During the build of a new system, several viruses and chunks of Spyware came onboard.
Apparently one piece let a lot of others creep-in; still not sure what started it all.
Found a LOT with the help of the following tools ...
- GRI/AVG (free) - be SURE to get the LATEST version AND the latest set of descriptors.
a good virus tool; does scans and will intercept opens of infected files;
may intercept files when stored, but not sure about that facet.
Likely AOK to remove anything which it has identified.
- McAfee AntiSpyware (purchase - may be available with rebate or as a free trial)
http://us.mcafee.com/root/package.asp?pkgid=182
http://www.google.com/search?hl=en&q=mcafee+antispyware
http://www.soft32.com/download_27012.html
It seemed to me to be very sophomoric, but it can do some good.
The product support can be described in one word: poor.
Produces a list of things which are running and/or present;
you check the items to be deleted; it deletes them -- maybe.
It may identify as problems things which are NON-existant.
It may NOT remove everything which it claims to remove.
It may identify harmless things as problems,
which may cause other harm if they are deleted.
THIS facet hurt me: had to restore one file from the recycle bin.
Likely AOK to remove anything which it has identified; but do see comments above.
Suggest NOT deleting any file with a name of the form VFPxxx.DLL
- AdAware (free) - be SURE to get the LATEST version AND the latest set of descriptors.
http://www.lavasoftusa.com/support/download/
http://www.google.com/search?hl=en&lr=&q=adaware
Produces a list of suspect things which are running and/or present;
you check the items to be deleted; it deletes them.
Likely AOK to remove anything which it has identified.
- SpyBot (free) - be SURE to get the LATEST version AND the latest set of descriptors.
http://www.safer-networking.org
http://majorgeeks.com/download2471.html
http://www.google.com/search?hl=en&lr=&q=spybot+search+destroy
Produces a list of suspect things which are running and/or present;
you check the items to be deleted; it deletes them.
Likely AOK to remove anything which it has identified.
- TrendMicro's OnLine Scan (free) as per the page at ...
http://housecall60.trendmicro.com/en/start_corp.asp?id=scan
Produces a list of suspect things which are running and/or present;
you check the items to be deleted; it deletes them.
Likely AOK to remove anything which it has identified.
- HiJackThis (free) - be SURE to get the LATEST version.
BEFORE using this, be SURE to run the 3 processes above: AdAware, SpyBot, Trend
http://www.tomcoyote.org/hjt/
http://www.google.com/search?hl=en&lr=&q=hijackthis
Produces a LOGable list of many things which are running and/or present;
you check the items to be deleted; it deletes them.
The list contains BOTH harmful and AOK stuff;
it must be treated with GREAT CARE AND SOUND ADVICE, e.g.,
see web forum below. .
- Advice Web Site (free) THIS IS A MUST!!
http://www.mytechsupport.ca/ (there may be others, but this one was good to me)
http://www.google.com/search?hl=en&lr=&q=items+identified+HIJACKTHIS+log
REGISTER/SIGN UP, and follow the path to ...
"All Forums | INTERNET & NETWORK SUPPORT | Security & Viruses"
Post a new topic there asking for help in understanding the log output from
HiJackThis, which you should then copy/paste into your post message text.
In some cases there may be a need to delete files with names which contain illegal
characters -- specifically question marks(?).
Usually these files will be seen in lists as having other names,
and identifying the right one can be a problem,
(E.g., ??EDED.EXE may show up as two copies of NEEDED.EXE)
but the bad one will likely be order in the usual alphanumeric lists.
Attempting the delete such files often will result in the deletion
of MORE than just the desired file.
Then the good one(S) must be found and restored from the recycle bin.
BE CAREFUL!!!
========================================
Just before I stored this file for keeps, I received the following in email from FIRETRUST.
This outfit is very trustworthy, and for a long time I have been making VERY GOOD use
of their MAIL-WASHER-PRO program which can let you see the sender and subject
(and even a preview) of your incoming email BEFORE you bother to download it;
you can then decide either to delete it, bounce it
(user gets a message that your address is invalid and may eventually delete you from their list),
or allow it to come into your email client in the normal fashion.
