AntiSpyware

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Looking for freeware (on-access) antivirus scanner... Hi, i am working in a youth center (honorary) as a administrator and we are higly dependent on donations. Now we have seven pc's running with windows 2000 and open office, but the best is, that we have a internet connection. But as i said, we are dependent on donations and this is why we cant buy (expensive) antivirus software licenses. are there any (must be on-access for windows) scanners that are free for commercial use, because we are considered "commercial", but in fact we are not. Thanks in advance... Best Regards Kerem Gümrükcü Tag: AntiSpyware Tag: 77458
  - 2
    - CAN-1999-0776 Is there a kb article for this IIS vulnerability? Tag: AntiSpyware Tag: 77456
  - 3
    - MS DTC ? Hello, Run cleanup maintenance on my system at the of end of every month and then do a little searching in OS. Opened but did not change "Component Services" - "computer" - viewed all folders. Upon closing and then checking "Event Viewer" found two new listings: source "MSDTC" catagory "TM" event id "2444" "security configeration" and source "MSDTC" catagory "LOG" event id "4125" "log decompressed". Went to MS Help and Support no listing found for the two events. Is this odd behavior for "MSTDC"? This is a stand alone non-network K56 modem single user unit. WindowsXP Home Sp2 all security and critical updates. Thank You. Take Care. beamish. Tag: AntiSpyware Tag: 77454
  - 4
    - DUMPEL - MESSAGE TEXT not displaying Greetings I use dumpel rather extensively for debugging account lockout problems. Since our support group upgraded us to SP2, I notice that the "message" portion of the event log information appears to be missing. NOTE: The issue is the SP level of the machine running DUMPEL, not the SP level of the machine who's event log you are dumping. I've tried this on two seperate SP2 systems and on a system that is still SP1, and the results are consistant. Does anyone have an idea of what is happening ??? e.g. prior to SP2 upgrade 8/8/2005 4:11:35 PM 8 2 538 Security xxxxx\yyyyy zzzzzzzz User Logoff: User Name: zzzzzzz Domain: zzzzzz Logon ID: (0x0,0xB6F20E) Logon Type: 3 post SP2 upgrade 11/1/2005 11:16:59 AM 8 2 538 Security xxxx\yyyy$ zzzzzz xxxxxx xxxxxx (0x0,0x4D66962) 3 Villy Madsen CISA ISP Information Security ATCO I-Tek Bus: (780) 420-5093 Cell: (780) 975-0110 Fax: (780) 420-3916 Mailto:Villy.Madsen@atcoitek.com 4MB Edmonton The information transmitted is intended only for the addressee and may contain confidential, proprietary and/or privileged material. Any unauthorized review, distribution or other use of or the taking of any action in reliance upon this information is prohibited. If you received this in error, please contact the sender and delete or destroy this message and any copies. Tag: AntiSpyware Tag: 77452
  - 5
    - FTP using PGP My client wants us to FTP data to them using FTP and PGP encryption. What would be the best method of achieving this? Presumably we would need an FTP client that supports PGP. Does Microsoft FTP support this? I also assume that they would need a server at their end that supports PGP. Any information on possible products would be greatly appreciated. Tag: AntiSpyware Tag: 77446
  - 6
    - Running program files on XP with non-executable extensions? I downloaded a file (let's call it BLUESKY.EXE) which my anti- virus guard says may be a virus. I wanted to get more info about this file, so I disabled it by adding a couple of random letters to the extension. I renamed BLUESKY.EXE to BLUESKY.EXEHJ. I figured this would stop XP from running it if I double clicked it in error. But my antivirus guard 'AntiVir PE' warned me about it again. Even with the dummy extension letters. Surely such a program file is now safe enough? -- I found that if I put the random letters *before* the EXE then 'AntiVir PE' did not detect it as a virus. So BLUESKY.HJEXE is ok according to 'AntiVir PE'. Is this just an oddity in 'AntiVir PE' or is this being done because of something in my XP Pro which might truncate the letters in a file's extension after the first three letters? -- MS security groups: microsoft.public.security microsoft.public.security.virus microsoft.public.windowsxp.security_admin Tag: AntiSpyware Tag: 77442
  - 7
