www.CostaRicaTicas.com

Well it had to happen sooner or later. I never had a problem with viruses
or spyware, but I spent most of yesterday eradicating them from my PC.
My PC was somehow infected late Saturday night. All of a sudden I was getting a pop-up ad about every minute, my browser home page was hijacked, and my Windows Media Player was inoperative due to a 'trojan horse' virus.

The Doctor is in the house!

The following is how I corrected the situation. I downloaded and ran...

Ad-Aware (SE) from Lavasoft. This software has various scan options for checking every file on your system for malicious or dangerous files
(spyware, malware, etc.). An On-Guard option takes more of a proactive approach
by running in real-time to catch malicious files BEFORE they enter your system.

Spybot SD (1.4). This is similar to Ad-Aware, but both products work a little differently, so it is best to run both of them.

Spyware Doctor. This is an amazing product that combines the functions of Ad-Aware and Spybot, and also has a real-time monitor to prevent annoying pop-up ads.

CWShredder. This software will search for the malicious Cool Web Search 'trojan horse' virus. My Windows Media Player would not operate
as it was infected by this (CWS) virus.

HiJackThis. This product will rectify problems caused by someone hijacking and controlling your browser home page.

Microsoft Anti Spyware. This is software that Microsoft released in a beta
version a few months ago.

All of the above, with the exception of Microsoft Anti Spyware, can be downloaded from either 'download.com' or 'majorgeeks.com'. It is all free, with the exception of Spyware Doctor, which has a 15-day free trial, then costs $30.

I recommend the following...

Run both Ad-Aware and Spybot, as they function a little differently, and will discover problems not detected in the other. This should be done on either a weekly or biweekly basis. The average run time of each is about 15 to 20 minutes.

Alternatively, you could run Spyware Doctor instead of (or even combined with) the above two, as it combines the functions of the other two. This also should be performed on a weekly or biweekly basis. Has the same
run time as the above two products.

Run CWShredder perhaps monthly, or whenever you experience serious problems in the operation of your Windows Media Player, browser or other
software. It only takes about one minute to run and destroy the CWS
virus.

Run HiJackThis if your browser home page is either corrupted or is replaced by another home page. This only takes a couple of minutes to run.

Run either the Ad-Aware On-Guard option or the Spy Doctor real-time
monitor to prevent malicious files from entering your system. This will also prevent pop-ups ads from occurring. I did notice a slight degradation in response time, but I suppose this is a small price to pay for 'protection'.

If you only have a few known pop-ups or malicious web sites, you can restrict them (various levels) in your browser by going to Tools, Internet Options, and Security. You can then enter the web site names in the Restricted Sites file.

Just a note regarding cookies...most are relatively harmless, but some can be malicious. They are data that is put on your computer by web sites
to aid them on future visits you make to their sites. Ad-Aware, Spybot
and Spyware Doctor will also flag malicious cookies. If you delete all of the flagged cookies, there's always the possibility of destroying some of the 'valid'/useful cookies. This is really not too serious, as it only means
you might have to enter a little more information the next time you
visit that web site.

I finally got my system back to 'normal' (well almost). I still have to do a little tweaking, as the software prevented an email attachment from
even loading. This is not good, as I like to determine myself on a case-by-case basis whether or not to open the attachment.

As I had never experienced any prior problems, I never had to run any of the above software, but once the problems start, they really are a pain and can cripple your PC. The scans that I ran on my system indicated that I had over 600 infected or malicious files!

I hope the above is helpful.

_________________
"In a nation ruled by swine, all pigs are upwardly mobile, and the rest of us are phucked until we can put our acts together; not necessarily to win, but mainly to keep from losing completely"...Hunter S. Thompson (RIP)

Not touting yahoo, but If you download the free Yahoo TOOLBAR that attaches it Internet Explorer or Firefox or Netscape it comes with FREE YAHOO SPYWARE. (ANTI SPI)

This is probably the greatest creation I have seen as it not only blocks pop ups but also does not allow any adware or spyware to enter the system at all without having to run the anti spy its Automated.

I have checked running thier version of anti spy for the last 5 weeks and not one issue of an adware or spyware was present.

Just to confirm that it was not just allowing their spy are, I ran a seperate program and it came up as clean.

So simplest way without having to do checks continuously yahoo TOOLBAR along with its free pop up and Anti Spy is a great choice.

HERE IS THE LINK IF ANYONE WANTS IT!

http://companion.yahoo.com/

_________________
Thank you for supporting CRT!

Admin1...that sounds like a good option. Maybe I'll try it! In my post I was just indicating some of the many options/products available, and the ones that I tried. While most products do a pretty good job, the fact remains that nearly every product differs a little bit, and may generate slightly different results.

It's ridiculous and unfortunate that any of the above is even necessary, but as there are many idiotic, greedy assh*les and malicious 'thrillseekers' in this world, protection, alas, is necessary.

_________________
"In a nation ruled by swine, all pigs are upwardly mobile, and the rest of us are phucked until we can put our acts together; not necessarily to win, but mainly to keep from losing completely"...Hunter S. Thompson (RIP)

I'm definitely going to try that! Just one question...have you experienced
any noticeable degradation in response times? If its real-time monitor
doesn't have a noticeable effect on response times, that's incredible!

_________________
"In a nation ruled by swine, all pigs are upwardly mobile, and the rest of us are phucked until we can put our acts together; not necessarily to win, but mainly to keep from losing completely"...Hunter S. Thompson (RIP)

Gringotim & Admin 1,

Many thanks for posting that information. There are some here who did not grow up with computers (read me) and are barely computer literate . Information of this type is invaluable to us.

I already had the Yahoo toolbar (current blocked pop up count 1433 ) and have printed out Gringotim's post for future reference.

