[LINK] Question: How do you protect Windows?
link at todd.inoz.com
Tue Dec 7 11:58:13 EST 2004
I was perusing through my machine's directories last night, being that I
installed Win2K about a year ago and very little other software other than
my standard suite of applications, I was surprised to find lots of unusual
things all over the place.
Yes, most are trojans, key loggers, adpoppers and other nasty
things. Strangely other than the few I caught in action at the time they
installed, the others were all dormant and non functional.
I guess that means my habit of reviewing the registry and regularly
replacing the registry with my backup from the last "clean install" forced
many to be non-functional.
I did notice one thing that was very sticky until I really got into the
registry again - in Internet Explorer Security Settings, under TRUSTED
SITES there were two really nasty sites: topconverting.com and
They took a lot of effort to delete. Ad-aware deleted them, they just
reappeared. I had to manually delete them from the registry.
The reason I was drawn to all of this last night was a few strange things
in my task manager (I watch it all the time, hence my fast pickup on nasty
installs.) My wife has been using my workstation the last two weeks
whilst I've been sick and although it doesn't appear she's been anywhere
nasty or strange in her browsing (AFC, GOV.AU and a few others) there were
new nasties all over the place. WinAdServ.exe, WinAdClient.exe and many more.
After doing through WINNT, system32 and system directories I accumulated
over 300 DLL's, EXE's and other strange files that were dated over the last
two weeks and the occasional one dated earlier in the year.
I also found heaps of weirdly named .dat, .txt and .log files containing
binary data which I am yet to examine and decrypt. No doubt I will be very
I'm just wondering what software does anyone on Link use to detect auto
installers via browser and other applications?
I'm looking for something, preferably shareware, that can run all the time,
but I'll only run it occasionally. It's pretty rare I end up with a nasty
on my machine that I don't know about and being behind three firewalls they
tend to do very little anyway. Even if you log my keystrokes, my
"internal" passwords and my "external" passwords are all different (I have
over 600 passwords for our local network alone. I also change them
regularly and have a changing key system :> The key system is good for
about 6 or 8 password changes, then I change the key and the passwords.)
Anyway, any pointers would be appreciated. I'm now going to install Win2K
on my wifes machine as WinNT4 and her machine have died and constantly
More information about the Link