Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

How do i stop MSN from wanting to track user activity (monitor keystrokes, etc.)?

0 views
Skip to first unread message

amygdala

unread,
Jul 7, 2006, 9:31:47 AM7/7/06
to
Hi,

A while ago I got a virus on my computer through browsing the Internet. It
had something to do with vsdatant.sys and it showed blue screens. Since then
my firewall ZoneAlarm keeps alerting me of the fact that MSN is trying to
monitor user activity (monitor keystrokes and the likes). I've formatted my
harddrive since, reinstalled XP and thus MSN off course, but I still get
these alerts. Is anybody formiliar with such spyware (?) like activities
through MSN after having caught a virus? And if so, does anybody have a good
working example of how to get rid of this annoying tracking attempt? Your
help is much appreciated. Thank you.


Message has been deleted

amygdala

unread,
Jul 8, 2006, 9:04:44 AM7/8/06
to

"StephenB" <sbo...@mvps.org> schreef in bericht
news:b1uta2l4vsvvis6ct...@4ax.com...
> vsdatant.sys is apparently a component of Zone Alarm. The blue screens are
> crashes of the operating system and there appears to be some reports of
> problems
> with crashes with this file being involved:
> http://www.file.net/process/vsdatant.sys.html
> and from the zone alarm forums:
> http://forums.zonelabs.com/zonelabs/board/message?board.id=Off-Topic&message.id=10273
>
> I would suggest going to the Zone Alarm forums for assistence on both the
> crashes and the reports that you are getting about MSN. I am pretty
> confident
> that there is no activity in the MSN software that is malware. That does
> not
> mean that you have not been infected by malware that is causing Zone Alarm
> to
> report the culprit as MSN.
>
> I also recommed a full spyware scan at http://www.ewido.net and/or
> http://safety.live.com The former is a 3rd party site and the latter is a
> Microsoft site.
> -steve
> --
> Stephen Boots
> MVP MSN.COM
> sbo...@mvps.org

Thank you for your response Stephen.

I have already scanned my system extensivly with all sorts of anti-spyware
software; of no avail.

I read up on that vsdatant.sys virus (Trojan.Satiloler.e) earlier and read
that it, amongst other things, causes ZoneAlarm and virusscanners to be
disabled, but also tries to steal account information such as login names
and passwords. I would imagine that it would thus also be able to send back
my IP address.

So I was wondering, and maybe I'm talking rubbish here, but would someone
hypothetically be able to hack into my system through open MSN ports without
the use of malware installed on my system once that person knows my IP
address and is aware of the fact that MSN is installed?

Cheers
Niek


Message has been deleted

...winston

unread,
Jul 9, 2006, 12:16:57 AM7/9/06
to
Your ip address is visible with or without a firewall..
http://www.grc.com/default.htm

Scroll to Shields Up, click, let the page load, scroll to the bottom click
'proceed', then click on any of the available options..file sharing, common
ports etc..

While there...open MSn software and check your ports(common, all. file
sharing etc)
If sound you should have similar results

Common Ports:
0 Ports Open
0 Ports Closed
26 Ports Stealth
---------------------
26 Ports Tested
ALL PORTS tested were found to be: STEALTH.


All Ports:
0 Ports Open
0 Ports Closed
1056 Ports Stealth
---------------------
1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.


File Sharing:
"All attempts to get any information from your computer have FAILED. (This
is very uncommon for a Windows networking-based PC.) Relative to
vulnerabilities from Windows networking, this computer appears to be VERY
SECURE since it is NOT exposing ANY of its internal NetBIOS networking
protocol over the Internet"

...winston


"amygdala" <nor...@noreply.com> wrote in message news:44afad88$0$2019

:. I would imagine that it would thus also be able to send back
: my IP address.


amygdala

unread,
Jul 11, 2006, 7:26:59 AM7/11/06
to

"StephenB" <sbo...@mvps.org> schreef in bericht
news:qreva2hcgsh8qfnip...@4ax.com...

> "amygdala" <nor...@noreply.com> wrote:
>
>>Thank you for your response Stephen.
>>
>>I have already scanned my system extensivly with all sorts of anti-spyware
>>software; of no avail.
>>
>>I read up on that vsdatant.sys virus (Trojan.Satiloler.e) earlier and read
>>that it, amongst other things, causes ZoneAlarm and virusscanners to be
>>disabled, but also tries to steal account information such as login names
>>and passwords. I would imagine that it would thus also be able to send
>>back
>>my IP address.
>>
>>So I was wondering, and maybe I'm talking rubbish here, but would someone
>>hypothetically be able to hack into my system through open MSN ports
>>without
>>the use of malware installed on my system once that person knows my IP
>>address and is aware of the fact that MSN is installed?
>>
>>Cheers
>>Niek
> If the Trojan you list is on your system, it needs to be removed. Since
> you have
> a firewall installed, it is highly unlikely that someone hacked into your
> PC.
> Trojans arrive as a payload or through an open port, attacking a
> vulnerability.
> Your firewall would have protected from the latter.
> Here's Syamntec's description of the trojan and how to remove it:
> http://www.symantec.com/avcenter/venc/data/trojan.satiloler.e.html

>
> -steve
> --
> Stephen Boots
> MVP MSN.COM
> sbo...@mvps.org

Thanks Stephen, but I think the virus is gone already, since I completely
formatted my harddrive. I just have a feeling that my problem is the side
effect from a virus that 'visited'. Anyway, I will ask around in ZoneAlarm
fora and the likes.


amygdala

unread,
Jul 11, 2006, 7:39:08 AM7/11/06
to

"...winston" <merlin@druid9#.com> schreef in bericht
news:%23%23CRd5wo...@TK2MSFTNGP04.phx.gbl...

Thank you Winston. This has been very reassuring. My computer passed all
tests.


0 new messages