New install and viruses

Hi caldera,

How to not be infected with all that spyware on your computer in the first place

Well, you usually get infected because your security settings are too low.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

1) Watch what you download!
Many freeware programs, and P2P programs like Grokster, Imesh, Kazaa and others are amongst the most notorious, come with an enormous amount of bundled spyware that will eat system resources, slow down your system, clash with other installed software, or just plain crash your browser or even Windows itself.

2) Go to:
Internet Explorer Downloads at http://www.microsoft.com/windows/ie/downloads/default.mspx

It's important to always keep current with the latest security fixes from Microsoft.
Install those patches for Internet Explorer, and make sure your installation of Java VM is up-to-date. There are some well known security bugs with Microsoft Java VM which are exploited regularly by browser hijackers.

3) Go to Internet Options/Security/Internet, press 'default level', then OK.

Now press "Custom Level."

In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to 'prompt', and 'Initialize and Script ActiveX controls not marked as safe" to 'disable'.

Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed.
Sites that you know for sure are above suspicion can be moved to the Trusted Zone in Internet Option/security.

So why is activex so dangerous that you have to increase the security for it?
When your browser runs an activex control, it is running an executable program. It's no different from doubleclicking an exe file on your hard drive.
Would you run just any random file downloaded off a web site without knowing what it is and what it does?

And some more advice:

4) Install Javacool's SpywareBlaster at http://www.javacoolsoftware.com/spywareblaster.html

It will protect you from all spy/foistware in it's database by blocking installation of their ActiveX objects.

Download and install, download the latest updates, and you'll see a list of all spyware programs covered by the program (NOTE: this is NOT spyware found on your computer.)

Press "select all", then "kill all checked", and you're done.
The spyware that you told Spywareblaster to set the "kill bit" for won't be a hazard to you any longer. Although it won't protect you from every form of spyware known to man, it is a very potent extra layer of protection. Don't forget to check for updates every week or so.

There's a board at Wilderssecurity at http://www.wilderssecurity.com/index.php?board=34 as well.

Let's also not forget that AdAware at http://www.lavasoftusa.com/, SpyBot Search and Destroy at http://www.safer-networking.org/ and Microsoft Windows AntiSpyware (Beta) Home at http://www.microsoft.com/athome/security/spyware/software/default.mspx has the Immunize features which works roughly the same way. Only work's with Microsoft Windows 2000, Windows XP, or Windows Server 2003

5) Another brilliant program by Javacool we recommend is SpywareGuard at http://www.wilderssecurity.net/spywareguard.html
It provides a degree of real-time protection solution against spyware that is a great addition to SpywareBlaster's protection method.

An anti-virus program scans files before you open them and prevents execution if a virus is detected - SpywareGuard does the same thing, but for spyware! And you can easily have an anti-virus program running alongside SpywareGuard.
It now also features Download Protection and Browser Hijacking Protection!

6) IE-SPYAD at https://netfiles.uiuc.edu/ehowes/www/resource.htm#IESPYAD puts over 5000 sites in your restricted zone, so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.

Incidentally, another site with an enormous amount of information on computer security, and which is well worth a visit is wilders.org security advisors at http://www.wilders.org/

Finally, after following up on all these recommendations, why not run Jason Levine's Browser Security Tests at http://www.jasons-toolbox.com/BrowserSecurity/
They will provide you with an insight on how vulnerable you might still be to a number of common exploits.


Spyware Prevention

I recommend three programs for all Windows users:

* Spybot Search & Destroy
* AdAware SE
* Microsoft Windows AntiSpyware (Beta) Home Only work's with Windows 2000 and Windows XP

Both are free. Turn on the immunization feature of Spybot to block many spyware programs. As with an anti-virus, you should update both these programs regularly and scan at least weekly.

To avoid browser hijacking use the free Mozilla at http://www.mozilla.org/products/mozilla1.x/ or Firefox at http://www.mozilla.org/products/firefox/ browsers. They also block pop-ups, and have useful additional features like tabbed browsing. You needn’t try to remove Internet Explorer (that’s not a good idea) but I suggest you not use it for day-to-day browsing. Reserve it for sites that require it like Windows Update.

If you insist on using Internet Explorer, I strongly recommend the free Spyware Blaster to make it a little safer.

The one commercial program I recommend is Pest Patrol at http://pestpatrol.com/ You can get much of its functionality free with the Yahoo Toolbar at http://toolbar.yahoo.com/ for Internet Explorer.

The following article was written by Justin Wallace, a listener. I haven’t tried all these programs so I’m not passing any judgment on them.

