since I've put Firefox in as a browser, I have had little or no problems with spyware, cookies, viruses, and the like. What I have heard, and I think it was from this forum, is that Microsoft XP, I think it's starting in February, will not allow another browser but IE. You've got to be pissed when you hear that. Luckily or unluckily, I'm on Windows 98SE, which they will no longer support as of next July. Having the Firefox just seemed a better and more worry-free solution.

I run AdAware, PeerGuardian, and AVG. That's about all for now. So, give it a thought.

An afterthought, I'm thinking real seriously about Linux PCLinuxOS.
Reply With Quote
  #9 (permalink)  
Old August 29th, 2005
Dagam3's Avatar
Gnutella Muse
 
Join Date: August 19th, 2005
Location: Eastern Europe
Posts: 217
Dagam3 is flying high
Default

I think et voilà is an XP fan


and not all my messages were malitios...

Reply With Quote
  #10 (permalink)  
Old August 30th, 2005
Valued Member
 
Join Date: May 30th, 2004
Location: United Kingdom
Posts: 2,866
ukbobboy01 will become famous soon enough
Default BHO Demon

Hi Sgt

I think you have the right idea installing BHODemon, I have just downloaded a copy and emailed it to my home PC, and I will install it as soon as I get home.

It's strange that a piece of rubbish got through your defences but, I guess, nothing is infallible.

Although I am not familiar with Zone Alarm, I now use Norton Personal Firewall 2005, it could be that there is something you may have missed when you configured your firewall for maximum protection. The sure way to test your firewall is go to GRC’s shields up web site and do a full stealth test.

http://www.grc.com/default.htm

This will tell you if any of your PC ports are open and so vulnerable to attack, which could have been the way that piece of rubbish got in. However, if you find any ports open you will have to re-visit your firewall’s configuration and/or get a utility that will close/stealth specific ports.

When I had NPF 2003 I found that no matter what configuration I used I could not stealth or close all my PC's ports. Until I got the UnPlug n' Play utility from GRC, once installed it closed port 5000 which immediately allowed my firewall to stealth that and all remaining open and closed ports. That meant that all my 65,535 PC software ports were from that point on perfectly stealthed.




UK Bob
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
The new forums Only A Hobo General Discussion 5 October 22nd, 2006 06:06 PM
forums james007 BearShare Open Discussion 8 July 18th, 2005 02:00 AM
Hello Im New To the forums SSJGOKU Open Discussion topics 2 August 2nd, 2003 11:52 AM
Do these forums help you? if so....................... Jack Open Discussion topics 2 April 25th, 2003 07:39 PM


All times are GMT -7. The time now is 08:12 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 ©2011, Crawlability, Inc.

Copyright © 2020 Gnutella Forums.
All Rights Reserved.