Call (405) 753-5301 or contact

    Preventing Internet and Spyware Attacks 2

    Wednesday, March 29, 2006, 2:54 AM [General]

    Preventing Internet and Spyware Attacks
    February 16, 2005 - by Ric Dörner

    VERY IMPORTANT Information

    Latest Security Hazards HAZARDOUS SECURITY ALERT

    Revised 16 OKtober, 2006

    SecuriTeam Page (Click Here!)

    So are you sick of me sending you emails about things? Want to know more about security and the internet and your computer? Then link to this site. There are many good people here who have the knowledge, the know how to assist you, and there are many links and great posts here to help you with things that may concern you.
    Calendar of Updates
    And look at these Nick Skrepetos | SUPERAntiSpyware



    Other Things You Can Do...

    Protecting your system against spyware and adware involves more than just installing one of the anti-spyware programs listed above. What follows below is a set of recommended additional steps for protecting for your PC. If your PC is already infested with spyware or adware, see these instructions for getting help. Also, since there are MANY trojans this program is freeware for all windows and seeks spyware also.
    Trojan Finder - (A-Squared)A2

    If your downloading this for the first time be sure to register!! Either register thru the site Emsisoft itself or once you launch the program you'll see a blue link saying log in or register here. Click on this and it will take you to Emsisoft's domain. check the address bar to be absolutely sure ;)

    Lock down your browser

    One of the most prevalent means for spyware and adware to be installed is through Internet Explorer. To prevent spyware and adware from installing without your knowledge and permission, you need to "lock down" Internet Explorer. There are several ways to do this. Securely configure the Internet zone. First, you can securely configure the Internet zone of Internet Explorer and add sites that you trust to the Trusted sites zone. This means that by default web sites will not be able to use "active content" (i.e., ActiveX controls, Java applets, and scripting) until you explicitly choose to trust those web sites. See this page for instructions on how to securely configure Internet Explorer:Internet Explorer Privacy & Security Settings You could also use this free program, which will automatically configure Internet Explorer for you: Enough is Enough! One potential downside to securely configuring the Internet zone is that some web sites will not work properly until you add them to the Trusted sites zone -- a process that some users find cumbersome. Add bad sites to the Restricted sites zone. Second,
    you can use another approach to "locking down" Internet Explorer which avoids the hassle of broken web sites by adding known ;nasty; sites to the Restricted sites zone. Doing so gives your PC protection against known threats while still allowing most web sites to work by default. To put the clamp down on a long list of undesirable web sites, you can install and use this free program:IE-SPYAD If you choose to use the Restricted sites approach of IE-SPYAD, be sure to update your copy of IE-SPYAD regularly, as new web sites are constantly being added to the list.

    Use an alternative browser

    Internet Explorer is not only the most popular browser on the Net, it is also the browser most widely and easily exploited by spyware pushers to install spyware and adware behind users' backs. Thus, you might decide that Internet Explorer is simply not worth the hassle or risk. In that case, you can install and run an alternative, non-IE browser such as Netscape , Mozilla , Firefox . Opera .

    All of these browsers are mature, robust, and fast. Moreover, they have built-in pop-up blocking and several other nice features that Internet Explorer simply lacks. More importantly, these browsers are much less susceptible to unwanted adware and spyware installations. And all three are free. Note: even if you do switch to an alternative browser, you should still lock down Internet Explorer, as described above. Given that Internet Explorer has effectively been integrated into Windows, it can still be exploited by adware and spyware that gets installed to your system through other means. Thus, locking down Internet Explorer remains important even if you're not regularly using Internet Explorer to browse the internet.

    When writing e-Mails

    Using the BCC (Blind Carbon Copy) feature of one's email client to send messages to more than one recipient is also recommended, as it helps protect against the spread of viruses as well as protect the privacy of recipients' addresses. More info on this and on how to BCC here:

    For many people, it is wise to use BCC in your email client rather than using the to field for all to see everyone you mailed it to. Care to learn a bit more here is a great page from CERT. Although in many situations it may be appropriate to list email recipients in the To: or CC: fields, sometimes using the BCC: field may be the most desirable option.

    What is BCC?

    BCC, which stands for blind carbon copy, allows you to hide recipients in email messages. Unlike addresses in the To: field or the CC: (carbon copy) field, addresses in the BCC: field cannot be seen by other users.

    Read Licenses & Privacy Policies

    Anti-spyware applications alone can't protect you entirely from unwanted spyware and adware. You have to do your part as well by being vigilant in your online behaviour. One of the more common sources for spyware and adware is freeware (e.g., Grokster or KaZaA) that bundles unwanted third-party applications. Another common source involves third-party web sites that automatically start the installation of spyware and adware when you visit those sites. These auto-installed spyware and adware programs may initially appear to be plug-ins necessary for the web site itself, though usually they are not. Wherever you happen to encounter spyware and adware, you will usually be presented with a EULA (End User License Agreement) and/or Privacy Policy. Do not blindly click through these documents. Read them carefully and look for the tell-tale language that discloses the presence of adware or spyware. For tips on what to look for, see these pages - EULAs & Privacy Policies, Practice Safe Hex! , EULAlyzer™ 1.1 from javacoolsoftware

    The Problem with Privacy Policies

    Ben Edelman - Grokster and Claria Take Licenses to New Lows

    Ben Edelman - Gator's EULA Gone Bad

    Most if not all of the adware-supported or advertising-supported applications on the Net have adware-free equivalents. There's simply no need to use advertising-supported applications.