    - File Sharing and Broadband Recently I have made some major changes to my PC which make me think that I need to review my file sharing policy. I have moved from dial-up internet to broadband and installed a 3Com router firewall. The home network has 3 PCs which have file sharing enabled on all drives The Share Permissions tab allows 'Network' change/read permissions. The 'Security' tab allows 'Everyone' full control. (MS Office gives problems if I don't allow full access). This sounds a bit risky but as I understand it 'everyone' means anyone who logs on with the correct username and password. However, I must admit to being confused between the W2k 'Shares' properties 'Share Permissions' and 'Security'. Since the NAT on the router makes the PCs invisible to the outside world and the file shares are protected by password access then it seems safe. My installation is: W2000 Office 2000 Outpost PFW The PCs are not logged on with admin privileges except when doing Windows updates. The router provides IP addresses to the PCs Any thoughts? Davy Tag: AntiSpyware Tag: 77439
  - 8
    - how to backup Certificate templates Hi, I have backup my sub CA Private Key, CA Cert, Caert Database and Cert DB log, using CA snap-in, does this backup also include Certificate templates? If not included, how do I backup? any link in Microsoft for this solution? Thanks for all replies. Tag: AntiSpyware Tag: 77430
  - 9
    - Highjackthis log Please help me with this. What should I remove and what should I keep? Logfile of HijackThis v1.99.1 Scan saved at 7:00:30 PM, on 11/01/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\pctspk.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\UAService.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\2Wire\Gateway\2portalmon.exe C:\Program Files\Iomega\DriveIcons\ImgIcon.exe C:\WINDOWS\iisver.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Yahoo!\browser\ybrwicon.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Webroot\Washer\wwDisp.exe C:\PROGRA~1\Yahoo!\browser\ycommon.exe C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE C:\Program Files\Microsoft Office\Office10\msoffice.exe c:\progra~1\window~2\wmplayer.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\ARADRA~1\LOCALS~1\Temp\Rar$EX00.031\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qsrch.com/ R3 - Default URLSearchHook is missing O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file) O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_98.dll O2 - BHO: Quick! - {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} - C:\PROGRA~1\quickbar\quickbar.dll O2 - BHO: RichMediaCollector Class - {EFFD215B-773F-4F3A-8B4A-BF15CCA78A05} - C:\Program Files\Common Files\MediaMaster\WMMRMC20.dll O3 - Toolbar: MediaMaster Bar - {E7F10FF7-005E-45D7-86A1-59FA022860B0} - C:\Program Files\Common Files\MediaMaster\WMMRMC20.dll O3 - Toolbar: Quick! - {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} - C:\PROGRA~1\quickbar\quickbar.dll O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire\Gateway\2portalmon.exe O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe O4 - HKLM\..\Run: [LiveNote] livenote.exe O4 - HKLM\..\Run: [anvshell] anvshell.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Jawa322] C:\WINDOWS\jawa32.exe O4 - HKLM\..\Run: [iisver] C:\WINDOWS\iisver.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Rzvdnu] C:\WINDOWS\svchost.exe O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s O4 - HKCU\..\Run: [Jawa322] C:\WINDOWS\jawa32.exe O4 - HKCU\..\Run: [Jawa32] C:\WINDOWS\jawa32.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0 O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll (file missing) O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll (file missing) O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O15 - Trusted Zone: http://ad.searchsquire.com O15 - Trusted Zone: http://search.searchsquire.com O15 - Trusted Zone: http://update.searchsquire.com O15 - Trusted Zone: http://www.searchsquire.com O15 - Trusted Zone: http://*.searchsquire.com O16 - DPF: Yahoo! Checkers - http://download.games.yahoo.com/games/clients/y/kt4_x.cab O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt3_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab O16 - DPF: {12345678-1234-1234-1234-123456789123} - http://www.allyoursearch.com/Allyoursearch.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversInitialSetup1.0.0.8.cab O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {3C200107-2959-4C6E-91B8-F6D911B398A8} (Driver_Detective_v43_Members.DD_v43) - http://www.drivershq.com/cab/prod/Driver_Detective_v43_Members.CAB O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe O16 - DPF: {430DDE24-C051-11CF-95BE-0020AFF75E4F} (ichat xchat Control) - http://tank.wizards.com/chat/data/html/user/msie/msichat.ocx O16 - DPF: {4C2D6C46-6602-11D4-A5E3-444553540000} (Alice Control) - http://www.skotos.net/MarrachGame/Alice44.cab O16 - DPF: {5DDF3BA5-7DCD-45A9-B4A1-601E67700271} (DDv4_Member.DDv4) - http://www.drivershq.com/cab/prod/DDv4_Member.CAB O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab O16 - DPF: {B663A561-7424-4958-AF76-853E80B4E1C6} (UDConnect Class) - http://19.sharedsource.org/html/PagomaxUD_1.0.0.3ie.cab? O16 - DPF: {C36661D7-3590-45B1-80B5-520839E94DAD} (MaxisSimCity4PatcherX Control) - http://simcity.ea.com/update/MaxisSimCity4PatcherX.cab O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup150.cab O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binaries/IA/netpe32_EN_XP.cab O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IomegaAccess - Iomega Corporation - C:\WINDOWS\System32\IomegaAccess.exe O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe O23 - Service: SecuROM User Access Service (UserAccess) - Unknown owner - C:\WINDOWS\system32\UAService.