[SEL] spyware OT
Bill Dickerson
bill at antique-engines.com
Fri Oct 7 20:48:52 PDT 2005
A. It's possible some application, such as HP scanner or data drivers
installed this, and the Windows "Recovery mode" is putting it back if it
gets deleted. Or there is some "shareware" or "freeware" that installed it.
B. It's possible that it's one of those multi-threaded threats that actually
runs a hidden process to rebuild its own files if they get deleted or
disabled. Unless you are REALLY good with Windows, they are tough to
kill/remove.
C. There is something you are doing, some web site you are visiting that
keeps putting it back.
To know for sure, I'd need to see the registry entry that loads or runs it,
the exact name and location of the file, and even possibly to look "inside"
the file for more information about it, what it does and where it came from.
I run Symantec Antivirus Corporate edition 9.2 and it finds such threats as
they appear, making it very easy for me.
There are some utilities you can run that find running processes and parse
the registry to find their load points, then they will print a report. A lot
can be learned from that.
I do really like the latest Spybot Search and Destroy, too. I think they are
at version 1.4 or something like that now.
In your case, the file may be gathering info such as what URLs you visit,
information about your computing habits, what's on your computer, name,
email address, IP address, etc and sending it out somewhere.
Generally these are used to gather information for advertising purposes.
There's BIG bucks in this stuff.
I deal with this stuff daily at work................
Bill
-----Original Message-----
From: sel-bounces at lists.stationary-engine.com
[mailto:sel-bounces at lists.stationary-engine.com] On Behalf Of
Germoamer at aol.com
Sent: Friday, October 07, 2005 4:45 PM
To: sel at lists.stationary-engine.com
Subject: [SEL] spyware OT
I have Adaware 6 and Spybot Search and Destroy and run them frequently.
Every time I run Adaware it always comes up with the same list of problems:
vendor type category
Tracking Co. file Data Miner
I usually get a list of the same thing maybe 15 or so depending on when I
run Adaware. Anyone know what this means and should I be doing anything
different.
Thanks,
Tom Schmutz
Concord, Va. USA
Germoamer at aol.com
_______________________________________________
SEL mailing list
SEL at lists.stationary-engine.com
http://www.stationary-engine.com/mailman/listinfo/sel
More information about the sel
mailing list