    If Your PC is Already Infested w/ Spyware & Adware...

    If your PC is already infested with spyware and adware, resist the temptation to succumb to impulse buys of anti-spyware products that you see on the Net, esp. those included in the rogue/suspect list . Instead, you can get help online from a corps of savvy volunteers who specialize in busting spyware.

    To get help with a spyware infestation:



    Clean your PC as best you can

    You should also scan and clean your computer with whatever anti-virus program you happen to have installed on your computer. If you don't have an anti-virus program, you can scan your computer with one of these online anti-virus scanners:

    BitDefender Scan Online , Panda ActiveScan , Command on Demand , eTrust AntiVirus Web Scanner , TrendMicro HouseCall , McAfeeFree Scan , Microsoft Malicious Software Removal Tool

    ...or download and run one of these free standalone virus removal tools:

    avast!Virus Cleaner , Microsoft Malicious Software Removal Tool , Panda PQRemove , McAfee AVERT Stinger , Sophos SAV32CLI

    Visit a spyware removal forum

    Other Anti-Spyware Tools I request that you post a HijackThis! log. HijackThis! (HJT) is a free program that will scan key system settings on your PC and generate a plain text log that you can copy and paste into a post. Once you've cleaned your PC as best you can, visit one of the following spyware removal forums:Only after running HJT program:You can DL HijackThis from HERE. Save the zip file to your desktop. Then create a new folder on your C drive, called either 'HJT or 'HijackThis' and extract the files to that folder. Right click on the "" to extract the files. If your running Win 98 or before google winzip. The reason for installing it into its own folder is that when you have it 'Fix' anything that a trained HJT analyst has asked you to 'Fix', HJT makes backups and puts them into that folder which we can access easily, should we need to do so for recovery. Do not, in any instance use HJT to fix anything yourself. One wrong item removed, and you can paralyse your box. Let us do it in the forums. Now your ready to post your log into

    The volunteers at the above forums will examine that HJT log and recommend a course of action to fix your PC.

    Each forum has its own set of instructions and procedures for requesting help and posting a HJT log, so abide by the requirements of the forum you're visiting. Also, do not attempt to use HJT on your own to fix problems. Let one of the expert volunteers examine your HJT log and advise you on what to fix.

  • Start a new discussion topic/thread.
  • Give your discussion topic/thread a distinctive title.
  • Describe the symptoms and problems you're experiencing.
  • Describe what you've already done to solve the problem.
  • Copy and paste your HJT log into your post.
  • Be patient while waiting for a response.

  • Note that some of the forums listed above may require you to register for free before posting.

    Once a volunteer does give you advice for cleaning your PC, follow those instructions precisely and report back what the results are. Also, you may be asked to download and run other specialized anti-spyware tools to remove the particular spyware that's on your computer.

    The volunteer spyware busters who work these anti-spyware forums do this kind of thing all day long, so you'll be in good hands. At times they can be a bit overwhelmed, so please be patient while waiting for help.


    In order to help you clean your system, the volunteers at these anti-spyware forums need a good sense for what's going on with your computer. When you're ready to post and request help...

    SpywareInfo , Spybot S&D , Aumha , SpywareBeware Bleeping Computer , Spyware Warrior , CastleCops , TomCoyote

    Download and run one (or all) of these free anti-spyware scanners and remove whatever spyware and adware it finds.

    Ad-aware Personal Edition

    Spybot Search & Destroy

    SpyCatcher Express

  • Upload Infected Files for Research Analysis

  • CastleCops has opened its [UnknownFiles Forum] to all guests. Upload any unknown, questionable, or infected files to this forum for staff review and vendor distribution.

  • *Stop Spam*

  • Spam - What exactly is it? In order to combat spam effectively it is necessary to define exactly what spam is. Most people believe that spam is unsolicited email. However, this definition is not entirely correct and confuses some types of legitimate business correspondence with true spam. Spam is anonymous, unsolicited bulk email. This is the description that is being used today in the USA and Europe as a basis for the creation of anti-spam legislation. Let's take a closer look at each component of the definition:

    Anonymous: real spam is sent with spoofed or harvested sender addresses to conceal the actual sender.

    Mass mailing: real spam is sent in mass quantities. Spammers make money from the small percentage of recipients that actually respond, so for spam to be cost-effective, the initial mails have to be high-volume.

    Unsolicited: mailing lists, newsletters and other advertising materials that end users have opted to receive may resemble spam but are actually legitimate mail. In other words, the same piece of mail can be classed as both spam and legitimate mail depending on whether or not the user elected to receive it.