Thanks again guys

_________________
Pura Vida
Only Irish coffee provides in a single glass all four
essential food groups:
alcohol, caffeine, sugar and fat.
Alex Levine

I have no noticeable downtime or response speed whatsover.... NOT one single solitary change.

It is simply the Yahoo toolbar not the browser. There are many toolbars out there, but the most updated Yahoo one is very nice, doesn't inconvieienice you and the ANTI SPI IS JUST GREAT!

_________________
Thank you for supporting CRT!

Here's another tip.

Many web sites will redirect you to advertisers web sites to give you big banner ads and flash ads. Sometimes they waste a lot of your bandwith with crap that you do not want to see. On some sites, it get's really bad up to 4 redirects to other sites to get the adds places on your screen. So I stop my computer from ever going there. How? It's a little tweak to your system.

This is for Windows XP users, the instruction will work for all versions of Windows and also works on other operating systems:

In Notepad (or other text editor) open the file, C:\windows\system32\drivers\etc\hosts - the file does not have an extension. It is in a different location on Windows 95 but the path is similar. Copy the following:

127.0.0.1 localhost
127.0.0.1 *.doubleclick.net
127.0.0.1 *.atdmt.com
127.0.0.1 *.atdmt.net
127.0.0.1 *.advertising.com
127.0.0.1 ad.doubleclick.net
127.0.0.1 view.atdmt.com
127.0.0.1 spe.atdmt.com
127.0.0.1 *.fastclick.net
127.0.0.1 media.fastclick.net
127.0.0.1 *.adserver.com
127.0.0.1 z1.adserver.com
127.0.0.1 *.tribalfusion.com
127.0.0.1 *.primaryads.com
127.0.0.1 *.websponsors.com
127.0.0.1 *.burstnet.com
127.0.0.1 *.valueclick.com

Save your file and exit
Restart your computer

When you go back to some of these websites, you will see that you have a bunch of broken images etc. These are all the banners and plugins that you were supposed to download.

All this does is read the hosts file for the ip address of the web site you want to go to. If it cannot find the site there, it goes to your ISP to get the web address. It then uses the address 127.0.0.1 to get to the web server, but 127.0.0.1 is your computer so it will never find the site. If you are running a web server on your computer it may cause problems but you would be familiar with the error message that your web server would give.

It's probably saved me about 5% of my download time in general but on some sites I go to it's up to 40%. For fair disclosure, this has given me problems on the Boston Globe web site, I get a lot of 404 - page cannot be found errors but I don't get this elsewhere.

Addendum...

On my initial post I mentioned Microsoft's new beta version of AntiSpyware. I found out that it will only work on Windows XP operating
systems, not the older operating systems.

I just saw a write-up in a recent PC magazine that gave a high rating and recommendation for a product called Spy Sweeper (3.5). The product
can be found at www.webroot.com. It is not free however. It sells for $30.

_________________
"In a nation ruled by swine, all pigs are upwardly mobile, and the rest of us are phucked until we can put our acts together; not necessarily to win, but mainly to keep from losing completely"...Hunter S. Thompson (RIP)

Yo Gt

Tried it for 30 day trial period. Very slow, in depth ---took 1.5 hrs on my pc to find 0 inccursions . Too many pop-up intrusions at start up

REALLy slowed down the start up


Shut it down--- am back to speed

Cygnus

Tim,
About this time last year I too had the misfortune of learning many things about sypware.

The guy who wrote CWShredder has a site that lists all sorts of info.
http://www.spywareinfo.com/~merijn/downloads.html

Here is his breakdown of all the different programs in CWS (aka Cool Web Search). It's currently up to 42 different programs.
http://cwshredder.net/cwshredder/cwschronicles.html

As for Ad-Aware and Spybot S&D, they are really all you need. All the others are rip-off variations of these two free downloads. The reason you got so many hits can often be attributed to false "hits" to get you to buy their software.
http://www.spywarewarrior.com/rogue_ant ... m#products

This site tracks all the phony spyware "clean-up" software.
http://www.spywarewarrior.com/

I have XP and also run the Microsoft Anit-spyware program but it will usually get no hits then Ad-Aware will get about 20.

While we're on the subject, don't forget to always keep your anit-virus and firewall up-to-date.

I use Zone Alarm (free version) but I pay for Norton Anti-Virus to get the most current updates.

Ad-Aware SE (free)
http://www.lavasoftusa.com/software/adaware/

Spybot S&D (free)
http://www.safer-networking.org/en/index.html

Zone Alarm (free)
http://www.zonelabs.com/store/content/c ... wnload.jsp

Norton Anti-Virus (purchase)
http://www.symantecstore.com/dr/sat1/ec ... E_ID=60047

Here is a forum if you REALLY have problems
http://spywarewarrior.com/index.php?sid ... c538053119

Cygnus...thanks for the feedback. It took an hour and a half to run, and it found 0 malicious files?! That doesn't sound right. Are you sure you had nothing else running at the same time? It sounds like it got hung-up somehow and never finished. All the 'deep scan' products that I tried (Ad-Aware, Spybot, and Spyware Doctor) took about 20 minutes. Anyway, I'm always a little leery when a PC magazine declares one product superior to others, even though they supposedly run many tests.

_________________
"In a nation ruled by swine, all pigs are upwardly mobile, and the rest of us are phucked until we can put our acts together; not necessarily to win, but mainly to keep from losing completely"...Hunter S. Thompson (RIP)

Thanks for those links. They are great sites. Very interesting!

_________________
"In a nation ruled by swine, all pigs are upwardly mobile, and the rest of us are phucked until we can put our acts together; not necessarily to win, but mainly to keep from losing completely"...Hunter S. Thompson (RIP)