Home Forums Classifieds Blogs Today's Posts Search Social Groups



  
SIGN-UP
Notices

Glock Talk
Welcome To The Glock Talk Forums.

 
  
Reply
 
Thread Tools Display Modes
Old 09-07-2004, 12:40   #21
MB-G26
Lifetime Membership
Inertia Bound
 
MB-G26's Avatar
 
Join Date: Oct 2001
Location: In my head
Posts: 14,935


"about:blank" browser command (aka hijack)

Came across the following which might be useful for anyone battling this new "about:blank" browser command infection/CWS variant:
http://forums.spywareinfo.com/index....ssenger+pop+up

Mentions a couple new tools helpful in detecting & dealing w/windows services and "about:blank" infections:
Quote:
Please download GetService.zip
Extract it to a new folder in the desktop. Double click on the Getservice.bat file to run it. This will create and open a text file named getservice.txt in the same folder. It will then open getservice.txt for you.
getservice.txt will list all active Services. Copy and paste the contents of getservice.txt in your next reply here. From the moment you post your list, until you see a detailed fix written up, DO NOT reboot your system or log off. If you do, the service will have changed and the fix provided will not work
Quote:
Print out these instructions so you have them handy as some of the steps need to be done in safe mode and you may not be able to go online. We need IE to remain closed throughout the process. With that in mind, read through the instructions and download all necessary files ahead of time. Opening IE may cause the fix to fail

1. Download AboutBuster. Unzip it to c:\aboutbuster but don't run it yet we'll do that later on down in this list in SAFE MODE.
m
__________________
I am slowly falling apart - I wish you'd take a walk in my shoes for a start. You might think it's easy being me ... Sometimes I find myself shaking - In the middle of the night. And then it hits me and I can't - Even believe this is my life
(The Wreckers; "Stand Still; Look Pretty")
MB-G26 is offline   Reply With Quote
Old 09-09-2004, 19:56   #22
MB-G26
Lifetime Membership
Inertia Bound
 
MB-G26's Avatar
 
Join Date: Oct 2001
Location: In my head
Posts: 14,935


Getting rid of "WINDOWS MESSENGER"

This is a different beast than "instant messenger" and such, and the distinction is important to make.
Culled research to date:
Quote:
http://www.grc.com/stm/ShootTheMessenger.htm

Shoot The Messenger - Windows Messenger Spam Elimination Freeware
This 22 kbyte "Shoot The Messenger" utility gives users immediate control over the Windows Messenger service.

File stats for: Shoot The Messenger
Last Updated:Apr 26, 2003 at 07:52
Size: 22k (500.19 days ago) Downloads/day: 1,537
Total downloads: 1,009,411

Windows Messenger Service

The Latest Spam Technology

The Windows "Messenger Service" is being exploited to spray the Internet with unsolicited commercial eMail. The receipt of a single UDP packet can cause a "Messenger Service" dialog to pop-up on the user's screen. It is possible for the sender to "spoof" (falsify) the packet's "Source IP", making these packets impossible to trace back to their origin. If our experience with eMail Spam is any model, we can expect to see a lot more of this in the future.

Wired News: (link) Spam Masquerades as Admin Alerts

Bad Company: These sample home pages give you a good idea what's going on, and just how bad it's likely to become: (links)

www. IP-Messenger. com

www. BroadcastBlaster. com

www. BroadcastAdvertiser. com

www. DirectAdvertiser. com

The first thing to understand is that the Windows Messenger Service is completely different from, and not in any way related to, "MSN Messenger", "Windows Messenger", or any other well-known instant messaging system. Therefore, disabling the Windows Messenger service will have no effect upon your use of any other instant messaging applications. They will continue to work without trouble.

If you ever see legitimate pop-up warnings or announcements with the phrase "Messenger Service" in the title bar, you might have an application running in your system that relies upon the built-in Messenger Service for the delivery of its information. But every application we know of displays its own pop-up alert dialogs, and we're not aware of any programs that rely upon the Messenger Service. It's just a theoretical possibility. If it turns out that you do need to have the Messenger Service running, "Shoot The Messenger" will easily re-enable and start the service.