    It should be highlighted that the words 'advertising' and 'commercial' are not used to define spam.

    Many spam messages are neither advertising nor any type of commercial proposition. In addition to offering goods and services, spam mailings can fall into the following categories:

    Political messages, Quasi-charity appeals, Financial scams, Chain letters

    Fake spam being used to spread malware Unsolicited but legitimate messages A legitimate commercial proposition, a charity appeal, an invitation addressed personally to an existing recipient or a newsletter can certainly be defined as unsolicited mail, but not as spam.

    Legitimate messages may also include delivery failure messages, misdirected messages, messages from system administrators or even messages from old friends who have previously not corresponded with the recipient by email. Unsolicited - yes. Unwanted - not necessarily.

    How to deal with spam

    Because unsolicited correspondence may be of interest to the recipient, a quality antispam solution should be able to distinguish between true spam (unsolicited, bulk mailing) and unsolicited correspondence. This kind of mail should be flagged as 'possible spam' so it can be reviewed or deleted at the recipient's convenience. Companies should have a spam policy, with system administrators assessing the needs of different departments. Access to different unsolicited mail folders should be given to different user groups based on this assessment. For instance, the travel manager may well want to read travel ads, whereas the HR department may wish to see all invitations to seminars and training sessions.

    *Marks favs*

    AntiSpam Tools

    - *K9*

    - *POPFile*

    - SpamCop

    Mail Tools

    - *MailWasher Pro*


    Some fun while on this subject: All relations to the luncheon meat product are purely accidental, even if it was inspired on a 1975 sketch from Monty Python. Most of us think spam started back in 1994 when two lawyers advertized their green card scam in each and every usenet newsgroup. Some digging around revealed much earlier attempts in 1978 on the precursor to the modern Internet. It just goes to show you're never around for too long to learn something new.

  • *ROOTKIT Removal Sony + *

  • Like some of you I have played some music Disks on my computer, I have no idea if I played a Sony disk but here is a remedy to fix the problem ;) A particularly destructive form of "stealth" malware called rootkits... Using SpywareBlaster to protect against Sony's rootkit How to use SpywareBlaster Tools Custom Blocking button to install protection against Sony's rootkit:

    Launch SpywareBlaster v 3.4 (install new release if necessary from:

    Click on Tools in left-hand panel Click on Custom Blocking button Click on Add item Name the new item: SONY Click Ok Use copy/paste to Insert CLSID:


    Check the SONY Item box Click Protect Against Checked Items button Exit SpywareBlaster (its protection is passive) Reference: StevieO post #4 in Thread

    Re: Sony Rootkit and blocking F-4I's ActiveX control CodeSupport CLSID at:

    Another from F-Secure here:

    and from SysInternals here:

    Also, see below of Microsoft's Malicious Software Removal Tool.
    Microsoft will release an updated version of this tool on the second Tuesday of each month. New versions will be made available through this web page, Windows Update, and the Malicious Software Removal Tool Web site on

  • IM= Instant Messenger programs.
  • ALSO equals huge security hazard! please get the fixes and update frequently. Messenger service is only going to get through on insecure computers, but that is the kind of computer we are generally concerned with. It doesn't install programs and it doesn't change system settings. It works using existing software on their system for its originally intended purpose (and of course doesn't work if that software is blocked or (disabled). This bypasses those abuse desks that ignore escalation emails, so it is a second path that is not going to fail for the same reason as the escalation emails. And in the case of a massive outbreak, where abuse desks are overloaded, it allows operators of infected machines to seek help immediately, rather than a couple of days later. While people sitting at home surfing the web without pop-up stoppers might be used to disregarding pop-ups, at work for many (most) of us they are a rarity, so in these situations they will stand out. A lot depends on what goes at the top of the message: does it begin with a long technical explanation, or "this is a friendly warning that you seem to have the XXX virus".

    The Windows Messenger Service vulnerability can be exploited by a single UDP broadcast, allowing a wholesale c compromise of all vulnerable systems on the targeted network. [Techweb]

    To permanently Turn off the Messenger Service: For Windows 2000 and XP only. Click Start, and then click Control Panel (or point to Settings, and then click Control Panel). Double-click Administrative Tools. Double-click Services. Double-click Messenger. In the Startup type list, click Disabled.

    Click Stop, and then click OK. To turn it off permanently right click on properties then change startup type from Automatic to Manual or Disabled.

  • How is this possible?

  • Many worms today use your address book to replicate themselves on other systems. If you are infected we will receive notice and respond back to your email including the name of the worm, and how to clean it. In addition, you can send any file you wish to have scanned to this address, and we will notify you of our results.

    This is a free service brought to you by Computer Cops.

  • New to Web Security?

    Then you should visit this site...

  • Answers that work.....
  • A useful site.

    Especially the task list library for looking up some background programs that you might be wondering about. Eg: I found netdde.exe running and I knew I never downloaded anything so I typed it into a search box query and this site gave info on it. It turns out that my "Hearts" game automatically runs it (it was installed on my system with my Windows (games) install) and it is used for multiplayer chat within the game. It can be disabled or deleted from the start up manager.