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe O23 - Service: ZipToA - Iomega Corporation - C:\WINDOWS\System32\ZipToA.exe Tag: AntiSpyware Tag: 77429
  - 10
    - Sony, Rootkits And Digital Rights Management Gone Too Far "Last week when I was testing the latest version of RootkitRevealer (RKR) I ran a scan on one of my systems and was shocked to see evidence of a rootkit. Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden (see my ?Unearthing Rootkits? article from thre June issue of Windows IT Pro Magazine for more information on rootkits). The RKR results window reported a hidden directory, several hidden device drivers, and a hidden application:" http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html Imhotep Tag: AntiSpyware Tag: 77425
  - 11
    - network share help how can I stop people from mapping to workstations using \\pcname\c$ Also what does ipc$ do and should I disable it? Thanks Tag: AntiSpyware Tag: 77423
  - 12
    - Internal and External Access to the same site. We have a b2b ordering site and would like to allow external customers to access the site with username and password and have internal CSRs access the same site without having to log in, using windows authentication. Our current solution we are not liking is to create a very restrictive Active Directory account for each of our customers and have them log in through our extranet appliance. Because of Sarbanes-Oxley (an our own policies to satisfy SOX) we now need to expire their passwords, get lots of paperwork before we can set them up, expire the accounts automatically every 12 months... What we would prefer is to have the site entirely hosted outside the firewall, (NOT dual homed), and somehow have the credentials passed to the external web server for users coming from inside the firewall, while users outside the firewall have to log in and be authenticated on the webserver against it's own authentication/authorization system. Tag: AntiSpyware Tag: 77415
  - 13
    - ActiveX object fetching new dll's Hello, Our application can be run as an activex object which our company distributes as a signed cab file. All good so far. But we'd also like to be able to update the activex object with new dll's (not just update to the existing dll's, but actually new functionality). These new dll's could be created by us or by others. We could do that easily by just downloading new dll's, saving them in the same directory as our activex control, and loading them up. The problem with the above scenario is security. Is there a way to harness the Internet Explorer activex security implementation so that it takes care of verifying if a dll that our activex control downloads is signed our not, prompts the user to allow this or not, etc.? Thanks jdt Tag: AntiSpyware Tag: 77409
  - 14
    - mail server redirect Hello! I have a Windows Xp SP2 machine and i whant to catch all smtp server activity and to redirect it on a specific e-mail addres. I mean, if someone using a smtp server on that machine send an email to xxx@hotmail.com the machine shoult delivery the mail to the addres abc@localhost and not to xxx@hotmail.com. The reason is that i suspect some suspect smtp activity on my machine and i whant to see the content of the emails. Can someone help me? Thanks in advice Tag: AntiSpyware Tag: 77408
  - 15
    - protecting a folder I own a restaurant and keep all my financial information in one folder and have managers that have access to the computer. Is there a way I can password protect a folder? Tag: AntiSpyware Tag: 77405
  - 16
    - Security precautions to take while installing windows 2000 I am planning to re-install Windows 2000 professional in an office network environment. Can somebody advise me precautions to take while installation that can better the security of the system. For example, I think I need to install, antivirus, spyware removal programs and also some firewall and then update the system as soon as the installation of the windows is complete. What order should I follow for the above tasks? Is there anything else that I should do? Thanks in advance for any help!!! Tag: AntiSpyware Tag: 77394
  - 17