What is the Messenger Service?

Starting back with Windows NT, and carried forward into all subsequent operating systems, Microsoft included a simple way for users on a network to send each other short "pop-up" messages. Network administrators might have used it to notify everyone of system-wide events. It was a nice idea, though in its original form it never caught on widely. There is a standard command line program "Net Send", that can be used to generate these messages, and there's also a GUI (Graphical User Interface) application to do the same.

If you're curious to see the graphical interface: On Windows 2000 or XP, right-click on "My Computer"/"Manage". Then under "System Tools" right-click on "Shared Folders". Choose "All Tasks" and finally "Send Console Message..."

You probably didn't know any of that was there, and neither do most people. It's a never-used feature that has been replaced by the various well known, popular, and feature-rich instant messaging systems. But, like a great many other "legacy" features of Windows, since it was once included, it survives in case anyone who once used it might still need it.

Several considerations make this something of a problem:

For network messages to be received, the receiving machine must open a port to actively listen for incoming network packets. That means that an Internet server must be running in the computer to service the incoming messages. The entire industry is still learning the hard way — with Code Red, Nimda, SQL Slammer, and the never exploited (yet) UPnP vulnerability — that leaving unneeded and non-maintained open servers running on the Internet is a bad and dangerous practice. Yet this has been Microsoft's continuing practice. What's worse is that, out of the box, Windows does this to end-user consumer machines.

The Messenger Service is another example of an Internet server that is running, by default, in all versions of Windows from NT through XP. It's a bad idea.

Even if some group of users on a local area network (LAN) were using the built-in Messenger Service to send short notes and alerts to each other, it's a good bet that no one ever intended for it to be used out on the wide area Internet network (WAN). The fact that the Messenger Service "went global" as Windows-based personal computers were put onto the Internet was probably an accident of history and an oversight by Microsoft. Or perhaps Microsoft just didn't care. Either way, it's a good bet that no typical Internet end user who knows what's going on needs or wants to have it running.

Since the first release of Windows 1.0, people have never stopped complaining about how slow and resource-hungry Windows is to boot and operate. It's things like leaving unneeded, unwanted, and never used services running — exactly like Windows Messenger — that tie up RAM, burn CPU cycles, and consume other system resources. It adds up to slowing everything down.

Turning off unneeded services and not running unnecessary programs is always a good idea.

As you can probably see . . .

Even if your Windows 2000 or XP machine is safe behind a personal firewall or NAT router, shutting down the Messenger Service is a good idea.

"Shoot The Messenger" allows any Windows NT/2000/XP user to easily stop and disable the unnecessary Messenger Service running in their machines.

Shooting The Messenger

Download and run our small (22 kbyte) "ShootTheMessenger.exe" utility. It will display the current status of your system's Messenger Service. The button near the bottom of its window will allow you to set the service to whichever state — running or disabled — that you desire.

If, for any reason, you should ever choose to re-enable the Windows Messenger Service, simply re-run ShootTheMessenger to do so.

ShootTheMessenger supports two command line convenience options which can be useful for operation from corporate logon scripts or batch command files:

ShootTheMessenger disable

ShootTheMessenger enable

That's all there is to it. It's simple, straightforward, and highly recommended for every user of Windows 2000 and XP.
*****************************
www.itc.virginia.edu/desktop/docs/messagepopup/ - 20k - Sep 5, 2004
Quote:
Disabling the Messenger Service
To remove the ability for anyone in the world to pop up messages on your computer, you can disable the Messenger service. Its easy to reverse at a later time if you wish to do so.