  • Greetings and Welcome to the CoU-niversity!

  • This first class is our Freshman Course. This course will help you clean up your computer. This course is designed for the novice computer user. There is one thing I must mention here is run the three Online scans above to be sure your system is cleaned of most baddies prior to taking this course.

    *ALSO NOTE* Although they say click run, I would no longer suggest this I would save it in a "!DOWNLOADS!" folder feel free to copy the name and create a folder. Please be sure this folder does not goto your desktop. Easiest is to take your check mark out of the box when download completes. Then you can simply open the folder "!DOWNLOADS!" and it will highlight the program and you then can scan it with your Antivirus program & A-squared program which finds those nasty worms and trojans that are on the internet today. Try this course you'll be flabbergasted...LOL click here)


    "It takes one fish to go downstream, but five to swim against the current."

  • Periodic reminder of best practices for cleaning up after infection.

  • The short answer, is that once you've been infected by malware that installs a backdoor or connects to a botnet, simply cleaning up the initial infection (and the hole through which the infection occurred) isn't sufficient because you can't be sure what secondary infections you may also have. Although most people don't want to hear it, at this point your best bet is to nuke the machine and reinstall (and patch) from scratch.

    Here are some of the stories on the subject from the past.

    by Pat Nolan and

    by Jim Clausing.

    Remember the two benefits of failure. First, if you do fail, you learn what doesn't work; and second, the failure gives you the opportunity to try a new approach. - Roger von Oech


    Trojans are often not caught by virus scanning engines, because these are focused on viruses, not Trojans. Catching such threats would require the use of a Trojan scanner (a.k.a Trojan cleaner, Trojan remover, anti-Trojan, a-Squared). see,

    Ok now If you require help we could do this.........
    Get your PC a solid support package or, even better; make sure to have a friend or relative close at hand who knows their way around a computer and I will be there when help is needed. Instructions on how to XP's " Remote Desktop", which will allow you to connect to another PC and control it. We can turn it on when you need me to assist you and off when there is no need to connect. Call me for details on names and codes.
    Thanks Ric:^D.

    Back to the Meeting Page *OR* see PAGES 1st , 2nd , 3rd , The beginning

    Truth is the way things are.

    0 (0 Ratings)

    February 16

    Thursday, February 16, 2006, 2:25 AM [General]

    ************************************************************************************************************************************************************************************************************************************************************************************************ ************************************************************************************************************************************************************************************************************************************************************************************************

    Preventing Internet and Spyware Attacks
    February 16, 2005 - by Ric Dörner

    VERY IMPORTANT Information

    Latest Security Hazards HAZARDOUS SECURITY ALERT

    Internet Storm Center Infocon Status

    FaceTime IMPact Index™

    ... content="broken computer, Security, help, internet, security, system error, worm, virus, bagle, beagle, sasser, blaster, msblast, phishing, explorer error, MSIE, internet explorer, computer help, microsoft, windows, trojan, intrusion, invalid, system error, Help, my computer" name="KEYWORDS" />
    Revised 16 OKtober, 2006

  • The Webpage links spoken of,
  • Russ Harvey Consulting for the internet services that are suggested...
    This is the page I began the discussion with.

  • Defending Your Machine, here:

  • REMEMBER if you leave Windows open the BUGS come in ;)
    Though viruses and worms put the data in computers they infect at risk, an equally serious problem is that many infections continuously broadcast network requests or attempts to find other vulnerable computers. In this way, infections perpetuate themselves, and their collective broadcasts can result in the large-scale traffic that comprises Distributed Denial of Service (DDoS) attacks.
    what is that? Distributed Denial of Service (DDoS)
    Unfortunately many of the people whose computers are infected just don't realize this problem. They may be casual computer users who don't have anything "confidential" on their systems and therefore don't see a need to protect it. They don't realize that their systems can be co-opted to compromise the security of the internet at-large. If you are reading this, Chances are you are familiar with issues pertaining to computer security. But what about your friends, neighbours and family? Is their anti-virus software up-to-date? Have they applied O.S. patches? Are they behind a firewall? Do they know enough *not* to click on unknown attachments or not to install dubious software?

  • *Here try these few sites to scan your computer prior to installing a good program......*
    You can get a free web based virus scan at these locations. These won't stop you getting infected, you need an anti-virus monitor for that. They are useful to double check you regular virus scanner on those occasions where you wonder if you are infected:
    F-Secure Online Virus Scanner

    If you require more information here is John's site that might assist you better.