    - pass username/password between processes Hi, I want to design a secure mechanism to pass username/password from one process to another, but won' t use shared public key to inside source code for encryption / decryption due to its obviouse security hole, anyone who can access srouce code know the key. several approaches conceiving now: 1. pass as command line argument in win32 use CreateProcess(). There is security hole here. 2. use shared memory for IPC. but looks like we never previent 3rd party to process to break into shared memory if its name is known. Same thing even we use public key, however the key cannot be safely passed to another process. 3. ... what else... Is there any standard way to handle such things? Thanks very much! -John Tag: AntiSpyware Tag: 77391
  - 18
    - Free Merchant Account Accept credit cards. Signup for a free merchant account and get instantly activated. Freekat lets you send oney to anyone with an email address. Freekat is for consumers and works easily with your checking and credit card details. Freekat is currently in BETA so it's not done yet, but is still secure. It's the next greenzap... Visit for a free merchant account http://www2.freekat.com:8080 Tag: AntiSpyware Tag: 77388
  - 19
    - PHISHING from MSN addresses Like many of us, I have several email accounts. Recently I started receiving a lot of PHISHING emails in another account. I report them to that account. Several of the emails are comming from MSN accounts. Is there a way to contact MSN about PHISHING from MSN addresses? Tag: AntiSpyware Tag: 77378
  - 20
    - Access denied in registry key I'm having a problem removing two registry keys. I'm using XP(pro sp2). I'm logged in as admin and I always get 'acces denied (5)' whenever I try to open the key in regedit. When I try to change the permissions/ownweship for the key the result is always unable to change permissions. I've tried this in Safe Mode as well. I'm really stuck, I can't think of what else to try. HELP ME PLEASE! Tag: AntiSpyware Tag: 77376
  - 21
    - infected with Sasser My averatec 3250 is infected with the Sasser worm. I have read a lot of unproven ways of getting rid of this worm. Anyone know the correct way of handling this worm? Thanks Tag: AntiSpyware Tag: 77369
  - 22
    - Free antivirus programs? Are there any free versions of AV software that are any good? I just tried Symantec's and Trend Micros but they spent an abnormal(?) amount of time before finishing. I only tried to scan four smaller folder with the Trend. Tag: AntiSpyware Tag: 77365
  - 23
    - FTP over SSL Hi, To configure FTP over SSL, I just need to purchase a FTP server software (WS_FTP server, etc.) and get a SSL certificate from VeriSign, etc. to be install on the server, right? In order for the client to connect over the SSL connection, they don't need a separate certificate, right? The only thing is a SSL FTP client. thanks. Tag: AntiSpyware Tag: 77360
  - 24
    - Password FORGOTTEN >>>HELP!!! I created an Excel Workbook, PW'ed the entire work book, have forgotten the PW, and now can not modify book. Does anyone know of, or how to, gain access again? Please Help! Thanks, Drew Tag: AntiSpyware Tag: 77354
  - 25
    - Microsoft is running a disreputable spyware outfit By logging into hotmail on a new system I found out that Microsoft is running a disreputable spyware program which pops up targeted adware on your Windows PC some time AFTER you view web pages. HOW DO WE PREVENT MICROSOFT FROM INFECTING OUR PC? On a brand new PC, I noticed that EVERY time I visit a hotmail page the message comes up (which I cancel every time): --------------------------------------- Opening ADSAdClient31.dll You have chosen to open ADSAdClient31.dll which is a: Application Extension from http://rad.msn.com What should Netscape do with this file? (x) Open with dllfile (default) ( ) Save to Disk ---------------------------------------- I googled and found that this is a well-known Microsoft Ad Server spyware advertising client dynamic linked library (http://www.kuro5hin.org/story/2001/8/17/11541/1217) but I did not find how to PREVENT it from installing! Apparently this program pops up ads AFTER you view the web page! So it's a prime cause of pop-up annoyances and is a known spyware program from Microsoft. I tried putting 127.0.0.1 rad.msn.com into my hosts file but I STILL get this annoying Microsoft Advertising Delivery Service dll download attempt (which I cancel every time) when I visit any hotmail web page. Someone out there must be an anti-spyware expert who can tell us how to ELIMINATE the chance of this Microsoft-built adware/spyware? PLEASE! If you are a Windows expert, you'll know how to stop this program! Thank you in advance, Susan Sharm Tag: AntiSpyware Tag: 77341
- Next
  - 1