Spyware should be stopped before it starts. I have decided to post a few of the the things I always tell people to prevent spyware. — Justin Wallace

* Spyware Blaster & Guardian at http://www.javacoolsoftware.com/

* Spy Sweeper at http://www.spysweeper.com/ - Best Spyware removal tool out there. It really gets the hard stuff…

* PeerGuardian — Well known, but ever since I started using it I haven’t had a single trace of Spyware (mainly because it blocks all incoming IP adresses for sites that have Spyware or other Mal-ware/Police-ware.

* Get rid of IE!!! I like Mozilla Firefox at http://mozilla.org/Products/Firefox or Opera at http://opera.com/ Firefox does a superb job of filtering out malicious scripts, Active-X controls, etc.

I feel that it is important to run some type of Spy removal tool and scanner at least once a week. I run Spy Sweeper on all my Windows machines at least once-a-day (I usually turn it on as I’m going to bed and let it run all night).

Spyware is becoming more and more of a threat and it’s getting out of hand. I feel that it [Spyware] should be taken care of before it starts. By monitoring and implementing “check stops” at each point that Spyware can penetrate, then you will almost always [within 99 percent of the time] be safe. I can honestly say that my Windows systems are 100% spy-ware free because I usually reinstall Windows at least every 6-months when possible, and then I run all the anti-spyware measures that I mentioned above.

If you’re running XP and have multiple users, always remember to run Spy-Sweeper (or whatever Spyware remover you’re using) on each account. Spy removal tools will not check any other section of the HD but what user you are.


Using Internet Explorer Safely

When security expert Steve Gibson of ShieldsUp fame was on he told us he still uses Microsoft’s Internet Explorer in Windows, despite the security and spyware issues.

For Windows Users:

Here’s how Steve uses IE safely:

1. Under IE’s Tool menu open your Internet Options… click the Security tab, and set security for the Internet zone to High (slide the slider all the way to the top).

2. This will make a large number of sites unusable, but… when you get to a site that doesn’t work add its URL to the list of Trusted Sites. To do this open Internet Options… and click the Security tab again. Click the Trusted Sites icon and press the Sites… button. You can uncheck the box requiring https://. Try it now by adding http://*.windowsupadte.microsoft.com and http://*.windowsupdate.com this will make Windows Update work.

Only add sites you know are safe to your trusted list.

To prevent browser hijacking I recommend installing Spyware Blaster. (This is unnecessary if you have security set to high, but it’s useful just in case you accidentally give access to a bad site.)

UPDATE: Windows XP SP-2 adds a new zone to XP: My Computer, and locks it down. This is a very effective way to combat browser hijacking. Microsoft provides instructions for people who have not yet installed SP-2 here at http://support.microsoft.com/?kbid=315933 but it’s not for the faint of heart.

Although this will make Microsoft Internet Explorer a little more secure it will never be as secure as Mozilla and Firefox

Thanks for the reply guys.

I know about keeping windows up to date and using spyware and virus protection. I update my personal computer and all the computers in our office religously 2-3 times a week to avoid this.  

The answer I'm looking for though is will formatting the C: drive with the windows xp cd and doing a complete new install kill the remaining viruses and spyware so I can at least get this thing booted up.  I don't want to spend the time doing this if when I reload windows all this junk is still going to be there.  Then I can go through and apply the windows sp2 updates, spyware tools, antivirus protection and start getting it secure. 

 

Thanks,

Caldera

Message Edited by caldera on 04-03-2005 08:47 AM

Message Edited by caldera on 04-03-2005 07:40 PM

Caldera,

To answer your original question, Yes, a format and reinstall will completely remove everything from the drive. This includes virus's and spyware.

Dimension 4100 Bought January 2001
Windows XP Home SP2 Slipstreamed
866 Pentium 3
512 Ram
Western Digital 60 gig Hard Drive
Western Digital 120 gig Hard Drive
Sony 19" LCD Flat Panel Monitor
GeForce 5200
Creative SB Live
Digital Research DVD RW
RCA Cable Modem
HP Deskjet 932
HP K-60 all in one
Canon Scanner

Thanks for the help.

Here's the update.  I've formatted the hardrive and reinstalled win xp as well as all other programs.  Went very smooth!  (I was surprised and impressed how easy microsoft made the format process now) Reinstalled virus software and got all updates for it, installed all updates for XP including SP2 and my brother in law is downloading ad aware, microsoft spyware remover (I'm also going to get them to download spybot as well.)

So far so good.:smileyhappy:  I'm going to check up on them next time I'm over to make sure everything is still up to date if not :smileymad:

Again thanks for the responses

Calder

XP really is the easiest operating system to install that M/S has come up with  . . glad you are up and running!

wrs

Wait until you see Longhorn.  Go get a Starbucks while it install itself!!