Their products seem AOK as well as their advice.
============ from Firetrust . . . . . . . . . . .
What is spyware?
Spyware refers to a category of programs that illegally monitor
your computer activity, often capturing and transmitting your
personal information without your knowledge. In the process, they
often cause your computer to become slow and unstable, and cause
problems when you connect to the Internet.
Is it the same as adware?
Adware is legally installed software that tracks your online
behaviour while you surf the Web. Some adware programs transmit
this information to online advertisers, who can then target you
with advertising based on your surfing habits.
Adware also includes 'cookies', which are small programs placed
on your computer while you visit shopping sites. Cookies are
normally harmless. Without them, e-commerce would be a tiring
exercise in filling out forms every time you visited each site.
If in doubt, read a site's privacy policy before you enter
personally identifiable information at their web site.
------------------------------------------------
What sort of personal information can spyware and adware send to
other people?
Adware can send a record of the websites that you have visited.
Spyware is different. Some kinds of spyware called "keyloggers"
can record all of your keystrokes and transmit them without your
knowledge. This means that all of your passwords and credit card
details can be compromised.
------------------------------------------------
What harm can these programs cause?
Apart from the disastrous effects of identity theft, spyware also
causes numerous side-effects.
If you've noticed that your PC has become slow and unreliable,
has trouble connecting and acts strangely when you're surfing the
Internet, then it's likely you've got spyware on your system.
The slowness and unreliability comes from the spyware consuming
your system's memory and processing power at the expense of the
programs you actually want to run.
The strange behaviour when you're online can include your home
page changing and your browser redirecting you to sites that
you've never heard of, let alone wanted to visit. Often these are
pornography, financial services, or pharmaceutical sites. In
other words, the sort of thing that spammers try to sell you!
Even more alarming is the emergence of 'stealth dialers'. These
are programs that, once placed on your machine, proceed to dial
up premium-rate international phone numbers. You don't know
they're there until you receive a gigantic, inexplicable phone
bill at the end of the month!
In a recent survey by AOL, 80% of the users had some form of
spyware or adware on their machines. Of these, 90% did not know
about the infection and, even worse, didn't even know what
spyware was!
For these reasons, spyware has replaced viruses as the number one
security threat to PCs.
------------------------------------------------
How can I stop spyware from getting onto my PC?
Popular free applications like file-sharing programs and even
instant messaging software can come with spyware or adware
bundled. If in doubt, don't install these programs.
Keep your web browser up-to-date with Microsoft's security
patches by going to Microsoft's Update Page :
http://windowsupdate.microsoft.com/ .
And make sure you NEVER click on links in spam, no matter how
tempting it is! These links will often open sites that download
spyware and hijack your browser.
------------------------------------------------
How can I stop spyware from stealing my personal information?
You should install a personal firewall to stop spyware "phoning
home" in the event that it does get onto your system. We
recommend Outpost Pro - http://www.firetrust.com/firewall - but
there are some good free firewalls around too.
------------------------------------------------
How can I detect and remove spyware from my PC?
Download a spyware detection and removal tool. I recommend that
you select from the following list of products. They seem to have
different strengths so use more than one of them.
Spyware Doctor - http://www.firetrust.com/promotional/spydoc/
Spybot Search and Destroy - http://www.safer-networking.org
Ad-Aware - http://www.lavasoft.de
PestPatrol - http://www.pestpatrol.com/
Spy Sweeper -http://www.webroot.com/products/spysweeper/
Be very wary about downloading other spyware removal tools,
because many 'anti-spyware products' actually install spyware of
their own on your computer!
Read this recent PC World Magazine article for more details about
fake spyware removal tools :
http://www.pcworld.com/news/article/0,aid,118362,pg,1,00.asp
For further reading, visit these excellent anti-spyware resource
sites :
http://www.io.com/~cwagner/spyware/
http://www.freespywareremoval.info/
http://www.free-spyware-adware-removal.net/index.html
------------------------------------------------