Have just done a serious research on my Windows98(se) client.
Some frightening matters showed up :
While watching news on telly - a warning was issued on a new virus (cookie-type) snatching your home-banking informations.
The detailed information tells that most likely your bank's name would be listed within the virus programme itself.
I then did a (text-string) search on my HD (the complete drive) for a larger known nation-wide bank's name.
- AND SURE ENOUGH -
- this bank's name was found in 3 different .js (javascript) files, located in "temporary internet files" folder.
JavaScript files are executeable programs to run on your Windows !!
NOTHING TO DO with ANY programs I'm using/running on my PC
So here is a list of simple checks to do on your windows client :
(On NT & derivatives you must be logged on as administrator)
1) Close ALL programs ruinning (from the staus line)
2) In windows explorer ensure you set options to view system/hidden file types. Preferably also set viewing options for detailed listings - gets a better overview of files.
3) under windows (winnnt, winxp) main folder, locate the "TEMP" folder. EMPTY THIS FOLDER TOTALLY (do not delete folder)
4) locate the "COOKIES" folder and empty it.
5) locate the "TEMPORARY INTERNET FILES" folder and empty it. DELETE ALL SUBFOLDERS - if windows does not allow you to do so - then you MUST at least empty each subfolder separately.
Now - if your windows are set up for individual users profiles - you MUST clean up the above mentioned folders found in each user's profile.
**** VERY IMPORTANT ****
Take your time to download (free/no registration) ALL POSSIBLE system updates to your windows sytem from Microsoft :
http://v4.windowsupdate.microsoft.com/
This submission is not an attempt to give expert advice - out of the plot - since the more popular this advice can be given - the more users may understand the meanings.
Please guys :
do NOT start a thread here on ANTI -virus/-spy ware. Find the old topic here and continue on this - not to diffuse/mess up matters.
INSTEAD : add any Windows client system knowledge/experience submissions here - in POPULAR terms - you feel may help the average Windows PC users. The plot is to keep down this very nasty virus.
Things getting serious now !
Moderator: RichardW
-
Jon
Nasty stuff.
So heres my handy tip of the day:
To prevent anyone getting hold of your credit card details when you've paid by card over the net, please note the following.
By default Windows 95/8/2000 is set to "save encrypted pages to disk" which means when you're using an online shop your PC saves a copy of the page where you entered your card details [:0]. A hacker, or similar could access these details.
Heres how to stop your PC doing this.
Start Menu
Settings
Control Panel
Internet Settings
Click on the Advanced tab
Scroll down till you find Security.
Then check the box " do not save encrypted pages to disk"
So heres my handy tip of the day:
To prevent anyone getting hold of your credit card details when you've paid by card over the net, please note the following.
By default Windows 95/8/2000 is set to "save encrypted pages to disk" which means when you're using an online shop your PC saves a copy of the page where you entered your card details [:0]. A hacker, or similar could access these details.
Heres how to stop your PC doing this.
Start Menu
Settings
Control Panel
Internet Settings
Click on the Advanced tab
Scroll down till you find Security.
Then check the box " do not save encrypted pages to disk"
-
Dave Burns
- Posts: 1915
- Joined: 14 May 2001, 05:30
- Location: United Kingdom
- My Cars:
- x 2
Download the free version of "Zonealarm" firewall from zonelabs at
http://www.zonelabs.com/store/content/home.jsp
Or buy the pro version as I did because it also blocks banner ads and popups[:)]
Not only will this firewall stop hackers getting to your machine, more importanly it will prevent unauthorised data from leaving your computer.
If you haven't got a good firewall running while you are on the net you will have no idea that your computer may be sending out information about you, and your unprotected computer is only too happy to oblige any such request from whoever and from wherever.
Dave
http://www.zonelabs.com/store/content/home.jsp
Or buy the pro version as I did because it also blocks banner ads and popups[:)]
Not only will this firewall stop hackers getting to your machine, more importanly it will prevent unauthorised data from leaving your computer.
If you haven't got a good firewall running while you are on the net you will have no idea that your computer may be sending out information about you, and your unprotected computer is only too happy to oblige any such request from whoever and from wherever.
Dave
-
Homer
- Posts: 1503
- Joined: 26 Feb 2003, 10:52
- Location: Yorkshire
- My Cars: Current:
Volvo V60 D4 180
Previous:
BX16RS (two of),
BX19TZI,
Xantia 2.0i saloon,
Xantia 2.0 Exclusive CT turbo Break,
Peugeot 807 2.0 HDi 110,
Renault Grand Scenic, 2.0 diesel (150bhp)
C5 X7 2.0 HDi 160 which put me off French cars possibly forever - x 16
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote"><i>Originally posted by AndersDK</i>
- this bank's name was found in 3 different .js (javascript) files, located in "temporary internet files" folder.
JavaScript files are executeable programs to run on your Windows !!
NOTHING TO DO with ANY programs I'm using/running on my PC
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">
The most likely explanation for those files is that you visited that banks website and the java applets were downloaded from there. Nothing suspicious at all, just part of what your web browser is supposed to do. Saying they had nothing to do with any programs you are using is wrong. You use java all the time if you have a web browser, you just don't know about it.
