lists.openwall.net   lists  /  announce  john-users  owl-users  popa3d-users  /  xvendor  oss-security  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4 
Open Source and information security mailing list archives
 
Order Openwall GNU/*/Linux 2.0 on a CD with delivery worldwide
[<prev] [next>] [<thread-prev] [month] [year] [list] 
From: keydet89 at yahoo.com (Harlan Carvey)
Subject: Spyware installs with no interaction in IE on fully patched XP SP2 box

> > This machine is a fully patched XP SP2 box, with
> the default security 
> > settings for IE's Internet Zone. Does anybody know
> what method this crap 
> > could be using to install without any user
> interaction?

It's a little hard to tell accurately without taking a
look at what you removed; ie, saying that you cleaned
things out of the Registry is great, but without
knowing what keys you "cleaned", it's hard to tell.

However, doing a quick search on Google for
"atpartners", some of the info I found points to
BHOs...

Sorry, wish I could help more, but I'd need more info...

=====
------------------------------------------
Harlan Carvey, CISSP
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://groups.yahoo.com/group/windowsir/

"Meddle not in the affairs of dragons, for
you are crunchy, and good with ketchup."

"The simplicity of this game amuses me. 
Bring me your finest meats and cheeses."
------------------------------------------

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux