UPDATED 27 AUG 2005 0617

First, make sure your version of windows is up to date by visiting http://windowsupdate.microsoft.com if you have a legit license. IF YOU DO NOT HAVE ONE, PURCHASE ONE OR BUY A NEW PC WITH WINDOWS PRELOADED.

Second, install Microsoft Anti Spyware. I have had problems with Spybot Search and Destroy a long time ago, so I don't use it. I used Giant Anti Spyware, which was before Microsoft bought out Giant.
URL: http://www.microsoft.com/athome/secu...e/default.mspx

Third, install a virus scanner. There are free ones, so theres no excuse for not having one.

AVG - www.grisoft.com - used in the past, is a very good scanner with free updates.

ClamWin - www.clamwin.com - I recommend this because clamscan is a very good UNIX virus scanner (for mailservers/webhosting), and this is a port to the Windows platform. Free updates.

HouseCall - http://housecall.trendmicro.com - Has anti-virus, security scan and spyware scan, plus it's an online scanner, so you can run a scan whenever you want, and don't have to install any software.

Fourth, do not trust executables (programs, games, etc.) on p2p. A virus spreads by infecting other executables, which could be in that user's shared folders. You download and install the program, you get yourself infected. Also, I have heard rumors that people are making hacked versions of software for p2p that will take over people's computers.

Don't believe me, the software was FlashFXP and I have seen an infected version of Trillian floating around.

What benefit does a person have sharing software with you. He has more to gain by inserting a backdoor/virus/trojan, whatever on your computer. Plus, if it says the program is virus free, the file still might be infected by an unknown backdoor/virus/trojan. People who write such programs regularly change their versions to get around virus scanner detection.

Only trust freeware, shareware, and commercial programs from their respected websites and from authentic third-party websites like www.download.com or www.tucows.com

Fifth, stop using Internet Explorer.
Use Opera www.opera.com, Firefox www.getfirefox.com, or Mozilla www.mozilla.org. - that will stop a lost of the spyware from installing from the Internet, because spyware seems to be easier for people to download on Internet Explorer by ActiveX or "drive-by" downloading.

"Drive-by" downloading is when you are prompted to download and install something before you can "view" some material. This is popular on lyric pages, more "grey" areas on the Internet, and on porn sites. These "viewers" are normally spyware or dialers, which can reconfigure your dialup to dial expensive overseas porn which you find out by a large phone bill.

If you decide to use Internet Explorer (for whatever reason), please install BHODemon - http://www.majorgeeks.com/download3550.html

BHOs are browser help objects, which is an Internet Explorer only feature *cough*mistake*cough* that allows something like Google Toolbar, Yahoo Toolbar, etc. to install in Internet Explorer to help you browse. Spybot Search and Destroy plus Adobe Acrobot Reader are both examples of legit BHOs. Bad BHOs can be keyloggers, password stealers, generate popups, etc. generally nasty stuff. BHODemon takes care of it.


TRY THIS FOR MAXIMUM PROTECTION ONLINE


Download Privoxy Here. Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, modifying web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit individual needs and tastes. Privoxy has application for both stand-alone systems and multi-user networks.


Privoxy is easy to install. Double-click the exe and let the setup run. When you are done, configure your web browser to connect to localhost and port 8118 as your proxy server.

It makes the Internet run so much smoother. The greatest thing about Privoxy is that it knows when websites have IE exploits on them to attempt to mess with your computer, and Privoxy will prevent you from going to that site. However, you can ignore Privoxy and go anyway if you're on Firefox/Mozilla/Opera.


moderator: please make this thread sticky.

__________________
remember the horse pictures? the dude in them died


SATISFIED PEOPLE WHO I HELPED
limewire starts up too slow for you?
spyware, viruses and other nasties
bypassing the firewall with Tor
use return to default settings if you mess up
there is NO SPYWARE in Limewire -- PROVEN
Who have you helped today?

Look what, spyware scan, found on my computer...

Attached Images

clipboard03.gif (31.7 KB, 530 views)

__________________
Now... Verry slowlly... Put the gun to your head... slow... spin the cylinder... pull the trigger !!!

.~Stamp Of The State~.