Windows 2000
Click Start-> Settings-> Control Panel-> Administrative Tools->Services
Scroll down and highlight "Messenger"
Right-click the highlighted line and choose Properties.
Click the STOP button.
Select Disable or Manual in the Startup Type scroll bar
Click OK

Windows XP Home
Click Start->Settings ->Control Panel
Click Performance and Maintenance
Click Administrative Tools
Double click Services Scroll
down and highlight "Messenger"
Right-click the highlighted line and choose Properties.
Click the STOP button.
Select Disable or Manual in the Startup Type scroll bar
Click OK

Windows XP Professional
Click Start->Settings ->Control Panel
Click Administrative Tools
Click Services
Double click Services Scroll
down and highlight "Messenger"
Right-click the highlighted line and choose Properties.
Click the STOP button.
Select Disable or Manual in the Startup Type scroll bar
Click OK

Windows NT
Click Start ->Control Panel
Double Click Administrative Tools
Select Services-> Double-click on Messenger
In the Messenger Properties window, select Stop,
Then choose Disable as the Startup Type
Click OK

Windows 98 & ME
Windows Messenger Service cannot be disabled (My note: but there might be an Uninstall option - I'll have to check the 98se machine and supplement info); at the very least, you can totally neuter it using special/advanced "Rules" in your software firewall. It might also be possible to determine which are the active 'exe' files it needs, and then cripple them by renaming them.
******************
http://www.microsoft.com/windowsxp/u.../stopspam.mspx
Quote:
Disabling Messenger Service in Windows XP
(original source document contains helpful images)
Published: January 9, 2004

Related Links
• Stop Receiving Pop-up Advertisements With Messenger Service Titles in Windows 2000
• Prevent Pop-up Ads When Browsing with Internet Explorer 6
• MSN 8 Junk Mail Filter

If advertisements are opening on your computer in a window titled Messenger Service, it may indicate that your system is not secure. You should enable the Internet Connection Firewall and disable the Messenger Service in Windows XP to help protect your computer from unwanted spam and other potential threats.

The Messenger Service was originally designed for use by system administrators to notify Windows users about their networks. However, some advertisers have started using this service to send information via the Internet, and these messages could be used maliciously to distribute a virus.

• Note Although the name of the service is similar, Messenger Service in Windows XP is not related to instant messaging programs such as Windows Messenger and MSN Messenger. Disabling instant messaging programs is not necessary and not recommended. Disabling instant messaging programs will not prevent Messenger Service spam on your computer.

• If your computer is part of a corporate network, ask the network administrator before disabling Messenger Service.

• If you have Windows XP at home or in a small office that you manage yourself, you should disable the Messenger Service.

First, make sure that your system is protected by an Internet firewall and that you've followed the steps to Protect Your PC. Disabling the Messenger Service without using a firewall will prevent the unwanted spam, but will not protect your computer from intruders.

To disable the Messenger Service in Windows XP (Caution: If your computer is part of a corporate network, talk to your system administrator before taking this action.)

1. Click Start and then click Control Panel.

2. Click Performance and Maintenance. (If you do not see the Performance and Maintenance icon, you may be using Classic View. You can skip to step 3 below, but you must double-click Administrative Tools.)

3. Click Administrative Tools.

(Figure 1. Double-click Services in Administrative Tools.)

4. Double-click Services as shown in Figure 1 above..

5. Double-click Messenger.

6. In the Startup type list, choose Disabled as shown in Figure 2 below.

(Figure 2. Choose Disabled from the Startup type list in Messenger Properties. )

7. Click Stop, and then click OK.

For more information on the origins of Messenger Service spam and how to handle it, read this Knowledge Base article 330904.
*********************************
Quote:
PC Hell: How to remove Windows Messaging on Windows XP

... you may want to visit the World of Windows Networking article on PopUp Messages. ...
How to Disable, Uninstall, and Remove Windows Messenger instant messaging ...
www.pchell.com/support/ipmessaging.shtml - 19k - Sep 5, 2004
************
http://www.winguides.com/registry/category.php/67/
Quote:
Disable Background Notification Balloon in Messenger (All Windows)
This tweak can be used to disable the popup message that notifies the user that Windows (MSN) Messenger is still running in the background when you close it.

Remove Windows Messenger from Outlook Express (All Windows) Popular This tweak is used to remove MSN Instant Messenger functionality and integration from Outlook Express.

Disable Windows Messenger in Outlook (All Windows)
This setting can be used to disable the integration of Windows (MSN) Messenger so that is does not start when using Microsoft Outlook.

