HOME

MAIN

MEMBERS LINKS

PHOTOS

CLUB INFO

FAKES

PEANUT PALS

I never realized what a problem spyware and hijackers were until I had my browser hijacked by "isearch" and had to re-install my operating system.  I talked to some people about what happened to me and several of them told me they are having the same types of problems that I had.  Slow browser response, home page reset and loss of toolbar controls were some of the problems.  They didn't know it but they have been hijacked, too.  I have always been skeptical of downloading free programs from the web but after the  problems I had, I took the chance and was very happy with the results of the downloads on this page. I have safely downloaded and installed the following programs from this page,  AD-AWARE, SPYBOT SEARCH & DESTROY, JAVACOOL SPYWAREGUARD and SPYWAREBLASTER, and I have run http://www.jasons-toolbox.com/BrowserSecurity/ (jasons-toolbox is a manual system check, not a program).  All of the above programs downloaded and installed with no problem and they are easy to use.
Please take the time to read the following article and take steps to protect yourself!

SO, HOW DID I GET INFECTED IN THE FIRST PLACE?

You usually get infected because your security settings are too low.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

1) Watch what you download!
Many freeware programs, and P2P programs like Grokster, Imesh, Kazaa and others are amongst the most notorious, come with an enormous amount of bundled spyware that will eat system resources, slow down your system, clash with other installed software, or just plain crash your browser or even Windows itself.

2) Go to IE > Tools > Windows Update > Product Updates, and install ALL Security Updates listed.
It's important to always keep current with the latest security fixes from Microsoft.
Install those patches for Internet Explorer, and make sure your installation of Java VM is up-to-date. There are some well known security bugs with Microsoft Java VM which are exploited regularly by browser hijackers.

Windows Update:
http://v4.windowsupdate.microsoft.com/en/default.asp

3) Adjust your security settings for ActiveX

Go to Internet Options/Security/Internet, press 'default level', then OK.

Now press "Custom Level."

In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to 'prompt', and 'Initialize and Script ActiveX controls not marked as safe" to 'disable'.

Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed.
Sites that you know for sure are above suspicion can be moved to the Trusted Zone in Internet Option/security.

So why is activex so dangerous that you have to increase the security for it?
When your browser runs an activex control, it is running an executable program. It's no different from doubleclicking an exe file on your hard drive.
Would you run just any random file downloaded off a web site without knowing what it is and what it does?

And some more advice:

4) Install Javacool's SpywareBlaster.

SpywareBlaster
http://www.wilderssecurity.net/spywareblaster.html

SpywareBlaster will protect you from all spy/foistware in it's database by blocking installation of their ActiveX objects.  Download and install, download the latest updates, and you'll see a list of all spyware programs covered by the program (NOTE: this is NOT spyware found on your computer)
Press "select all", then "kill all checked", and you're done.
The spyware that you told Spywareblaster to set the "kill bit" for won't be a hazard to you any longer.
Although it won't protect you from every form of spyware known to man, it is a very potent extra layer of protection.
Don't forget to check for updates every week or so.  Let's also not forget that SpyBot Search and Destroy has the Immunize feature which works roughly the same way.
It can't hurt to use both.

Download Spybot Search and Destroy
http://www.safer-networking.org/


5) Another brilliant program by Javacool we recommend is SpywareGuard.
It provides a degree of real-time protection solution against spyware that is a great addition to SpywareBlaster's protection method.

SpywareGuard
http://www.wilderssecurity.net/spywareguard.html

An anti-virus program scans files before you open them and prevents execution if a virus is detected - SpywareGuard does the same thing, but for spyware! And you can easily have an anti-virus program running alongside SpywareGuard.
It now also features Download Protection and Browser Hijacking Protection!

6) IE-SPYAD puts over 5000 sites in your restricted zone, so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
http://www.staff.uiuc.edu/~ehowes/resource.htm#IESPYAD

Finally, after following up on all these recommendations, why not run Jason Levine's Browser Security Tests.
http://www.jasons-toolbox.com/BrowserSecurity/

They will provide you with an insight on how vulnerable you might still be to a number of common exploits.