  • The spyware problem is growing into a global pandemic
    The spyware problem is growing and infection rates for the most malicious types of spyware are continuing to increase. See this PAGE....
    According to a report, spyware has spread voraciously across the globe. The most malicious types of spyware - Trojans, keyloggers and system monitors - continue to infect online users at alarming rates.
    Scan your PC for harmful Spyware, Adware and Keylogging software for FREE!............
    Webroot Software Free Spy Audit
    By FaceTime Security Labs, makers of the X-Cleaner Spyware Remover
    eTrust Pest Scanner

  • Rogue\Suspect Anti-Spyware List
    The list above shows all the known BAD programs on the net that are known. Currently there are too many to count and there additions that have higher numbers all the time so be very aware not to install anything that is on this List or that is not known to security people. Even some good security guys are having trouble being noticed.
    Trustworthy Anti-Spyware Products
    Anti-Spyware Features & Comparisons
    Anti-Spyware Tests

    "+" For those Apple/Mac users, Anti-Spyware for the Mac There are more questions from Mac users about anti-spyware. At this time, the only anti-spyware program that we know of for the Mac is: MacScan

  • Preventing Vulnerabilities in Windows and Internet Explorer

    • Tighten the Settings in Internet Explorer.

    • Also a really good Hosts File is needed look into this.....

    • Do NOT run as Administrator or an account with Administrator privileges, or use Drop my Rights

    • Build a Layer of Protection - there are enough freeware products available on the Internet that there is no excuse for not having an adequate defence. Add an anti-spyware program that has "real-time" protection such as Microsoft's Anti-Spyware (Windows Defender (Beta 2) ) - Grisoft's AVG is a very popular (freeware) Antivirus

    • Microsoft has several new (beta) products "BETA" is for those that know but I can say the Live one is OK for the common people but "ONE CARE" IS for those who know what they are doing.- Windows Live Safety Center and Windows OneCare

  • The Great security site
    SpinRite surprises many people when it reports that their drives are running WAY too hot.
    The reason I'm writing is to share the news with you and your readers of a terrific and important new service which Steve and TechTV's Leo Laporte are offering: Every Thursday afternoon they spend 20 to 25 minutes creating an audio column about personal computer security called "Security Now!".
    The audio columns can be automatically downloaded through an standard RSS feed "podcast" (for podcast people) or downloaded in two sizes directly from the Security Now! page on Steve Gibson's site.

    Stay current and make this your "Homepage" Steve keeps up-to-date better than most.
    Then click on the word "SheildsUP!" and read the pages on the bottom after hitting the proceed button. On this next page you could click on the all service ports button to check your connection, Messenger Spam to learn more about cookies and *Most Important* read these pages Please see Explain this to me! below for information about Windows File Sharing and Internet port vulnerabilities.

    The following pages provide additional background, insight, and assistance:

  • All updates should be installed a minimum of once per month, preferably after the 13th of the month, If there is none on the thirteenth then be sure to check each day there after. And must be done before regular use of the internet.
    When one downloads from the internet, please be sure to do the following, this applies to everything but Windows Updates.
    1. Be sure to notice where you place it on your computer
    2. Scan it with your Antivirus program AVG or Avast or BitDefender to be quick right click
    3. After it scans and comes back clean, Double click the "exe" to install it or to get the updated version
    4. If your Av says infected scan your entire computer then go and get it again *not too likely* but if so, also check now with your trojan scanner "A-Squared".

    ************Security Updates************

    Allow time for each update and scan to finish successfully, although scanning of each system should only be done once all systems are completely updated.
    Your computer should be disconnected from the internet in order to perform the system *scans*.
    If any downloading difficulties arise, run Spybot Search and Destroy.

  • 1.*Windows Update:*
    Keep your system safe & secure with Windows Update To prevent unwanted spyware and adware from being installed behind your back, you need to install all the latest;Critical Updates; from Microsoft. Doing so is easier than you might think. Microsoft has an entire Windows Update site devoted to automatically updating users' systems with all the latest fixes and patches for a wide range of Microsoft software, including Windows, Office (Word, Excel, PowerPoint, Access), and Internet Explorer. It is strongly suggested you to take your system past the Windows Update site and let that site download and install the appropriate fixes for your computer . Doing so just might save you some grief and headaches down the road:
    Windows Update
    Notice on the main page these words, " | Windows Family | Windows Marketplace | Office Family | Microsoft Update" Much of the update process at Windows Update is automated, so it's, simple and convenient. The Windows Update site will install a small program to analyze the software on your system and recommend the appropriate fixes. This process takes only a few minutes. Once Windows update has finished analyzing your system, you'll be presented with a menu of downloads that Windows Update deems appropriate for your computer. At a minimum you should let Windows Update install the fixes marked as Critical Updates. The other available updates (Recommended updates, Drivers and Enhancements) are optional. Check the boxes for the updates that you wish to install (Critical Updates are checked by default). Then click the appropriate button to start the download and installation process. You'll be shown a summary of the updates that you've selected, and then you'll presented with a "License Agreement." After you Click through the "License Agreement," the download and installation process will start. Since the entire download and installation process is automated, there's almost nothing for you to do except reboot the computer after all the updates have been installed.
    Connect to the internet via Internet Explorer, Select the Tools menu, Select Windows Update once the windows update screen appears, select Express Install, install all critical updates; others are your option (if you need them)
    Verify that all updates have been installed by disconnecting from the internet, Re-Starting the computer, Re-connecting to the net and following the above instructions again.