    - sec patch intallation Hi, how I schedule security patch installation at user log off ? Thanks. Tag: AntiSpyware Tag: 77340
  - 2
    - Safe to delete index.dat? Hi, A while ago I read a newspaper article warning of the dangers to users of free email services such as Yahoo and Hotmail; specifically how someone "in the know" can read mails in a hidden C:\ file (even if they have been deleted). The solution was (I believe in co-ordination with the local Microsoft office) to delete index.dat. As someone who uses a free email service, and one who works *exclusively* on a portable (and who almost lost her PC recently!) this is very troubling. Is it safe to delete index.dat? Are there any precautions I need to be aware of? Can someone give me instructions how to do this? Thanks, Sharon Tag: AntiSpyware Tag: 77338
  - 3
    - sharing broadband with guests I want to share a DSL connection with guests via WiFi in a small mountain inn. The DSL modem is also a wireless router which protects my whole network from the outside world. My question is how do I protect the two business PC's from the guests? Is it enough to run the XP firewall and use strong passwords, or do I need an additional hardware firewall between me and the guests? This lodge is in a remote mountain area so I'm not planning to use any wireless encryption methods because it will be a hassle to make sure all guests know how to use it. Is it a bad idea to leave the wireless network wide open in my situation? Tag: AntiSpyware Tag: 77335
  - 4
    - Firefox & Spybot S&D I use Firefox, mainly. I also use Spybot S&D. QUESTION: Does Spybot S&D work with Firefox, or only with Internet Explorer? QUESTION: Does the Immunize feature of Spybot S&D work with Firefox? QUESTION: If I understand correctly, the Immunize feature sets up a "HOSTS" file that prevents access to or from certain bad websites. If the HOSTS file only works with Internet Explorer, is there a way I could copy it and set it up to work with Firefox? Thank you. <*((((><{ Fishy@Ocean.Net Tag: AntiSpyware Tag: 77334
  - 5
    - Announcement: Security Chat with MS Vice President Mike Nash 11/10 Begin: 11/10/2005 10:00 AM End: 11/10/2005 11:00 AM Time Zone: Pacific Daylight Time (UTC - 7 hours-usually April-late Oct) Description: Join Mike Nash, Vice President for the Microsoft Security Business Unit, and his team of security experts each month. Microsoft is working hard to improve security and Mike and his team invite you to join them in a candid Q&A session. Ask us your tough questions; share with us what is going well and what needs improvement. This is your chance to talk up front with the leading security minds at Microsoft. Chat Room: TechNet: www.microsoft.com/technet/community/chats/chatroom.aspx -- -- Melissa Travers, MCSE MVP Lead - Exchange Server, Security & Virtual Machine Please do not send email directly to this alias. This alias is for newsgroup purposes only. This posting is provided "AS IS" with no warranties, and confers no rights. Tag: AntiSpyware Tag: 77332
  - 6
    - Sluggish computer - possible spyware My friend's computer is slow in a certain way. It loads web pages at a normal speed. But sometimes when you click on an ordinary thing - like minimizing a window - it will do absolutely nothing for 5-15 seconds and then will suddenly minimize it. In other words, it does not GRADUALLY display images or windows. There do not appear to be unwanted programs running in the background (I'm not sure how to be sure of this) - and there are no programs in the Startup folder. Besides the obvious use of antivirus and antispyware programs, is there something else I could check for? Perhaps there is too little memory in the computer? Tag: AntiSpyware Tag: 77331
  - 7
    - Add data to executable after it was signed Hi, I want to inject a url to my signed executable. In which PE section should I write it. 10x TestGames Tag: AntiSpyware Tag: 77330
  - 8
    - ad-aware se hi i'm hoping someone can shed a little light on my problem as a novice i will try and explain as best i can.i scanned my friends pc using one of the free scan tools which came back laden with results rather than pay for it i downloaded and ran adaware se,but the problem is after scanning 63,000 files or so it seemed to pause,always at roughly the same point,and it would say conditional scan .....busy so i left it thinking it would resume at some point but with no luck,did this 2-3 times with the same results....tried uninstalling and re-installing same results and also tried running in safe mode with the same results,hope this explination helps in some way....thanks in advance Tag: AntiSpyware Tag: 77321
  - 9