Change the Messenger Warning Message (All Windows)
When you start a chat in Windows Messenger a warning is shown that says "Never give out your password or credit card number in an instant message conversation". This tweak allows you to customize this message for example to display your company chat policy.

Disable SSDP Discovery in Windows Messenger (Windows 2000/XP)
Windows Messenger uses the Simple Service Discovery Protocol (SSDP) to attempt to locate upstream Internet gateways on UDP port 1900. This tweak allows you to disable Universal Plug and Play Network Address Translation discovery to reduce bandwidth and increase security.

Disable MSN Instant Messenger (All Windows) Popular
This restriction is used to disable the ability to run the Microsoft MSN Instant Messenger client.

Remove Windows Messenger from Internet Explorer (All Windows) Popular This tweak can be used to remove the integration of Windows Messenger into Internet Explorer. It will remove both the toolbar icon and Tools menu item.

Change the MSN Messenger Background Image (All Windows) Popular
This tweak allows you to change the background bitmap image in the MSN Messenger service.

MSN Instant Messenger Restrictions (All Windows) Popular
These restrictions are used to disable various features of the Microsoft MSN Instant Messenger client.
m
__________________
I am slowly falling apart - I wish you'd take a walk in my shoes for a start. You might think it's easy being me ... Sometimes I find myself shaking - In the middle of the night. And then it hits me and I can't - Even believe this is my life
(The Wreckers; "Stand Still; Look Pretty")
MB-G26 is offline   Reply With Quote
Old 09-20-2004, 04:17   #23
PDogSniper
Senior Member
 
PDogSniper's Avatar
 
Join Date: Dec 2000
Location: Southwest Michigan
Posts: 10,777
Could you repeat that please...?
__________________
Hair today, gone tomorrow

Member NRA
Member GOA
PDogSniper is offline   Reply With Quote
Old 10-17-2004, 23:44   #24
NetNinja
Always Faithful
 
NetNinja's Avatar
 
Join Date: Oct 2001
Location: HotLanta, GA
Posts: 2,425
DO NOT USE OUTLOOK EXPRESS

Please for the love of Pete don't use Outlook express as your email client.

Outlook express has so many security holes in it that it should be called the Swiss Cheese email Client.

Please use Outlook Or Mozilla Thunderbird.

Mozilla Thunderbird is an open source email client.

http://www.mozilla.org/products/thunderbird/
__________________
G17,G22,G30,Sig P229 Sport
Kimber CC Series 1,Kimber CCR Series 1
SA TRP Operator SA 1911A1
S&W 1911, 686, M19, 627VComp,ColtDE10mm
Anschutz 1813 Super Match
NetNinja is offline   Reply With Quote
Old 11-23-2004, 15:04   #25
nickg
Senior Member
 
nickg's Avatar
 
Join Date: Jan 2002
Posts: 4,460
gee..these replies aren't NEAR long enough. ;Q ;Q
__________________
I may be wrong, but I'm not wrong long.
nickg is offline   Reply With Quote
Old 12-23-2004, 13:13   #26
FThorn
TV/Movie Club
 
FThorn's Avatar
 
Join Date: Apr 2004
Posts: 3,228
How do I get rid of the spyware,popups, viruses??

Oh, that's right...I HAVE A MAC...don't GET THOSE THINGS!!!!!!!!!!

Bwaaahahahhaahahahahahahah!

FThorn is offline   Reply With Quote
Old 12-28-2004, 01:07   #27
MB-G26
Lifetime Membership
Inertia Bound
 
MB-G26's Avatar
 
Join Date: Oct 2001
Location: In my head
Posts: 14,935


Errrrr

originally posted by FThorn...
:::::::THWAP!!!!!!:::::::

m
__________________
I am slowly falling apart - I wish you'd take a walk in my shoes for a start. You might think it's easy being me ... Sometimes I find myself shaking - In the middle of the night. And then it hits me and I can't - Even believe this is my life
(The Wreckers; "Stand Still; Look Pretty")
MB-G26 is offline   Reply With Quote
Old 12-28-2004, 12:06   #28
FThorn
TV/Movie Club
 
