HIT By spyware While Browsing Forums
 

Hi Guys

Just wanted to warn you was hit by spyware called

Myway Search Assistant, while browsing the forum, the only way I knew straight away was when BHODemon warned me a browser helper object was installing into Internet Explorer

Here's The Report

HODemon 2.0.0.23 Report File:
C:\Program Files\BHODemon 2\__BHODemonReport_0912165a43ed892d4397cb40fa2507a b_20050829_133912_18753.txt

Legal Copyright: Copyright © 2003
Desc: MyWay Search Assistant
ReportsCount: 422
Clsid: {04079851-5845-4dea-848C-3ECD647AA554}
DLL Path: C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL
Last Load Time: 29/08/2005 12:28:59
Blocked Load Attempts: 0
Modified Date: Wednesday, August 24, 2005 16:46:35
Created Date: Wednesday, August 24, 2005 16:46:35
Load Attempts: 210
Product Name: My Way Search Assistant for Internet Explorer
Product Version: 1, 0, 0, 8
Original Filename: mySrchAs.DLL
File Description: My Way Search Assistant
Company Name: My Way
URL: http://www.doxdesk.com/parasite/MySearch.html
Enabled?: Yes
Internal Name: mySrchAs
Size (bytes): 98,304
EnabledCount: 175
MD5 Checksum: 0912165a43ed892d4397cb40fa2507ab
Comments:
Status: Malware

Funny ZA secutity suite Should have stopped it in it's tracks (didn't)

Adaware couldn't even find it when run

ZA Found it after running the spyware scan (but didn't find all of it)

Ran Spybot
http://www.safer-networking.org/en/index.html

Which Destroyed it

Didn't get it anywhere else was only surfing The forums at the
time And Also Uploading


Running Za Security Suite
Peer Gaurdian 2
Adawre resident Guard

Really p***** me of about these B*******

:mad: :mad: :mad:

Sgt

Attacks while in this forum
 

Sgt

I am not surprised, I have been attacked with a possible Trojan before while browsing this forum and, believe it or not, I was just now attacked again. But, like you, I have a firewall in place, Norton Internet Security 2005 which contains NAV 2005 and NPF 2005.

You say you have Zone Alarm Security Suite, which I understand is a good product, but did you configure the firewall for maximum security. I have found that the default "out of the box" configurations are, in most cases, not enough to protect a surfing PC.

A few years back, when I was using dial-up and only using an AV, I was looking at a fan site (Willow from Buffy) when I got hit by various things designed to take over my PC. Since then I have always reconfigured my AV and PF for maximum security.

Although these maximum settings makes surfing more difficult I feel that the extra security outweighs the inconvenience.




UK Bob

PS. SpywareBlaster & SpywareGuard are additional (free) security software that will help against browser hijackers.

I have noticed pop-ups when broswing members forum profiles for yucky web sites either ads for products or pornography so I stopped looking am forum profiles for now

Does it happen on firefox too? Or only IE? I never got trouble on mac (of course ;) ) and on win xp and firefox.

Ciao

Hi Guys

Yes I did the firewall is set to maximum settings

all the spyware blockers were on.

I also have a program that tells me if my startup setup has been added to ie to stop unautherised programs starting

The only way i knew was when BHOdemon informed me about the browser helper object being added to Internet explorer

I think it was when I was accessing a question to get back a
.dat file (it was when I was informed of the malware)

http://www.gnutellaforums.com/showth...threadid=44244

I Have Spywareblaster as well, it runs all the time

Sgt

Hi et voilà

I Only ever use IE at the moment

i'm trying new browsers just now, but always seem to get hassle from Windows xp Pro Sp2

This OS really gets annoying sometimes

Sgt

Hi Dagam3

Your right about the OS

Plug n Play (When) :confused:

Easy To Install Software Into (Not found it yet) :confused:

Easy to update drivers (Not when their new) :confused:

Much More slows to crawl when asked to do over 2 tasks

Getting Hardware installed (Not always, even with whql drivers)

Printers (Nightmare)

:rolleyes:

Sgt

I don't want to belabor a subject, but ever since I've put Firefox in as a browser, I have had little or no problems with spyware, cookies, viruses, and the like. What I have heard, and I think it was from this forum, is that Microsoft XP, I think it's starting in February, will not allow another browser but IE. You've got to be pissed when you hear that. Luckily or unluckily, I'm on Windows 98SE, which they will no longer support as of next July. Having the Firefox just seemed a better and more worry-free solution.

I run AdAware, PeerGuardian, and AVG. That's about all for now. So, give it a thought.

An afterthought, I'm thinking real seriously about Linux PCLinuxOS.

I think et voilà is an XP fan :rolleyes:
:D :D :D

and not all my messages were malitios...:(

:D :D

BHO Demon
 

Hi Sgt

I think you have the right idea installing BHODemon, I have just downloaded a copy and emailed it to my home PC, and I will install it as soon as I get home.

It's strange that a piece of rubbish got through your defences but, I guess, nothing is infallible.

Although I am not familiar with Zone Alarm, I now use Norton Personal Firewall 2005, it could be that there is something you may have missed when you configured your firewall for maximum protection. The sure way to test your firewall is go to GRC’s shields up web site and do a full stealth test.

http://www.grc.com/default.htm

This will tell you if any of your PC ports are open and so vulnerable to attack, which could have been the way that piece of rubbish got in. However, if you find any ports open you will have to re-visit your firewall’s configuration and/or get a utility that will close/stealth specific ports.

When I had NPF 2003 I found that no matter what configuration I used I could not stealth or close all my PC's ports. Until I got the UnPlug n' Play utility from GRC, once installed it closed port 5000 which immediately allowed my firewall to stealth that and all remaining open and closed ports. That meant that all my 65,535 PC software ports were from that point on perfectly stealthed.




UK Bob