    - Is Viewpoint dangerous (Windows Media Player) WMP comes with something called Viewpoint. It is some kind data collector but I'm not clear whether it's dangerous to the computer. There is a folder and subfolders for it. Should you just get rid of it in Add/remove? Tag: AntiSpyware Tag: 77315
  - 10
    - antispyware install/uninstall I am getting failed to register/unregister dll errors on opth uninstall and install. After uninstalling, I have searched the registry for gcant and I am finding all sorts of references to the software. I have deleted as many refs as I could. Now I have several left that are giving errors such as: Cannot open gcAntiSpywareLibrary.ActiveXObject: Error while opening key. Try deleting and I get: Cannot delete gcAntiSpywareLibrary.ActiveXObject: Error while deleting key. Any suggestions? Thanks in Advance Tag: AntiSpyware Tag: 77307
  - 11
    - Security Alert Messag Once again another problem with security alert windows. I am on a site that I want to sign up as a distributor. Everything goes fine until I get to the bottom of the Terms & Conditions Page. I go to the bottom, click on "I Agree" and click submit. A security alert message comes up stating "You are about to be redirected to a connection that is not secure. The information you are sending to the current site might be retransmitted to a nonsecure site. Do you wish to continue?" I click on "Yes". The alert box goes away for a split second and then pops right back up. I keep clicking yes, it just will not go away!! Is this a problem with the site, or my problem? Thanks to anyone for help. Tag: AntiSpyware Tag: 77300
  - 12
    - Tracing where someone os by their account How do I trace where someone has logged in from? My son's account came online while I was on Messenger. This wouldn't be a big deal except he was sitting beside me and we only have 1 pc in the house. He does not have access to MSN at school and did not give his password to anyone. I was also logged on for quite awhile so there was no way for his account to still be running. Other than changing the account password which I did when this happened to me during the summer; What else can I do? This is very worrisome for me... Tag: AntiSpyware Tag: 77298
  - 13
    - Spyware vs. viruses Is it true that each computer virus has a name and an effect, but spyware doesn't? Why Spybot or AdAware found things, it just displayed names of files or cookies. When Norton AV finds things, they are in a very specific list of viruses, each with a certain nature. Why doesn't Norton make one program that is both AV and anti-spyware? Tag: AntiSpyware Tag: 77292
  - 14
    - Spyware problem / prevention This morning I couldn't start any programs and ctrl+alt+delete would do nothing. I called support and they got me to run Scandisk. This fixed the problem. First of all, could only spyware have caused this problem? If it was spyware, was it a particular spyware program? I downloaded Spybot and it found many things and I fixed them but I'm not sure if the spyware that caused the orig. problem was eliminated. Spybot keeps a log in an awkward place. Tag: AntiSpyware Tag: 77280
  - 15
    - PLEASE HELP My msn was hacked the hacker signed in as me he is going through all my emails and says the only way he will give me back my password is if I give him naked pics. I have written to msn in the customer service box and keep getting auto responses is there a quicker way to get in contact with them seeing as how I have credit info in my e mail for work and such other imporant things please get back to me. Tag: AntiSpyware Tag: 77275
  - 16
    - Spyware programs for Windows ME? Do you know of any Spyware programs for Windows ME? My friend has that and the machine is very sluggish. Tag: AntiSpyware Tag: 77274
  - 17
    - Spyware programs I just had a spyware problem where I had to run chkdsk or else I couldn't run any programs. I already have Norton AV - couldn't I upgrade that to a spyware prevention program? If not, what do you recommend for spyware? Tag: AntiSpyware Tag: 77272
  - 18
    - Unable to install Anti Spyware Beta I have recently reinstalled Windows XP following hardware changes. I am being prompted to activate the OS, but told that the COA number I have is incorrect. My computer supplier told me to ignore the prompts to activate, as these are "errors", as I am simply reinstalling an already-activated product. Because the Microsoft Anti Spyware site thinks I don't have an activated Windows XP, I can't install it. The antispyware software is really useful and I'd like it back! Any help greatly appreciated. Tag: AntiSpyware Tag: 77268
  - 19
    - WMI provider write permissions Hi there, Is there a WMI class where giving a provider write is potentially harmful? --Sudhakar Tag: AntiSpyware Tag: 77265
  - 20
