How to navigate away from quicksand domains which hold your browser captive until you install their software?

hummingbird wrote:
<snippage>
["trojan.systemp oser"]

Anyway, I noticed what was happening at the time and shut down
the browser and ADSL connection within about 10secs.

I found 7-8 small programs on my system and wrapped them in
a zipfile for safety (later sent to SuperAntiSpywar e guys for
analysis).

I then spent 2-3 hours running every piece of anti-malware s/w
I have, including several root kit programs. All came up clear.

Since then, I've seen no abnormal activity on my system using
packet sniffers and monitoring ports etc. My guess is that I
killed it before it had hardly got started doing its evil work.

Maybe you got lucky. Maybe it wasn't activated by its owner prior to
your shutting off your connection.

You do have a router and firewall, correct?

>Sure, almost everyone uses Windows. And the hackers love it because
of all the holes in it. ;-)

When I build my next system, I hope to install a version of *nix as
well as XP-Pro-SP3, probably using VMPC.

Try Ubuntu. You can also install it from within Windows using Wubi. For
testing and playing. I wouldn't recommend using any virtual machine for
a working installation, though.

--
-bts
-Friends don't let friends drive Windows

On Mon, 14 Jul 2008 16:45:26 -0400 'Beauregard T. Shagnasty'
wrote this on alt.comp.freewa re:

>hummingbird wrote:
<snippage>
["trojan.systemp oser"]

>Anyway, I noticed what was happening at the time and shut down
the browser and ADSL connection within about 10secs.

I found 7-8 small programs on my system and wrapped them in
a zipfile for safety (later sent to SuperAntiSpywar e guys for
analysis).

I then spent 2-3 hours running every piece of anti-malware s/w
I have, including several root kit programs. All came up clear.

Since then, I've seen no abnormal activity on my system using
packet sniffers and monitoring ports etc. My guess is that I
killed it before it had hardly got started doing its evil work.

Maybe you got lucky. Maybe it wasn't activated by its owner prior to
your shutting off your connection.

You do have a router and firewall, correct?

s/w firewall = yes, router = no.

A router is for my next system in a few months.

>>Sure, almost everyone uses Windows. And the hackers love it because
of all the holes in it. ;-)

When I build my next system, I hope to install a version of *nix as
well as XP-Pro-SP3, probably using VMPC.

Try Ubuntu. You can also install it from within Windows using Wubi. For
testing and playing. I wouldn't recommend using any virtual machine for
a working installation, though.

Yep ok. Ubuntu is currently top of my list :-)
We have one or two folks here on ACF who know about that and
there's always the other groups WHEN (not if) I get stuck ;-)

Thanks for the suggestion...
--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)

On Mon, 14 Jul 2008 22:40:23 +0100, hummingbird wrote in <g5gkko.lg.1
@localhost.127. 0.0.1>:

>
On Mon, 14 Jul 2008 16:45:26 -0400 'Beauregard T. Shagnasty'
wrote this on alt.comp.freewa re:

hummingbird wrote:
<snippage>
["trojan.systemp oser"]

Anyway, I noticed what was happening at the time and shut down
the browser and ADSL connection within about 10secs.

I found 7-8 small programs on my system and wrapped them in
a zipfile for safety (later sent to SuperAntiSpywar e guys for
analysis).

I then spent 2-3 hours running every piece of anti-malware s/w
I have, including several root kit programs. All came up clear.

Since then, I've seen no abnormal activity on my system using
packet sniffers and monitoring ports etc. My guess is that I
killed it before it had hardly got started doing its evil work.

Maybe you got lucky. Maybe it wasn't activated by its owner prior to
your shutting off your connection.

You do have a router and firewall, correct?

s/w firewall = yes, router = no.

A router is for my next system in a few months.

>Sure, almost everyone uses Windows. And the hackers love it because
of all the holes in it. ;-)

When I build my next system, I hope to install a version of *nix as
well as XP-Pro-SP3, probably using VMPC.

Try Ubuntu. You can also install it from within Windows using Wubi. For
testing and playing. I wouldn't recommend using any virtual machine for
a working installation, though.