  • Only if you are not already running an Antivirus on your machine.
    NEW There is a way to test your antivirus program yourself, with absolute safety. Not only that, you can find out how well and/or if you have an AV program installed, and you don’t have to be a geek, nerd or computer tech to accomplish it. EICAR (formerly the European Institute for Computer Antivirus Research) provides a "test string" in various forms that will trigger your scanner, but IS NOT itself a virus and will not harm your computer. Here are the simple instructions.
  • To test your virus scanner:
    Go to:

    Scroll down to the middle of the page where you see a string of code written, and read the section below the string. (You can also read the section above, but it really doesn’t apply to anyone but vendors of antivirus programs.)

    1. Copy the string of code in the middle of the page, and save it in Notepad on your desktop as "".

    2. Download "eicar" and "" and save them to your desktop.

    3. Run your antivirus program.

    --Any scanner should find the file "".

    --Any scanner worth using should also find the file "eicar".

    --A really good scanner will find all three files: "" is the original code string inside a zip file inside another zip file. A program that scans that deep will find just about any virus.

    If your AV program fails to find any or all of the files, consider downloading.....
    2. Avast! Home Edition:
    Just follow the instructions to load it. You will need to give your registering e-Mail address but do not worry they do not spam you. This program updates often and automatically and works all the time.
    *SC 2006 Award Finalists!*
    Sc 2006 Awards avast! antivirus has been selected as one of this years finalists in the SC Awards, beating off stiff competition and leading the race in the last 4 contenders for the much coveted industry award.

  • One of the Best know Trojan finders that is free and for all windows.
    3. Trojan Finder Update (A Squared)A2:
    ... src=""> ... > TickerRows = 5; FontSize = '14px'; ShowA2SecurityBox();

    *NOTE* If your downloading this for the first time be sure to register!!
    Either register thru the site Emsisoft itself or once you launch the program you'll see a blue link saying log in or register here. click on this and it will take you to emsisofts domain. check the address bar to be absolutely sure ;)
    Yes they ask for your email address and they need it for they send you the code you require to enter in the program to get your updates.
    Be sure to take out the check marks of things you do not wish!!

    Click on the A2 icon in the bottom left of the screen.
    Select Update A2 online
    Select Next,
    Close the screen

    Trojan Finder Scan:

    Scan Computer for malware dysfunctions
    Scan Selected Folders
    Close the program via the top right “X”

  • THE best for cleaning known Spyware already on your computer.
    4. Spybot - Search & Destroy 1.4 finally arrived!

    More Help with Pic's seen here....

    File Size: 5,037 KB

    Download Spybot’s Latest Version (currently 1.4) *It's recommended to use the integrated update function immediately after download and on regular times to get the current include files (those get revised regularly)!*
    Install in your language of choice.
    Create a Registry Back up
    Update the program hence you should be on line here.
    It's recommended to use the integrated update function immediately after download and on regular times to get the current include files.
    Immunize--this is suggested so that all of the known Hacker sites or ad sites cannot direct your computer to their sites.
    Create your icons where you choose
    Start the program.
    Remember this program does not ask you for any money but Donations are appreciated as it takes money to provide the updates for you.
    In the top left, click on the word “mode”, and select advanced.
    When the warning box appears, select yes.
    You’ll see some bars created in the bottom left hand corner of the screen.
    Click on the settings bar
    Click on the file sets on the main screen.
    In the file sets place check marks in the vacant boxes
    Now in the left side, click on the word “settings”
    Click on advanced for which ever icon you chose to use. FOR XP USERS...under the Main settings header click on the boxes that have "Create" as the first word.
    Scroll down to "Bug Report" place check marks on all but the attach spy files and just below in the show expert buttons in results list.
    Now click on the tools bar
    Place a check mark on every box provided.
    Down the left hand side will display a menu, check the following items to verify that everything is set properly.
    Click on.....
    RESIDENT and be sure that both boxes are check marked
    ACTIVE X, BHOs, and BROWSER PAGES, to see that there are check marks in each line, if not check with Google.
    IE TWEAKS is where you can change your explorer's name if you wish
    *HOST FILE* - Very important to hit the green plus sign here to ensure these bad pages never get a connection from your computer.
    OPT OUT is automatic install for your computer.
    PROCESS LIST is for your computer knowledge to see you can observe it and learn the changes if you wish.
    SYSTEM INTERNALS is a great check for your registry if you have ever done any Uninstalling from your computer this will clean your registry
    SYSTEM STARTUP is good if you know what to disable. Simply click on an item (under the area of the command line), on the right are two arrows pointing to the right, if you click on them, an explanation will appear to the right. If it says not typically required it is suggested that you remove the check mark. Spybots Tea Timer (on the systems tray, the right of the clock in the bottom right of the screen) will then tell you a global entry has changed and if you did, you can easily allow this change, but remember to click the little box for the program to remember this change.
    UNINSTALL INFO will tell you what you have on your computer
    WINSOCK LSPs is a good way to ensure that everything running on your computer has validation (green check mark) if not, you'll have to try and remove the bad items.
    Now you can do your Spybot S&D search scan.