FThorn's Avatar
 
Join Date: Apr 2004
Posts: 3,228
Re: Errrrr

Quote:
Originally posted by MB-G26
originally posted by FThorn...
:::::::THWAP!!!!!!:::::::

m
Thanks for the kind reply. (I just try to pepper the world with info about the goodness of macs! )

FThorn is offline   Reply With Quote
Old 01-11-2005, 22:49   #29
MB-G26
Lifetime Membership
Inertia Bound
 
MB-G26's Avatar
 
Join Date: Oct 2001
Location: In my head
Posts: 14,935


Resource for Tailor-made personal bootable CDs

http://www.lurkhere.com/cgi-bin/foru...rum=DCForumID4
Quote:
Conferences Windows XP Family Topic #660

"New kind of boot CD for experts only"
Dec-20-04, 00:36 AM (EST)
This guy is using PE builder technology for a purpose M$ never thought of -- making tailormade personal bootable CDs.
Quote:
Why did I build PE Builder?

Microsoft only provides Windows PE to OEM and Enterprise customers. So the small companies and end users do not get Windows PE. I think this is really bad. With PE Builder they can build a Bootable XP CD-Rom (called BartPE) to use for maintaining their systems.

Bart's PE bootable live Windows CD/DVD http://www.nu2.nu/pebuilder/
m
__________________
I am slowly falling apart - I wish you'd take a walk in my shoes for a start. You might think it's easy being me ... Sometimes I find myself shaking - In the middle of the night. And then it hits me and I can't - Even believe this is my life
(The Wreckers; "Stand Still; Look Pretty")
MB-G26 is offline   Reply With Quote
Old 02-05-2005, 09:30   #30
David_G17
/\/\/\/\/\/\/\/
 
David_G17's Avatar
 
Join Date: Oct 2002
Posts: 7,678
Quote:
Originally posted by FThorn
How do I get rid of the spyware,popups, viruses??

Oh, that's right...I HAVE A MAC...don't GET THOSE THINGS!!!!!!!!!!

Bwaaahahahhaahahahahahahah!

what's insanely overpriced hardware and updates they make you pay for?


oh that's right, I HAVE LINUX... don't get those things!!!!!
__________________
"One handgun a month is too much."
"If you ask me, 12 handguns/year is too much."
"I'd be OK with one gun a year."
"We need the strong gun regs and enforcement Europe has."
-DU debates America's future 10/23/2005
David_G17 is offline   Reply With Quote
Old 02-11-2005, 17:18   #31
steveinpa
Member
 
Join Date: Feb 2005
Posts: 27
If you don't have a MAC and want to explore sites without getting high-jacked. Or when doing a search and open "the multi screen pop-up from.....) Download Mozilla Firefox. It's a free browser and you can import all your bookmarks over. I tried it for about a month and seldom do I use I.E. Haven't had one high-jack while using. and i tried some sites i know that high-jack.
steveinpa is offline   Reply With Quote
Old 08-07-2005, 18:12   #32
StoneGiant
Senior Member
 
StoneGiant's Avatar
 
Join Date: May 2003
Location: Derry, NH
Posts: 12,693


Quote:
Originally posted by lomfs24
I agree with David. SuSe 9 is looking good.

I downloaded and installed all the things in the original post and now I have no room left on my harddrive to do any work.
While tempted to investigate Linux (being an old Unix guy), my concern is interoperability with my customers, who use Microsoft Office for virtually everything. And who occasionally use Adobe for docs.

What's your perspective on desktop editing /publishing tools for Linux?
__________________
“Great danger lies in the notion that we can reason with evil.”
StoneGiant is offline   Reply With Quote
Old 08-18-2005, 17:20   #33
Dedpoet
Member
 
Join Date: Jul 2005
Location: Detroit Area
Posts: 46
Send a message via AIM to Dedpoet
Scribus is the number 1 Google hit on a search for desktop publishing linux and it looks pretty nice and it's open source. The screenshots look good, but I have never used the software. The same Google search turns up Pagestream and Artstream too. They're both commercial.