Hey... the spyware scan program showed me the LimeWire as a p2p program who can threats my computer and asked me if I want to remove this threat... I know that LimeWire isn't a virus... I only wanted to "share" with you this funny "error"... If you you want to see this with your own eyes just scan your comp. online... (as I did) Sorry if you got me wrong...

__________________
Now... Verry slowlly... Put the gun to your head... slow... spin the cylinder... pull the trigger !!!

.~Stamp Of The State~.

im not sure why they're catching it as spyware. does the free version have ads in it? if so, that's most likely why they're flagging it as spyware.


i have a program called radmin 2.2 by famatech which is like pcanywhere, VNC, or any remote control program that is used to access a computer over the Internet. norton antivirus cannot stand it when radmin is installed on people's computers. it automatically says its a virus, however radmin is a commercial program sold by a legitimate company for legitimate purposes.


i believe norton has a comparable product to pc anywhere, therefore thats why they're flagging the thing as a virus. if it was a norton product, i seriously doubt that it'll find its own products as viruses.

the perfect way to stop viruses is to change your whole attitude about the Internet. if you treat every piece of software on p2p as a potential virus, you will notice your infections going down.


i dont run a virus scan and the last virus i had was one that was supposed to download and install while i was browsing the Internet, but I was using Firefox and the virus scanner noticed the virus in Firefox's cache.

__________________
remember the horse pictures? the dude in them died


SATISFIED PEOPLE WHO I HELPED
limewire starts up too slow for you?
spyware, viruses and other nasties
bypassing the firewall with Tor
use return to default settings if you mess up
there is NO SPYWARE in Limewire -- PROVEN
Who have you helped today?

I've made this thread a sticky as it might be a good help to newbies and more experienced user alike. This means that we want that future posts in this particular thread to be informative for the community only in fighting against viruses, spywares and other nasties

Meanwhile, thread has been cleaned by me, so only on subject posts were kept in the original thread.

Merci

__________________
Liens d'intérêt /Links of interest:
Gnutellaforums en français /The House's rules you have to respect / First search the forum, then create a thread / Free software alternatives! - Logiciels alternatifs gratuits!/

thank you very much.

__________________
remember the horse pictures? the dude in them died


SATISFIED PEOPLE WHO I HELPED
limewire starts up too slow for you?
spyware, viruses and other nasties
bypassing the firewall with Tor
use return to default settings if you mess up
there is NO SPYWARE in Limewire -- PROVEN
Who have you helped today?

No it doesn't...
I agree about the Norton Antivirus... is true... In the end is all about selling the software by draging down the others... (the "pure" economy)
I'm using FireFox too...

__________________
Now... Verry slowlly... Put the gun to your head... slow... spin the cylinder... pull the trigger !!!

.~Stamp Of The State~.

i think some scanners tell on you for having p2p apps installed.. like retina network scanner would find bit torrent on my machine and prompt me about what to do about it.. if it violated my company's acceptable use policy.

__________________
remember the horse pictures? the dude in them died


SATISFIED PEOPLE WHO I HELPED
limewire starts up too slow for you?
spyware, viruses and other nasties
bypassing the firewall with Tor
use return to default settings if you mess up
there is NO SPYWARE in Limewire -- PROVEN
Who have you helped today?

I've been using LW for a little over 1 year and have had very few problems. Questions, Yes. This is my first post and I hope it is appropriate for this thread.

Two nights ago I was running LW minimized (not downloading anything). Occassionally I would check on the progress of uploads and everything seemed normal. In the mean time I was editing mp3 tags for files I wanted to add to my shared folders.

I normally share 5 folders with different type music. When I checked my shared folders in LW, four of them were missing. I checked options even though I knew uploads had been occurring from these folders all evening. The folders were no longer listed as shared. I immediately closed LW and went to my directory where these folders are kept. They were gone as well as one other folder.

I used windows to search for the folders and some of the known songs within these folders. Nothing! I opened the only folder that was still shown as shared and found 8 songs in a folder that normally has 250 or more.