    Open Spybot by clicking on the icon on the bottom left bar or through
    Start? All Programs>
    Select Search for Updates
    Select all updates by right clicking and clicking on select all
    Click on Download Updates
    Take note on what is being updated for some updated items need to be manually placed in your program. e.g. immunization rules update means you'll have to do the following....
    Select Immunize (off to the left side)
    Click on OK
    Select Immunize the + to the left side, near the top)
    At the end of the immunization, you should have 2 green check marks to the left of your screen, if not, go back and re-immunize)
    Note that not only should you "immunize" each time one updates
    YOU Should Also update your "Hosts FILE" this "Hosts file is under the tool bar to the left you'll see these words in the darkened area click on the words and click on the + sign to get the current hosts files.

    Spybot Scan:

    Check for problems
    Allow the program to scan your entire computer!
    When there is no bar going across the bottom you will see how many problems are found in what time frame (bottom Left corner of Spybot Program :)
    Select all
    Fix selected problems
    Remove Problems? Yes! Then click OK
    Now lets continue cleaning other problems your computer may have......
    Select Tools (off to the bottom left)
    System Internals
    If there are any problems, right click in the white area of your screen
    Click on Select all
    Click on Fix selected problems
    Delete any prompts that appear
    Close the program

  • 4A. I suggest that a good spyware protector runs always on your computer.
    This is where you should be careful for you need to be aware of how much RAM is on your computer and how much your using now also. PC Audit will assist you with this too I believe. If your unsure about the RAM try the above links for spyware scans. I do not yet have a viable solution.
  • Microsoft Corp.'s Windows AntiSpyware technology has been renamed "Windows Defender" and has been expanded to detect and remove rootkits, keystroke loggers and other forms of malware.
    Windows Defender (Beta 2)
  • Also Thanks to Mike and Donna who found this link...
    eTrust PestPatrol v5 is offered as free (with 1 year license). Receive free 1 year antispyware protection by eTrust. eTrust PestPatrol Anti-Spyware is your comprehensive anti-spyware solution.
    Extensive Pest Database - Our industry-leading spyware research team monitors global Internet traffic to identify and protect you from all of the major spyware threats:
    Spyware – discloses your personal information to third parties
    Adware – displays unwanted advertising and slows your PC to a crawl
    Keyloggers – steal your passwords and other confidential data by recording your keystrokes
    Browser Hijackers – change your homepage and search results to lead you toward certain websites and deny you access to others
    Remote Access Trojans (RATs) – enable attackers to control your PC from a remote location
    FREE Automatic Pest Updates – new variations of spyware are launched every day to get past outdated anti-spyware software. This feature downloads and updates the pest database automatically to protect you against the latest spyware threats.

    On-Demand & Scheduled Scanning – gives you the flexibility to scan your entire PC or select specific disks, files and folders for a customized scan. Schedule automatic scans or scan whenever you like.
    Active Protection – monitors your PC in real-time to kill pests in memory and remove spyware cookies before they disclose your surfing habits to a third party.

    Automated Alerts & Logs – alerts you whenever a new pest is detected, gauges its threat level and provides you with links to the pest database where you can get more information. You can define “safe lists” and “exclusion files” so that authorized applications can bypass pest detection.

    Special offer by eTrust Germany:
    eTrust EZ Antivirus 2005 and eTrust Pestpatrol Anti-Spyware 2005 for FREE, 1 year license and updates included.
    The offer is valid until ?.
    Download from
    Download PestPatrolv5.exe (16 MB)

  • *NEW* this program is only for XP, Can be used to prevent some services from running along with the others.
    6/10/2006 Version 3.96:
    * Connection limit now can be applied also to 64-Bit systems
    * Added settings
    Restrict anonymous network access
    Disable network crawling
    Allow uninstallation of the Windows Mediaplayer
    Disable the indexing service
    Do not generate Lan Manager Hashes
    Disable WGA check at logon
    * Added symbol reference to the '?' menu
    * Fixed some minor bugs

    A bit complex, be sure to get the full awareness from the website in order to use it properly. The xp-AntiSpy is a little utility that lets you disable some built-in update and authentication 'features' in WindowsXP. For example, there's a service running in the background which is called 'Automatic Updates'. I don't know what this service transfers from my machine to other machines on the internet, especially the MS ones. So I play it safe and disable such functions. If you like, you can even disable these functions manually, by going through the System and checking or unchecking some check boxes. This will take you approximately half an hour. But why wast time when a little neat utility can do the same in 1 minute? This utility was successfully tested by lots of users, and was found to disable all the known 'Suspicious' Functions in WindowsXP. It's customizable, but comes up with the Default settings, which are recommended. This utility is DONATION WARE! This means, you don't have to pay anything for this program and you can give it to anyone who's interested in it, as long as you don't sell it. If you find this tool useful, and wanna gimme something back, think about donating a small amount of money.