StoneGiant, we had a brief exchange in the other Linux thread and I think these applications kind of reinforce my point. There really are some quality applications out there for Linux, and it can really be a viable home use OS, especially if you're savvy enough to understand what's involved in ensuring compatibility with your clients/customers/friends/family/etc. Want to send something out to someone you know uses a Windows environment? Most of the software will save PDF's or even direct MS formats. For a single person at home, it's not too bad. For an office full of people, it can get messy.
Dedpoet is offline   Reply With Quote
Old 08-18-2005, 17:38   #34
StoneGiant
Senior Member
 
StoneGiant's Avatar
 
Join Date: May 2003
Location: Derry, NH
Posts: 12,693


Quote:
Originally posted by Dedpoet
Scribus is the number 1 Google hit on a search for desktop publishing linux and it looks pretty nice and it's open source. The screenshots look good, but I have never used the software. The same Google search turns up Pagestream and Artstream too. They're both commercial.

StoneGiant, we had a brief exchange in the other Linux thread and I think these applications kind of reinforce my point. There really are some quality applications out there for Linux, and it can really be a viable home use OS, especially if you're savvy enough to understand what's involved in ensuring compatibility with your clients/customers/friends/family/etc. Want to send something out to someone you know uses a Windows environment? Most of the software will save PDF's or even direct MS formats. For a single person at home, it's not too bad. For an office full of people, it can get messy.

Sounds like Mr. Gates has me by the short-and-curlies. If I want to ensure compatibility, I have to remain a Microsoft Slut.

Oh well...
__________________
“Great danger lies in the notion that we can reason with evil.”
StoneGiant is offline   Reply With Quote
Old 10-27-2005, 03:11   #35
Washington,D.C.
Senior Member
 
Washington,D.C.'s Avatar
 
Join Date: Oct 2003
Location: Woestyn Kusdorp
Posts: 14,180
http://www.bitdefender.com/site/Down...reeRemovalTool
Washington,D.C. is offline   Reply With Quote
Old 11-17-2005, 20:39   #36
epsylum
Boolit Hoze
 
epsylum's Avatar
 
Join Date: Sep 2004
Location: Racing Capital, USA
Posts: 14,373


Quote:
Originally posted by StoneGiant
Sounds like Mr. Gates has me by the short-and-curlies. If I want to ensure compatibility, I have to remain a Microsoft Slut.

Oh well...
That's exactly where he wants us.

DAMN YOU BILL GATES!!!

oh well at least I don't have ablue apple on my computer and it doesn't glow fruity colors ,and doesn't cost about twice as much as any other computer, and has more than one mouse button (mine currently has 8 IIRC), and.......



Now if I weren't so close minded to new experiences I would convert my system convet ot Linux. But, I'm lazy and don't feel like learning anything new. ;f
__________________
Quote:
What are you having trouble with? I'll teach it some respect.
Epsylum (EE-SAI-LUM)

To view links or images in signatures your post count must be 10 or greater. You currently have 0 signatures.
epsylum is offline   Reply With Quote
Old 02-12-2006, 16:37   #37
Builder
Always Learning
 
Builder's Avatar
 
Join Date: Feb 2006
Location: Western Washington State
Posts: 91


Use of "limited" user accounts (and a long PS for dual-boot)

MB-G26 --- an amazing set of posts, THANK YOU. You know far more Windows "tricks" than I do, that's for sure.

However, I have one additional suggestion. A "limited" account cannot (so far as I know) perform installations. So for a Windows box that MUST cruise the Internet, I recommend performing installations with an Administrator account (what all users / accounts are by default), then setting up a Limited one and DOING ALL INTERNET SURFING with it (Firefox, Opera, whatever, anything but Internet Explorer). This will prevent "surprise" installations (because the limited user doesn't have this power to install anything).

To set up such, do [Start] [Control Panel] [User Accounts], and add a new one. There will be a non-default (as in, you must select this manually) "Limited" radio button, pick that.

And once you've done this, be SURE to password every other account on the box (including booting into F8 Safe Mode, and installing a password on the account named "Administrator", every WinXP installation has one of those).

