Announcement

Collapse
No announcement yet.

Virus/ Spyware

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Virus/ Spyware

    If this is not a good place to post please advise where a good place to do so would be please.

    Does any one know what Trojan Horse Downloader viruses are . Also I had my daughter download AD Aware and she did a scan and my found tons and tons of spyware bugs on the system. Can someone tell me if it is safe to remove those in file register or file reg? Someone told me not to mess with them, but there are a lot. Will they be on the system forever and will they still track her system use???

    This is my sisters computer ( she passed away last year ) and my daughter got the system from her estate properties. So she is quite sick about all of this mess she has. She did a scan with AVG and it found 7 Trojan viruses and she was able to heal 5 and somehow 2 were lost to her before the heal could take place. Can she still heal them??

    She has been very careful but had company and they wanted to play games on Yahoo and this all started then!! Any help or links to better understand this mess would be so appreciated!! Neb

  • #2
    http://www.windowsecurity.com/trojanscan/trojanscan.asp

    This will scan your computer, make sure your firewall or pop up stopper is turned off, re turn them on when you have done, it will get rid of any that are lurking, from then download maybe AVG and its free download from grisoft.com and update it daily.

    Comment


    • #3
      I had a run-in with these types of things (nasty) a few months ago, maybe a year or so now. Through a search I foudn a great site that gives step by step instructions on how to clean this mess up. Go to www.majorgeeks.com and to the support forums, and check out the spyware forum. There is a post stuck towards the top that says "READ THIS FIRST..." before posting. They have links to several programs (all free) you can download them right there even. I have cleaned up many a computer in the last several months using these steps. Good luck with it and if you have any question you can send me a message or join major geeks (free) and ask away. They are always very good at answering me, great great support!

      Dawn

      Comment


      • #4
        Hi Neb,

        Firstly, a Trojan, is a program which much like the Trojan Horse of history, has got inside your defenses by pretending to be something else. Once on your system,they can exhibit any number of undesirable traits, including home-page hijack, downloading of undesirable adds, keylogging, and a whole lot of other things you'd rather not have.

        The best way to defend yourself from them is to be a bit more selective of the things you click on. However, since you're already infected, its necessary to get rid of them.

        No single program will get rid of all Spyware. It's usually necessary to run a couple.

        Adaware is a good start, its usually non-destructive, so you can run it without too many qualms. But just like anti-virus programmes, its important that you update and use the latest version.
        The latest version of Adaware is SE personal, and its available for free at
        http://www.lavasoft.de/

        Also try Spybot Search and Destroy, it's a bit more aggressive than Adaware, but I've been using it for years with no adverse effects. Its available free from here http://spybot.safer-networking.de/en/index.html

        Once you've got rid of them, its important to keep them out. Firstly insure you have a Firewall installed, and that its switched on. At the very least you should have Windows Firewall on.

        In addition, download and install Spyware Blaster, another free programme, it does not remove spyware, but it does set up a barrier, to prevent the re-infestation of many types of spyware. Find it here http://www.javacoolsoftware.com/spywareblaster.html Also from the same place download and install Spyware Guard, it actively prevents you from downloading spyware. This is the link. http://www.javacoolsoftware.com/spywareguard.html

        If you've used these, you should have got rid of your spyware and insured that you are less likely to get infested again.

        One last bit of info, you may have been infested by one of the CoolWebSearch variants. These are particularly difficult to deal with. Both AdAware, and Spybot do not always successfully remove all variants 100%.
        In this case try downloading CW Shredder, a small free standing piece of software that usually removes it completely. Download it from here. http://www.majorgeeks.com/download4086.html

        Lastly, one of the reasons you've been infested, is because you're probably using IE as your browser. IE is notoriously insecure, and because it is the most popular browser, it stands to reason that more Spyware is written for this, than any other browser.

        Try using Firefox, I've been using it for quite some time now, and since I have, I've not picked up any Spyware. Download it here http://www.mozilla.org/products/firefox/

        For a bewildering amount of extra information, and for help in removing spyware not addressed by the programmes above, visit Spyware Warrior, here http://www.spywarewarrior.com/rogue_...tm#trustworthy
        Last edited by Gary Richardson; 04-26-2005, 05:05 AM. Reason: Adding extra info and links to help

        Comment


        • #5
          Added a bit of extra info to post above. Hope this helps.

