Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Spyware installs with no interaction in IE on fully patched XP SP2 box
From: Harlan Carvey <keydet89 () yahoo com>
Date: Sun, 3 Oct 2004 12:36:38 -0700 (PDT)

This machine is a fully patched XP SP2 box, with
the default security 
settings for IE's Internet Zone. Does anybody know
what method this crap 
could be using to install without any user

It's a little hard to tell accurately without taking a
look at what you removed; ie, saying that you cleaned
things out of the Registry is great, but without
knowing what keys you "cleaned", it's hard to tell.

However, doing a quick search on Google for
"atpartners", some of the info I found points to

Sorry, wish I could help more, but I'd need more info...

Harlan Carvey, CISSP
"Windows Forensics and Incident Recovery"

"Meddle not in the affairs of dragons, for
you are crunchy, and good with ketchup."

"The simplicity of this game amuses me. 
Bring me your finest meats and cheeses."

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]