Builder

P.S. This _isn't_ the way I do things. I may need Windows for some things, but not for the Internet. And both IE & WinXP are so full of holes (known and _unknown_) that I don't think we'll ever see a trustworthy XP (witness the recent discovery by Steve Gibson of a "backdoor" that dates back to Win98 days). We might see such in the upcoming Vista, but mainly as a dependence upon a hardware solution (which will have its own major implications for Digital Right Management, as in that CD / DVD in your drive belongs to The Corporation, not you...).

So here's an _extensive_ alternative (for the *advanced*, except that you don't need to be as advanced as MB-G26 already is ) that turns a system into a "dual-boot" one (you're booted off of Windows, or you're booted off of something else, Linux here, but only one at a time). This makes _my_ system (what I'm using right now) as safe as I can manage (and note I'm giving the Big Picture, there are MANY steps along the way, contact me if you want to discuss any of it).

Also note that this pretty much requires DSL or Cable Modem, external boxes that one connects to with an Ethernet cable. Don't blame me, years ago Microsoft took over the standard modems; part of the vast majority of "modems" are hardware, with the rest software, drivers in the OS, _etc._. AFAIK, the software emulations (many, different manufacturers) have proven difficult, troublesome, and generally not worth the trouble of the Linux community to reverse engineer, so Linux won't talk to most modems.

[1] Make backups (you already do this, right???). This recreates your computer, loses most everything, you must be prepared....

[2] Download & burn (or buy, not that many $$$) the ISOs for your favorite Linux (I like SuSE myself, it does something very important for me --- it allows a boot from floppy!).

[3] Disconnect any cabling (Ethernet to DSL modem) that puts your box on the Internet. Then install Windows XP. Be reasonable about diskspace, as you'll need four partitions (they may, however, be on different drives, or on the same drive):

[a] A reasonable size for the Windows partition, say 20_GB or better, but leave 10-30_GB for Linux. This will be NTFS by default (the kind of filesystem), your "C:" drive; keep it that way (XP *likes* NTFS).

[b] A second partition for "intermediate" storage. Set this one up to 1-to-5-to-10_GB, whatever. Don't format it (this will be D: down the road).

[c] Leave untouched that 10-30_GB for Linux (no partitions).

[4] When you're up and running off of XP, format that unused partition to FAT32 (it'll be too big for FAT, and I'm not convinced that all Linux distributions understand how to _write_ to NTFS, thus the admonition to create this intermediate partition).

[5] Do [Start] then right-click on [My Computer], left on [Properties], tab [Hardware], button [Device Manager], click the "+" in front of "Network adapters", right-click on your LAN card, and select "Disable". This prevents Windows from using the LAN card to get to your DSL modem (cable modem, whatever), and isolates Windows from the Internet. Without this step, you're no better off than before.

[6] NOW, install Linux:

[a] Let it consume the unpartitioned diskspace.

[b] If you're comfortable with whatever advanced partitioning the installation user interface offers, flag the main Windows partition as "read-only" (so Linux won't allow writes to it), or even "don't mount at boot" (so it's not even visible).

[c] Leave the default settings for the intermediate (FAT32) partition (and Linux, which has no problems with either FAT or FAT32, will happily allow you to copy files there, which you may then access by booting Windows later on).

[d] IMPORTANT: You should be able to specify a place where the boot loader goes. I'm not entirely convinced that Linux "plays" with Windows, but you're welcome to experiment (and then you want to use the boot loader called GRUB, modify the Windows "boot drive"). What I use instead is to place the boot loader called LILO onto a blank floppy (and skip the offer to put a filesystem on the floppy, I've had problems down that road).

[7] And once you're up on Linux, create a spare floppy or two by running (as root):

# /sbin/lilo

This will stamp the previously formatted and writeable floppy in the drive with LILO, which will enable it to boot Linux next time. Remember, no floppy, Linux _LOST_, no further access (that I know of anyway), so you want some spares.

*****

When both installations are complete, you'll have a Windows XP that you boot normally, and a Linux install that you boot by inserting your magic boot floppy into the drive and booting from it (so enable "boot from floppy" ahead of "boot from hard drive" in the BIOS). And each will have read/write access to that intermediate partition, so that files may be shared between OS's.