Yep ok. Ubuntu is currently top of my list :-)
We have one or two folks here on ACF who know about that and
there's always the other groups WHEN (not if) I get stuck ;-)

Thanks for the suggestion...

------FORGERY---------

--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)
--
....of all the things i've lost in my life ... i miss my mind the most

On Mon, 14 Jul 2008 20:51:20 +0100, hummingbird wrote in <g5ge89.1ts.1
@localhost.127. 0.0.1>:

>
On Mon, 14 Jul 2008 14:33:18 -0400 'Beauregard T. Shagnasty'
wrote this on alt.comp.freewa re:

hummingbird wrote:

'Beauregard T. Shagnasty' wrote:

<snippage>

>So that was a Windows trojan then?

The one in question is called "trojan.systemp oser".

That is a nasty one. It's a rootkit as well, and - depending on what
else it downloaded and installed - nearly impossible to get rid of.
Experts suggest you flatten and reinstall to be totally sure you are rid
of everything.

Interesting.
I researched at the time but found conflicting descriptions.

Anyway, I noticed what was happening at the time and shut down
the browser and ADSL connection within about 10secs.

I found 7-8 small programs on my system and wrapped them in
a zipfile for safety (later sent to SuperAntiSpywar e guys for
analysis).

I then spent 2-3 hours running every piece of anti-malware s/w
I have, including several root kit programs. All came up clear.

Since then, I've seen no abnormal activity on my system using
packet sniffers and monitoring ports etc. My guess is that I
killed it before it had hardly got started doing its evil work.
When I build my next system, I hope to install a version of *nix
as well as XP-Pro-SP3, probably using VMPC.

------FORGERY---------

hb

--
....of all the things i've lost in my life ... i miss my mind the most

On Mon, 14 Jul 2008 23:31:26 +0100
**THE FORGER*** wrote this on alt.comp.freewa re:

>On Mon, 14 Jul 2008 22:40:23 +0100, hummingbird wrote in <g5gkko.lg.1
@localhost.127 .0.0.1>:

>>
On Mon, 14 Jul 2008 16:45:26 -0400 'Beauregard T. Shagnasty'
wrote this on alt.comp.freewa re:

>hummingbird wrote:
<snippage>
["trojan.systemp oser"]
Anyway, I noticed what was happening at the time and shut down
the browser and ADSL connection within about 10secs.

I found 7-8 small programs on my system and wrapped them in
a zipfile for safety (later sent to SuperAntiSpywar e guys for
analysis).

I then spent 2-3 hours running every piece of anti-malware s/w
I have, including several root kit programs. All came up clear.

Since then, I've seen no abnormal activity on my system using
packet sniffers and monitoring ports etc. My guess is that I
killed it before it had hardly got started doing its evil work.

Maybe you got lucky. Maybe it wasn't activated by its owner prior to
your shutting off your connection.

You do have a router and firewall, correct?

s/w firewall = yes, router = no.

A router is for my next system in a few months.

>>Sure, almost everyone uses Windows. And the hackers love it because
of all the holes in it. ;-)

When I build my next system, I hope to install a version of *nix as
well as XP-Pro-SP3, probably using VMPC.

Try Ubuntu. You can also install it from within Windows using Wubi. For
testing and playing. I wouldn't recommend using any virtual machine for
a working installation, though.

Yep ok. Ubuntu is currently top of my list :-)
We have one or two folks here on ACF who know about that and
there's always the other groups WHEN (not if) I get stuck ;-)

Thanks for the suggestion...

------FORGERY---------

You are the forgery, moron.
--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)

..oO(Me Here)

>Beauregard T. Shagnasty wrote:

>>
Micha already answered the point about how a website hijacking the hosts
file isn't possible.

It *IS* possible, that's the point - websites can, and do, do that. Why
does *his* statement pass without so much as a cite whereas mine is
required to produce fact (which I gave). Where are *his* cites? Why do
you believe *his* statement and not mine? Because it supports *your*
point of view?

Just think logically:

1) What is a website? It's HTML and CSS. It's a document, not a program.
You can display it in various formats, but it can't gain kind of an own
life to do funny things to your computer outside its rendering context.

Logical conclusion: A website alone doesn't do that.