          Comment


          • #6
            hi

            hi
            just to confirm what you have read, and probably got confused with

            We use avg antivirus, zone alarm firewall, and spybot, they are all free and are quite easy to use and install, i to have had trojans etc ( avg and zone alarm do block or let you know they are there ) spybot has cleaned them all with no trouble, We also found that with one trojan it got in through a hole in internet explorer for which there is a update, so check for updates, ( also update spybot the others do it automaticaly )
            Just take your time and you will get it sorted

            Palms

            Comment


            • #7
              Hi Neb
              Gary has posted some great links and advice, I would advise checking the links below for extra security though.
              Windows xp Tweaks and Security

              Download Hijackthis and then paste the log file here and it will tell you what it thinks are spyware and all other bad processes.

              Other programs reccomended are
              Trojan Defence Suite ( best on the market )

              ccleaner

              Winpatrol

              They will help on your problem.

              Cheers
              Romany

              Comment


              • #8
                Wipe hard drive?

                Just a thought... are you trying to preserve the data on this machine? If you simply want a useful computer, by far the most complete method for getting rid of adware, spyware, trojans, and the rest is to completely wipe the system hard drive and reinstall the operating system. Any computer shop or handy geek friend would be able to do this for you, or you could easily do it yourself. If this is a Windows PC or a Mac, simply put the original system disk in the hard drive and follow the instructions on doing a complete reinstallation.

                In fact, if there is data you want to preserve, consider writing that data to a CD or similar isolated place, reinstall the operating system, and then run the adware/spyware/virus detection programs on the CD files rather than on the entire system.

                Comment


                • #9
                  i use ad-aware, hijackthis, zone alarm (the free version), norton anti-virus, and win patrol. all are excellent programs (as mentioned above). they all handle slightly different things (also as mentioned above). zone alarm and win patrol are preventative. the others are cleaners. and for browsing i mostly use mozilla (ya gotta love tabbed browsing).

                  you shld also keep a clean restore point in windows xp that you're sure is NOT infected in any way. you dont want to RESTORE a virus or other malware.

                  another good help is something like norton GHOST. this makes an image of your entire drive (or whatever portion you specify) that can be saved OFF of the computer and used to restore your system. it will even backup windows itself, including those files that normally cant be backed up because windows is currently running.

                  and lastly, if i'm at all suspicious of a program i'm about to install, i use a program called 'Total Uninstall'. this is a logger program. you use IT to install the suspicious (or any) program. as that program installs, total uninstall logs EVERYTHING that is done to your computer, including the registry, and all drives specified. because total uninstall monitors the API (application program interface) and all calls made to it, EVERY API call is logged. and before even running, total uinstall scans your system to see what's there first so it can restore whatever it needs to. it even logs AFTER the install. thus, if your program turns out to be malicious, you run total uninstall again and have it remove the errant program. this is a great program in case any of your other anti-malware fails to spot something.

                  K.

                  Comment


                  • #10
                    Just a word of warning.

                    Kraellin uses Hijack This. This is not a program to be used without expert advice.

                    It is quite possible to totally wreck your computer using it.

                    The best way to use it, is to use the logging facility, and post the log to a help forum, such as http://spywarewarrior.com/index.php

                    Here expert advisers will take you step by step through the procedures you need to do to remove the offending spyware.

                    Comment


                    • #11
                      gary is correct. hijackthis can remove registry entries which may be critical to your system. however, it does have a feature to back those items up before removal, allowing you to restore them if needed.

                      also, hijackthis was developed primarily as an aid to those whose browser had been 'hijacked'. hijacking is the action of altering one's browser settings and parameters by a thrid party with such things as changing your home page, changing your preferred search engine, embedding 'call home' devices such as dialers (and others), and a number of other unwanted programs and devices. thus the name 'HijackThis' (it's one word in this case; no space between hijack and this).

                      it's an excellent program for what it's designed to do, but it is powerful and a bit dangerous in that you can mess some things up on your system. i've never seen it completely render a system inoperable, but it could conceivably screw up your browser pretty badly.

                      the latest version also comes with a couple other security features. i highly recommend this program. i forget whether there is a 'pro' version or not. i'm currently using just the free, unregistered version, and would not run any system i own without it.

                      also, while still on the subject of security and browsers, it's a good idea to set certain functions of your browser to something other than 'enable'. things like active x and scripts are a bit of a security risk. set them to at least 'prompt' in your options/preferences lists, which will force the browser to offer you a choice when a website wants to install a script or active x app. cookies can also be used to track information and i tend to set these to 'prompt' also. the newest browsers have very good cookie handling routines. mozilla, for example, will allow you to set certain sites as 'always allow cookies from this site' or 'never allow', thus giving you tailoring abilities when you trust or dont trust certain sites.

                      zone alarm can also be used for anti-malware. not only does it block unwanted incoming garbage, but it also detects outgoing signals from your computer. thus, if you do get a 'call home' program put on your system, when the call home device attempts to call home you will alerted by zone alarm and can block it. typically, 'call home' devices are keyloggers, dialers, spyware and so on.

                      a keylogger registers and logs every key you hit on your keyboard. thus, if you manually enter a password, this gets logged by the keylogger and sent out on the net to the receiver somewhere and they now know your password(s).

                      dialers typically attempt to call out to a location which contains other malware. the dialer then attempts to download this other malware onto your machine. this other malware often contains other trojans or viruses, or means whereby an attempt is made to charge your money for something.