I used Norton's "recover erased files" function and found most of the music that was missing from the one folder and restored them but there was nothing from the other 3 missing folders.

Norton had all of these songs as deleted but with no date stamp (unknown). Songs that I had manually deleted were also found with the correct date stamp on them.

I ran Norton virus scan, Ad-Aware and Spy-Bot no indication of problems.

I immediately contacted a local guru who has many years experience in computer security. He suggested running scandisk and restoring from a previous day in case some of the system32 files were corrupted and had lost track of the files. I did, to no avail.

The only thing unusual that I can recall is that there was a Bearshare user downloading from one these folders. LW said it was downloading but there was 0% and no time remaining. Not that unusual for a short time but this situation remained for maybe 1/2 hour and then showed download as completed. Still 0%.

The only way I know of to completely erase files from the computer is with programs designed to write zeros over the file names. Maybe I shut LW down before this process had completed zeroing out the files I did find and recover.

I never download zip or exe files with LW. My anti-virus and spyware is always up to date. I'm wondering if this is just a hijacker playing or an attempt to punish LW users.

I will definitely investigate the software identified in this thread that may thwart this kind of effort. I may be paranoid but I have no other explanation for what happened.

Any Ideas?

Thanks Hank

__________________
Hank, The Elder because I've worked with computers for a long time. Anyone remember punch cards?

Remember, this is a very special day. No one has ever lived it before!
You can agree with me or you can be wrong!
I'm not opinionated! I'm just always right!

LW 4.9.37
Compaq Pressario, 512 Meg Mem, Win XP
DSL 1.5M, Ad-Aware, Spy-Bot, CA Internet Security Suite, Zone Alarm Personal firewall
DI-604 Router, home networked off Presario running XP

banmicrosofttoo,

I wanna say thanks for all the help you have given me after reading your post. I am now running Tor and Privoxy. They are both great and work really well together.

Much appreciated

guff

guff, im glad you're loving privoxy. you will notice spyware infections will go down, plus when you visit a bad site, privoxy will tell you to stop. it'll show you a screen and tell you why you shouldn't view that site. tor just keeps you anonymous.


The Elder, i'm not too sure about your problem. i will look around and search google to find you a response.

__________________
remember the horse pictures? the dude in them died


SATISFIED PEOPLE WHO I HELPED
limewire starts up too slow for you?
spyware, viruses and other nasties
bypassing the firewall with Tor
use return to default settings if you mess up
there is NO SPYWARE in Limewire -- PROVEN
Who have you helped today?

banmicrosofttoo

I have noticed a big decrease in spyware infections, zero criticals since installing Privoxy (my average per day was at least 20 through IE) using Adaware. The only thing I have noticed in my Tor window is it telling me i need a socks4a while i am using something like IRC. It doesn't seem to be a problem but I was wondering if i need another program other than mIRC. I'm quite new to this.

Hi Elder

Its obvious that someting got into your PC, probably a worm of some sort.

You say you have Norton's software, from what you've said I guess that you have System Works but you have not mentioned the version e.g. 2003, 2004 or 2005. (I have NSW 2004).

You have also not mentioned whether you use a firewall, again I have NIS 2005 which contains NAV2005 and NPF2005.

If you provide more info I will try to help.



UK Bob

Thank you for your recommendations banmicrosofttoo!
I just have a problem after I downloaded Clamwin Antivirus. I don't understand why there is an error in virus scanning.
My norton antivirus is going to expire soon so I thought that I can use Clamwin but it so far cannot virus scan. What should I do?
Is this a configuration problem (but I just clicked on automatically detect settings but it still does not work) or because it is conflicting with Nortons?
Just letting you know that I am a complete idiot in computers.
Any advice or help is greatly appreciated!

It is most likely an interference with norton so after it expires unistall it then un-install Clamwin Antivirus and then re-install it hoe that works

-cookie

__________________

Lava-soft ad-aware Peer Guardian 2 AVG 7 Free Edition SpyBot Search and destroy Offical Limewire site Microsoft offical site Windows XP service pack updates here (must use IE 5.0 or later)