To add to Tony's excellent advice above, you many find the additional programs and Security Sites helpful in malware prevention and removal:

7. Two free programs available to remove spyware from your system:

Download, Update and Scan with Adaware (get the free edition). Update the program before scanning (do NOT skip this step. A short tutorial I have included to help with instructions)

Download and install Adaware
http://www.lavasoft.de/software/adaware/

Adaware Tutorial Updates & Scanning
http://forum.gladiator-antivirus.com/index...?showtopic=8050

Reboot your PC after scanning and cleaning with Adaware

Download, Update and Scan with Spybot Search and Destroy. (Be sure to Update the program first)

Download and install Spybot Search & Destroy
http://www.safer-networking.org/

My very short Spybot Tutorial to set up and scan the first time
http://forum.gladiator-antivirus.com/index...?showtopic=8630

A more comprehesive Tutorial by the Author of Spybot Search & Destroy:
http://www.safer-networking.org/index.php?...p?page=tutorial

A Special Tool for Coolwebsearch and it's many variants is CWShredder
Just download it, unzip it and click on it. Hit the *Fix* button to run it.
http://www.merijn.org/files/cwshredder.zip

Alternate download for CWShredder at Major Geeks site:
http://www.majorgeeks.com/downloadget.php?...6c5901960cc6e24

OR download it here

http://www.spywareinfo.com/~merijn/files/cwshredder.zip

See also this full article by the Author of CWShredder
The CoolWebSearch Chronicles, The story of a thousand hijacks
http://www.merijn.org/cwschronicles.html

8. Scan for Viruses and common trojans online and free

Panda's Active Scan
http://www.pandasoftware.com/activescan/co...n_principal.htm

Trend Micro (PC-cillin) - Free on-line Scan
http://housecall.antivirus.com

RAV Antivirus Online Scan
http://www.ravantivirus.com/scan/

eTrust AV web scanner (Computer Associates)
http://www3.ca.com/virusinfo/virusscan.aspx

9. If you still have problems and think you are infected after following the various scans and help above...... get HiJackThis (another free program & diagnostic tool), and post your log back here in a new topic. We can recommend what to *fix*

Download *Hijack This!*
http://www.merijn.org/files/hijackthis.zip

Alternate download for HijackThis at Major Geeks site:
http://www.majorgeeks.com/downloadget.php?...a8baee6434cfc13

Unzip, and
save to it's own folder on your hardrive. Then, doubleclick HijackThis.exe, and hit "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log" button. Press that and copy & paste its contents here. Most of what it lists will be harmless or even essential, don't fix anything yet. Someone will be along to tell you what steps to take after you post the contents of the scan results.


10. Some Security Sites worth reading and bookmarking for reference and to help you get started in your PC Security.

Home Computer Security
http://www.cert.org/homeusers/HomeComputerSecurity/

Protecting Your Home Network
http://www.microsoft.com/windowsxp/pro/usi...tecthomenet.asp

Home Network Security
http://www.cert.org/tech_tips/home_networks.html

Malicious Code Propagation and Antivirus Software Updates
http://www.cert.org/incident_notes/IN-2003-01.html

National Institue of Standards and Technology
Computer Security Resource Center
http://csrc.nist.gov/

Stay Safe Online
http://www.staysafeonline.info/

Protecting Your Privacy & Security on a Home PC
http://www.staff.uiuc.edu/~ehowes/main-nf.htm

IE-SPYAD: Restricted Sites List for Internet Explorer
http://www.staff.uiuc.edu/~ehowes/resource.htm

Working with Internet Explorer 6 Security Settings
http://www.microsoft.com/windows/ie/using/...ty/settings.asp

This post has been edited by Hunter on Apr 2 2004, 07:48 PM