                      'spyware' can be anything from simple cookies that keep track of your password and login data for a given site, to full blown 'we want to know everything that's on your system, including passwords, credit card numbers, and other security information.

                      but prolly the worst offender for putting malware on your system is your email program. if you're using micosoft's outlook or outlook express in particular, you shld turn off viewing emails in html format (i seem to recall this was because of the active x feature which the html format could use). your anti-virus program shld also be set to check every incoming and outgoing email. and there are a couple other things to change as well, but i've turned all those off so long ago that i dont currently recall them all.

                      sadly, there are malicious people out there. it pays to be just a bit cautious.

                      if all of this is a bit confusing, the simple solution is get an anti-virus program and a firewall of some sort. those are just plain required any more. and as mentioned in an earlier post by someone else, even if all you have is microsoft's default firewall that comes with windows XP, use it!

                      K.

                      Comment


                      • #12
                        Hi Kraellin,

                        With Hijack this, you can alter more than just browser settings. Although it is rare to totally foul up your system, due to the backup system, it is still possible to not only wreck your browser, but also to affect critical systems files. As I said in my earlier post, always seek expert instruction, unless you are a very experienced operator and absolutely sure of what you're doing.

                        If you're using IE as your browser, it's worth installing ie-spyad, available from here https://netfiles.uiuc.edu/ehowes/www/main.htm
                        this is a programme which adds known ad and spyware distribution sites to the Restricted Sites zone of IE.

                        These sites are then set to max security in IE, and downloads and Active X controls are shut off if you visit them.

                        Also consider installing a hosts file, this puts a whole lot of known crudware sites into your hosts list, and allocates them the number 127.0.0.1 also known as local host. Thereafter, if you try to go to a site that's on your list, the address found for the url you enter will be wrong, and you will not be able to go to that site.

                        If you are using Spybot Search and Destroy, it comes with a hosts file.

                        Comment


                        • #13
                          For Mac users with Spyware problems (Rare but becoming more common) the only scanner I know is here http://macscan.securemac.com/

                          Comment

                          Related Topics

                          Collapse

                          • Craig Walters
                            Computer Security
                            by Craig Walters
                            i didnt see a forum or thread here on retouch that is dedicated to computer/software security, so i thought i'd start one.

                            10 years ago, computer security meant getting norton anti-virus and running it every once in a while. today, all that has changed. any more, you shld be running a...
                            06-15-2005, 03:58 PM
                          • Craig Walters
                            Two days of hell ... trojan horse probs
                            by Craig Walters
                            well, i've just spent the last two days trying to get rid of a virus, a trojan horse type, Zlob. this was one nasty sucker to get rid of. it hijacked my browser, stuck some 'security' software on my system, and drove me just about nuts for two days.

                            part of this thing is the 'mssearchnet.exe'...
                            04-13-2006, 12:50 AM
                          • nebgranny
                            Software Scam
                            by nebgranny
                            Morning :
                            My friend has a problem with a screen which came up on her computer last evening. It has taken over as her home page which she can still get to via her favorites. It keeps intruding and comes up with a message telling her that her computer has been compromised and she has a virus. It...
                            11-03-2008, 02:51 AM
                          • unimatrix001
                            Computer problems: spyware mainly
                            by unimatrix001
                            I have been rather busy lately removing several spyware programs from computers. These people that i remove the spyware and viruses for, always ask me how they got it and if they can prevent it. I find it very hard to give them an answer they are happy with. Usually the first thing they say is i don't...
                            09-25-2010, 04:10 PM
                          • thomasgeorge
                            Spyware Remover
                            by thomasgeorge
                            There is a neat, and free, little program you can download by going to ZD net downloads, called Ad-Aware which will remove spyware programs from your computer. Spyware programs report back to their host server at intervals and can send a lot of information about your browsing habits and so forth out...
                            12-22-2001, 09:13 PM
                          Working...
                          X