Normal use of Linux will use the LAN card to get to your broadband modem and out into the wide Internet (and every account but for "root" is a limited account, no way will viruses have a hold on your box). Normal use of Windows will _not_, it will then be a "standalone" box, as safe as possible.

My apologies, this glosses over _many_ details, and barely scratches the surface of the wonderful operating system known as Linux (_e.g._ there's only one "look" to Windows, but SuSE has two main ones, and a host of older more primative "window managers").

Any who try this, Abandon Hope All Yee Who Enter Here, no wait, I mean "Good Luck" (and write me if you need to, I may or may not be able to "crack" problems, but I can hopefully advise where to check next ).
Builder is offline   Reply With Quote
Old 04-11-2006, 19:12   #38
Blitzer
Cool Cat
 
Blitzer's Avatar
 
Join Date: Jan 2004
Location: The communist's play ground of OHIO
Posts: 26,617
Send a message via AIM to Blitzer Send a message via Yahoo to Blitzer
Microsoft Says Recovery from Malware Becoming Impossible

Microsoft Says Recovery from Malware Becoming Impossible

By Ryan Naraine
April 4, 2006

LAKE BUENA VISTA, Fla.—In a rare discussion about the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation.

"When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit," Mike Danseglio, program manager in the Security Solutions group at Microsoft, said in a presentation at the InfoSec World conference here. Offensive rootkits, which are used hide malware programs and maintain an undetectable presence on an infected machine, have become the weapon of choice for virus and spyware writers and, because they often use kernel hooks to avoid detection, Danseglio said IT administrators may never know if all traces of a rootkit have been successfully removed.

He cited a recent instance where an unnamed branch of the U.S. government struggled with malware infestations on more than 2,000 client machines. "In that case, it was so severe that trying to recover was meaningless. They did not have an automated process to wipe and rebuild the systems, so it became a burden. They had to design a process real fast," Danseglio added...


Microsoft Says Recovery from Malware Becoming Impossible
__________________
It doesn't matter what the Joe on the street thinks, it is who pays the biggest bribes to the electoral college gets elected as President! :crying:
Blitzer is offline   Reply With Quote
Old 04-30-2006, 05:01   #39
MB-G26
Lifetime Membership
Inertia Bound
 
MB-G26's Avatar
 
Join Date: Oct 2001
Location: In my head
Posts: 14,935


Blitzer!!

Thanks!! It's great that people keep this thread updated and add new and developing tricks, work-arounds, protective steps, and keep it moving into the 'now everything is XP world'

I think I started it so long ago, the thread, that I was still only on a 98 machine, hehehe..... I've since learned to tolerate XP (but still kinda hate it) *snarf*

Getting into alternative OSs is on my long-range list of To Do's - but sheesh there's a lot of stuff in front of that particular entry LOL!

Keep adding new stuff!!
m
__________________
I am slowly falling apart - I wish you'd take a walk in my shoes for a start. You might think it's easy being me ... Sometimes I find myself shaking - In the middle of the night. And then it hits me and I can't - Even believe this is my life
(The Wreckers; "Stand Still; Look Pretty")
MB-G26 is offline   Reply With Quote
Old 06-26-2006, 10:44   #40
pellertpale
ReMember
 
pellertpale's Avatar
 
Join Date: Mar 2003
Location: The Fort
Posts: 1,296
Send a message via AIM to pellertpale
So if I follow the steps outlined in the original post will this remove the rest of this Sysprotect crap? i already ran a windows search for "sysprotect" and deleted all the files. Ran ad-aware, and ran norton. Do I need to reinstall xp?
__________________
Big Dawg #3800
BladeRunner #970
F OPEC

Pass here, and go on. You are on the road to heaven. - Jack Kerouac
pellertpale is offline   Reply With Quote

 
  
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT -6. The time now is 09:26.




Homepage
FAQ
Forums
Calendar
Advertise
Gallery
GT Wiki
GT Blogs
Social Groups
Classifieds


Users Currently Online: 1,005
281 Members
724 Guests

Most users ever online: 2,672
Aug 11, 2014 at 2:31