2) A browser is just a viewer to display these HTML documents. Even if
there might be some active content like JS embedded into it, it's run in
a sandbox-like environment inside the browser, which itself runs in user
space and doesn't have anything to do with the operating system nor a
way to manipulate it.

Logical conclusion: A good browser doesn't do that.

3) Even if there might be a way to break out of the browser sandbox due
to a buggy plugin or a broken JS implementation, and even if there would
be a way to download and execute some software without the user taking
notice, there's still the operating system (in the Windows world this
means NT/2k/XP - we don't have to talk about the toys 95/98/ME), which
prevents unauthorized accesses to its most important entrails like libs
and system configuration files. The hosts file is not write-accessible
for any regular user, only the system itself and the admins/root are
granted access to modify it.

Logical conclusion: An appropriate system setup doesn't allow that.

Q.E.D.
Of course if you do your daily work with admin privileges (or root on
*nix), then you should never (really never!) complain about problems
with malware or a screwed-up system. Even though it sounds harsh, it's
mostly your own fault and you get what you deserve. Of course you can
also thank MS for not enforcing the creation of a non-privileged user
account on Windows installation, but that's just a part of the problem.

>My hosts file is located here: /etc/hosts
What host file manager would you recommend I use?

There are several freeware ones I used to use before I changed to
OpenDNS. Google Hostfile manager and I'm sure you'll find them.

He's not using Windows, but some kind of *nix system. There all system
configuration files are stored in the /etc folder (you can guess where
MS stol^Wgot the name for its hosts directory from ...)

>And like Micha, I don't have any anti- anything software on my computer
either.

It is true, there is a sucker born ever minute. It's only a matter of
time (if it hasn't happened yet) before you get bent over.

The last virus on my workstation was called Sunday. It's been quite a
while since these old MS-DOS days.

Micha

On Mon, 14 Jul 2008 23:36:48 GMT

***The FORGER Franklin***, using the name hummngbird wrote:

--nothing--
--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)

On Mon, 14 Jul 2008 18:59:49 -0500, Michael Fesser <ne*****@gmx.de wrote:

Just think logically:

1) What is a website? It's HTML and CSS. It's a document, not a program.
You can display it in various formats, but it can't gain kind of an own
life to do funny things to your computer outside its rendering context.

Logical conclusion: A website alone doesn't do that.

Micha...this premise is just wrong. Websites can and do contain all kinds
of scripts.
--
Bear Bottoms
Freeware website: http://bearware.info

..oO(Bear Bottoms)

>On Mon, 14 Jul 2008 18:59:49 -0500, Michael Fesser <ne*****@gmx.de wrote:

>Just think logically:

1) What is a website? It's HTML and CSS. It's a document, not a program.
You can display it in various formats, but it can't gain kind of an own
life to do funny things to your computer outside its rendering context.

Logical conclusion: A website alone doesn't do that.

Micha...this premise is just wrong. Websites can and do contain all kinds
of scripts.

Correct, but I consider them just additions to a website. They are
always optional (like images and CSS) and not interpreted by every
browser. But I also mentioned those scripts in my second point.

Micha

Beauregard T. Shagnasty wrote:

Me Here wrote:

>Beauregard T. Shagnasty wrote:

>>And like Micha, I don't have any anti- anything software on my
computer either.

It is true, there is a sucker born ever minute. It's only a matter
of time (if it hasn't happened yet) before you get bent over.

You are apparently assuming I am using a Windows operating system.

Tue, probably because Windows is the most prevalent system, however,
that aside, malware is not limited to Windows systems alone. Most are,
but not all.

--
Me Here
Here we have a country whose urban population happily inhales a
bewildering cocktail of combustion fumes on a daily basis; 12 per cent
of whose male population under the age of 35 will die prematurely as a
result of smoking tobacco (a more unpleasant death than anthrax, which
is mostly shock); not to mention that anthrax is harder to contract than
lung cancer, with both a cure and a vaccine. Yet, let one man in Florida
die of that obscure ailment and suddenly war-surplus stores are selling
out of Israeli gas masks at 110 bucks a pop. -- John MacLachlan Gray,
Globe and Mail, October 17, 2001 commenting on the 2001 anthrax scares.