    - Where is SERVICE_USER_DEFINED_CONTROL used? Hi all, I am interested in seeing where all SERVICE_USER_DEFINED_CONTROL permission for services gets used. Can you give me examples? I cannot think of even one. :-) thanks, Sudhakar. Tag: AntiSpyware Tag: 77264
  - 21
    - Issuing Web Browser digital certificates Hello .. My company would like to have an offline Windows Server 2003 standalone Certificate Authority. This CA would issue SSL certificates for an Extranet. Users would either be sent a certificate to install or a tech from or company would visit each client and perform the install. My issue is that I am only aware of using the certsrv web that comes with certificate services to request and install certificates for web browsing. I am really not sure how to initiate a request at our offline CA server on behalf of each user, how to generate the file, and how to install the file in their personal certificate store in Internet Explorer manually. I know this isn't the most secure thing to do .. using the web based certificate request/install is the best idea, however, they'd like the server to be offline, and have techs install the certificates in each users profile manually. Any ideas on what I need to do? I looked at certreq.exe but was having issues with the policy.inf file. Any advice or info is appreciated. Thanks! william.a.hunter@gmail.com Tag: AntiSpyware Tag: 77256
  - 22
    - Connections from subnets to shares are rejected This is a bizzare problem. Our users and computers that are part of the domain but are on a different subnet can no longer access shared folders on one particular server. Group membership and folder permissions have not changed. The users can access the folders if they log on on the same subnet as the server. I have made a little bit of progress in the sense that under network connections, on the workstation, I turned off everything in the Authentication tab, which I don't understand. Once I did that users on the subnets could at least browse the network, i.e. see all the workstations and servers in the domain. They can see all the shares on the servers. However shares report they are not accessible or they do not have permission, which they do. Prior to turning the Authentication settings off subnet users only saw workstations on their own subnet. I have verified their DNS and WINS server settings. We had this problem show up last week w/ this same server out of the blue. I ended up doing an in place upgrade to get things going again. Everything was fine for the few days we were at work prior to Wilma. This is the first time subnet users have been able to get back on the network since Wilma came through. Hence nothing has changed on the server from then until now becauses nobody was here to change anything. I think this is a security "feature" of Server 2003 sp1 that I know nothing about. Something that only affects users when they are on a different subnet. I am at a complete and total loss as to why and how to go about fixing this. Any ideas would be greatly appreciated. Tag: AntiSpyware Tag: 77251
  - 23
    - Restore file permissions I used showaccs.exe to download file permission rights and use xcacls.vbs to restore those file permissions as in a case of server upgrade. I need to find out what the code sequence are to restore five situations- the first is a folder with just List Folder Contents and Read both checked. The second is a folder with List Folder Contents, Read, and Write checked. The third is a folder with Deny Write checked. The fourth is a folder with Deny Read checked. The fifth is a folder with Deny List Folder Contents, Read, and Write checked. For example, a folder can be in any given permission set. But, if I use the following command line statement: >cscript.exe xcacls.vbs "D:\TestFolder" /g USERS:X [enter], the folder TestFolder is reset to List Folder Contents, Read and Write boxes checked. The advanced settings will also be reset to the corresponding. -- Message posted via http://www.winserverkb.com Tag: AntiSpyware Tag: 77250
  - 24
    - MS antispyware Beta 1 Since about 1 week (probably after an update), I can no longer use this program normally. Everytime I open it, it acts as if it is the 1st time and I have to rechoose all the settings. I then run a scan and the next time it starts all over, asking for settings and telling me I have vener run a scan. Any ideas? Tag: AntiSpyware Tag: 77245
  - 25
    - Lock pages in memory Dear All, I am having trouble using the AdjustTokenPrivileges API call to enable "SeLockMemoryPrivilege" - I get the error "Not all privileges referenced are assigned to the caller." I have assigned myself to the "Lock pages in memory" Local Security Policy and also been allocated this privilege on the domain controller. Is there anything else I have to do? Regards, AJ Tag: AntiSpyware Tag: 77241