If you don't want java scripts to run you can disable them. You will get lots of messages telling you that you need java enabled to view the websites you visit though.
TV news is really not the best place to get your IT information. It is always dumbed down to make it understandable to the general population. The trouble is that removes any useful information.
Your best bet is to invest in a decent antivirus program and firewall, one which updates it's self regularly.
- this bank's name was found in 3 different .js (javascript) files, located in "temporary internet files" folder.
JavaScript files are executeable programs to run on your Windows !!
NOTHING TO DO with ANY programs I'm using/running on my PC
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">
The most likely explanation for those files is that you visited that banks website and the java applets were downloaded from there. Nothing suspicious at all, just part of what your web browser is supposed to do. Saying they had nothing to do with any programs you are using is wrong. You use java all the time if you have a web browser, you just don't know about it.
If you don't want java scripts to run you can disable them. You will get lots of messages telling you that you need java enabled to view the websites you visit though.
TV news is really not the best place to get your IT information. It is always dumbed down to make it understandable to the general population. The trouble is that removes any useful information.
Your best bet is to invest in a decent antivirus program and firewall, one which updates it's self regularly.
-
Homer
- Posts: 1503
- Joined: 26 Feb 2003, 10:52
- Location: Yorkshire
- My Cars: Current:
Volvo V60 D4 180
Previous:
BX16RS (two of),
BX19TZI,
Xantia 2.0i saloon,
Xantia 2.0 Exclusive CT turbo Break,
Peugeot 807 2.0 HDi 110,
Renault Grand Scenic, 2.0 diesel (150bhp)
C5 X7 2.0 HDi 160 which put me off French cars possibly forever - x 16
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote"><i>Originally posted by AndersDK</i>
While watching news on telly - a warning was issued on a new virus (cookie-type) snatching your home-banking informations.
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">
I would be interested to know where you got this information because it sounds like bad advice at best and at worst complete BS.
While watching news on telly - a warning was issued on a new virus (cookie-type) snatching your home-banking informations.
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">
I would be interested to know where you got this information because it sounds like bad advice at best and at worst complete BS.
On a board that I am moderator for in Oz, we recently copped a very strange posting.
It was titled "Question" and its author was supposedly "Daniel." Now we have several Daniels posting on this board so there was nothing sus about that, but when the title was clicked on to, the entire message page was covered in a repeitive message a 'la "CLICK HERE" style and I figured it was that pest that posts those similar type things under the handle "Tanya" (some kind of e-pimp) but before I could blink, the whole thing was shot across to a weird looking website that started off with words to the effect of "by clicking on the link & selecting this site you are now being recorded as......" which was enough for me to see warning signs & I quit out but not before noticing that the computer was going haywire. I then ran a freebie spyware detecting program through it as Norton hadn't detected anything, and even though I had deloused it only minutes earlier as I logged on, it found 15 spyware beasties running around in there.
Even more worrying was that when I tried to get into the admin section to delete the offending message, it was found I could no longer access it & the same was found on another board I am moderator on which is hosted by the same providor. Maybe just coincidence, but I had deleted messages from the p**n pimp on both boards in recent weeks, and this is the reason I delete them as fast as they appear as I would say these types are prime starters to be involved in any kind of criminally associated behaviour....after all, they don't exactly qualify as the cream of society do they??
The moral of the story is that with a board such as this, we as moderators can control & stay alert for this kind of posting & if deemed necessary take appropriate action & in this case, a warning has gone out to all others on this forum which means it is monitored 24/7 but there's a message in there about how careful you have to be at all times. It ads credence to the theory that the internet could self destruct if a lot of this type of activity isn't eliminated.
Alan S
It was titled "Question" and its author was supposedly "Daniel." Now we have several Daniels posting on this board so there was nothing sus about that, but when the title was clicked on to, the entire message page was covered in a repeitive message a 'la "CLICK HERE" style and I figured it was that pest that posts those similar type things under the handle "Tanya" (some kind of e-pimp) but before I could blink, the whole thing was shot across to a weird looking website that started off with words to the effect of "by clicking on the link & selecting this site you are now being recorded as......" which was enough for me to see warning signs & I quit out but not before noticing that the computer was going haywire. I then ran a freebie spyware detecting program through it as Norton hadn't detected anything, and even though I had deloused it only minutes earlier as I logged on, it found 15 spyware beasties running around in there.
Even more worrying was that when I tried to get into the admin section to delete the offending message, it was found I could no longer access it & the same was found on another board I am moderator on which is hosted by the same providor. Maybe just coincidence, but I had deleted messages from the p**n pimp on both boards in recent weeks, and this is the reason I delete them as fast as they appear as I would say these types are prime starters to be involved in any kind of criminally associated behaviour....after all, they don't exactly qualify as the cream of society do they??
The moral of the story is that with a board such as this, we as moderators can control & stay alert for this kind of posting & if deemed necessary take appropriate action & in this case, a warning has gone out to all others on this forum which means it is monitored 24/7 but there's a message in there about how careful you have to be at all times. It ads credence to the theory that the internet could self destruct if a lot of this type of activity isn't eliminated.
Alan S