This post is via Firefox via VPC WinXP. Firefox ok

Post #148,931 by dmarker 3/27/04 7:12:33 AM Reply	This post is via Firefox via VPC WinXP. Firefox ok no crash after using Firefox to visit Iwethey. Will reconfirm results by doing same test but with IE Doug M
Post #149,016 by ben_tilly 3/27/04 8:23:59 PM Reply	Thanks, I look forward to the results "good ideas and bad code build communities, the other three combinations do not" - [link\|http://archives.real-time.com/pipermail/cocoon-devel/2000-October/003023.html\|Stefano Mazzocchi]
Post #149,055 by dmarker 3/28/04 3:09:08 AM Reply	Hmmm not what I was expecting at all ... 1) Firefox - www.astalavista.com - 'A web site has attempted to open a pop-up without your permission' (I clicked ok to continue - popup blocked) - 'Plug-in not loaded' - java-vm (I clicked get the plug-in) - I then seemed to be at a Netscape page. I closed it - Then selected ms****.com with a search arg of ** (censored) - Then clicked the 4th item in the displyed list - The requested data displayed but also a window with a msg .. 'A web site is requesting permission to install the following item:' 'Content Access Plugin 1.01' (I declined) - I returned to he list & selcetd another item - The requested data appeared (no window this time) - I then chose the 1st ref link on left side of ms**.com home screen - (<something>Spider.net) - entered a search arg & clicked search - Nothing came back so shut that site's window - Clicked another ref link from ms*.com (*Portal.com) - No results so used The.ws search engine - Ended up at ***Search.ws - Clicked a link to #####.nu - Went to 4 more sites and at 1 downloaded 4 small files - Firefox asked me what I wanted to do with them I clicked 'save to disk' but I don't really know (yet) where Firefox was putting them\\ - Had enough (by this time, if this was MSIE, I would expect 20+ cookies & 6 malware entries) When I had exited all the web sites I found the downloaded files on the desktop. Ran AdAware and Spybot plus Starter ALL 3 WERE PRISTINE - NO NEW THREATS 2) MSIE on WinXP Home (pristine install) Now to do same with Windows MSIE (Home Edition WinXP) - www.astalavista.com - Got a pop-up window (closed it) - Got cookie warning (closed it) - Got a Security Warning window - asked me if I wanted to accept some 'must be older than 18 pgm' (clicked close) - Got similar Security Windows 4 more time in visiting same sites as in test 1 above. Closed them each time Ran Adaware and SpyBot plus Ulimate Starter Hmmmm -- this time apart from 3 tracking cookies and Spybot recording 'Error During Check - Hotbar (Ungultige Gleitkommaoperation)' same result as for FireFox - no new threats. This I don't follow - the main difference between today's & yesterdays tests has been setting up a newly installed VM of WinXP home whereas the other was a copy of WinXP Pro. The test I had done with WinXP Pro I did 3 times & got the corruptions each time. There has to be some other thing I am missing here. Doug Marker
Post #149,123 by dmarker 3/28/04 4:21:57 PM 3/28/04 4:27:11 PM Reply	One last very odd discovery On a hunch I ran Spybot on the host WinXP Home edition & it found both Malware & cookies Malware downloads Tracking cookies So what to make of using VPC ? - dunno Doug M #2 - 1 x Double click 1 x DyFuCa 2 x HitBox 2 x PowerScan (an executable) 3 x Roings (2 of which were downloaded modules - 1 x Code Storage Database) Edited by dmarker March 28, 2004, 04:27:11 PM EST Expand All History
Post #149,195 by ben_tilly 3/29/04 11:17:51 AM Reply	Let's just say... I'm very glad that I don't have to deal with that kind of crap. ;-) Thanks for investigating. The inconclusiveness of your results underscores why your average user has no clue of figuring out what is really going on. Cheers, Ben "good ideas and bad code build communities, the other three combinations do not" - [link\|http://archives.real-time.com/pipermail/cocoon-devel/2000-October/003023.html\|Stefano Mazzocchi]
Post #149,265 by dmarker 3/29/04 5:28:29 PM 3/29/04 9:40:16 PM Reply	Not done yet - will get to bottom of this ... My main system acts as if it is innoculated. Also there was one other odd event that occured right at the time I cleaned up the host system. Going back to when this all started. 1) Cleaned up host#1 after 1st noticing excessive & questionable pop-ups (used Spybot & AdAware) 2) This host#1 is used for Internet browsing & is isolated from several other servers where serious work gets done. I have an initial image of host#1 as supplied by the vendor. This is a WinXP Home edition machine. 3) The day of the above clean-up I added a login password (hadn't bothered before as I can always rebuild the machine & consequently qasn't all that bothered. The day I added the login password, the system seemed to hang while booting. After several restarts & checking the Ram & disk connections, I let the machine take its time & it eventually booted (now boots like this each time). I was sure I saw some Internet activity during the dead screen period - on first start up I immediately had tried to disable the network connection but found an extra network adaptor icon (configured with an ip address) & seemed unable to turn it off (ignored the disable command). I shut the system down again & removed its UTP cable. Upon restart (slow) the network connection adapter icons were normal. (The icon resembled the type of network adapter that VMWare adds when it gets installed). I am now about to wipe this host#1 machine clean & do factory re-install. I will also re-install Connectix VPC and a pristine copie of XP in one VPC (have the WinXP CD that came from mfg. It installs ok as a VPC. If anyone has any clues as to why the machine might have behaved the above way I am all ears. Because the situation is abnormal as regards the events, I don't know what interpretation to place on them. Am not overly worried as I can and will reset to square one & I was deliberately pushing things as regards spyware. Doug M #2 AS OF TODAY - the host#1 computer is back to fast booting again. I haven't yet done the complete reinstall so I have no explanation as to why this has happened. The only other thing I have noticed is that while the slow boot was occuring, SpyBot would always list an error during checking. That seems to have gone now. ?. Edited by dmarker March 29, 2004, 09:40:16 PM EST Expand All History

Welcome to IWETHEY!