Will Microsoft release a Production release of AS? Or it will always be
Beta? Thanks!

Re: AntiSpyware by PA

PA
Wed Nov 02 16:41:42 CST 2005

Probably not before Windows Vista is released, Michael.
--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE, Shell/User, Security), AH-VSOP

michael wrote:
> Will Microsoft release a Production release of AS? Or it will always be
> Beta? Thanks!

Top

RE: AntiSpyware by Kevin

Kevin
Thu Nov 03 16:12:03 CST 2005

Go to www.download.com, and do a search or a program called "spyware
blaster". While the microsoft anti spyware program works just as good, try
this one, as well.

Top

Re: AntiSpyware by PA

PA
Thu Nov 03 16:34:27 CST 2005

SpywareBlaster protects you from getting hijackware. MWAS can find and
remove it.

Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/archive/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine.blogspot.com/

When all else fails, HijackThis v1.99.1
(http://aumha.net/downloads/hijackthis.zip) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware. **Post
your log to http://forums.spywareinfo.com/,
http://castlecops.com/forum67.html or http://aumha.net/viewforum.php?f=30
for expert analysis, not here.**
--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE, Shell/User, Security), AH-VSOP

Kevin wrote:
> Go to www.download.com, and do a search or a program called "spyware
> blaster". While the microsoft anti spyware program works just as good, try
> this one, as well.

Top

Re: AntiSpyware by Kevin

Kevin
Thu Nov 03 16:42:06 CST 2005

Pa bear, actually, spyware blaster prevents hijackware, ans spyware.

Top