  • Complementary program that works well with Spybot and MS "Windows Defender" or your full time Spyware protection. 
  • 5. AdAware SE Personal

    See the box on lower right that says mirror sites to get it downloaded.
    Download it install it and again just connect to the internet for the updates it will do everything automatically for the first time :)


    Click on the Ad Aware Icon on the bottom left bar
    Select Check for Updates Now
    Select Connect
    Select OK once the new box appears
    Select OK
    Select Finish once the new box appears
    Click on the “X”

    AdAware Scan:
    Perform full system scan
    Right click on the description names
    Select all
    OK to remove items
    Click on top right “X” to close program

  • 6. Zone Alarm Update:

    Many thanks to Andy for providing us this link....A how to upgrade *or* install the zonealarm firewall.
    Click here for the tutorial, You will be linking to Security-Cadets website.
    Currently you should be a version is or higher than 6.***.***!
    *A major UPDATE!!*
    Double click on the Zone Alarm icon on the bottom Right Bar
    Open up the screen by clicking on the arrow pointing down to the right
    If you select the product information folder, this will indicate which version is running
    Select Preferences
    Select Check for Updates *if you have an update*
    Send, OK
    Select the Status Screen
    Close the screen by clicking on the arrow pointing up to the left
    Close (“X”)
    *if you have an update*
    1. Be sure to notice where you place it on your computer
    2 scan it with your Antivirus program AVG or Avast or BitDefender to be quick right click
    3 After it scans and comes back clean, Double click the exe to install it to get the updated version
    4. If your Av says infected scan your entire computer then go and get it again *not too likely* but if so also check now with your trojan scanner.

    There is no need to scan with Zone Alarm it's just a firewall.

  • 7. Spyware Blaster:
    SpywareBlaster 3.5.1
    "SpywareBlaster doesn't scan and clean for spyware - it prevents it from ever being installed. How? By setting a 'kill bit' for the CLSIDs of spyware ActiveX controls, it prevents the installation of any of them from a webpage. You can run Internet Explorer with Active-X enabled, but you will never even get a 'Yes/No' box popped up, asking you to install a spyware Active-X control (Internet Explorer will never download or run it!). All other Active-X controls or plug-ins will work fine. The SpywareBlaster database contains information on these known spyware Active-X controls. Make sure you run the Check For Updates feature frequently to get the latest database! (And make sure you check the new items to protect your system against them!) As a side benefit, setting this 'kill bit' will also prevent the spyware Active-X from running, in many cases, if it is already installed on your system."

  • 8. EasyCleaner
    From Toni's site..."4th Feb 2006 I have a constant problem with bandwidth, that's a known issue. Please people if you have any problems downloading, running or installing my software, see: Forum thread.
    The File size Needs to match!! = 2,795
    >Zip file
    EasyCleaner is a small program which searches Windows' registry for entries that are pointing nowhere. EasyCleaner also lets you delete all kinds of unnecessary files like temps, backups etc. You can search for duplicate files and you can view some interesting info about your disk space usage! You are also able to manage startup programs, invalid shortcuts and add/remove software list. ToniArts may not be held accountable in any way if EasyCleaner affects your computer in a negative way. List of some features:
    * Very nice interface!
    * Finds invalid registry entries ----> deleting them speeds up your computer!
    * Finds duplicate files ----> deleting them will free disk space!
    * Finds all unnecessary files like backups, temps etc. ----> deleting them will free disk space!
    * Finds all invalid shortcuts ----> deleting them will free disk space and increase usability!
    * Manage programs starting at Windows startup! ----> who knows, you might even catch a virus before it gets serious!
    * Manage Windows' add/remove software listing!
    * Easily remove Internet Explorer's temporary Internet files, history and cookies!
    * Very user friendly!
    * Shows some interesting info about your disk space usage.
    * Very customizable.
    * Multi-language support!
    * Uses only little amount of resources while running!
    * Huge help file which gives you every little detail about EasyCleaner!
    * And much more...

  • 9. CCleaner:
    *NOTE:* Please note that they have added the YAHOO tool bar, I suggest you do not allow the install of this. Simply uncheck the check mark when installing CCleaner.
    I have been testing this again and deemed it OK, seems to me malware liked to hook to anything, BE SECURE eveyone.
    Cleans the following:
    Internet Explorer Temporary files, URL history, cookies, Autocomplete form history, index.dat.
    !Firefox! a suggested Browser at *till IE 7 comes out.*
    Temporary files, URL history, cookies, download history.
    Recycle Bin, Recent Documents, Temporary files and Log files.
    Registry cleaner
    Advanced features to remove unused and old entries, including File Extensions, ActiveX Controls, ClassIDs, ProgIDs, Uninstallers, Shared DLLs, Fonts, Help Files, Application Paths, Icons, Invalid Shortcuts and more... also comes with a comprehensive backup feature.
    Third-party applications
    Removes temp files and recent file lists (MRUs) from many apps including Opera, Media Player, eMule, Kazaa, Google Toolbar, Netscape, MS Office, Nero, Adobe Acrobat, WinRAR, WinAce, WinZip and many more...
    100% Spyware FREE
    This software does NOT contain any Spyware, Adware or Viruses.

    Now when using the program, please do the following... Open the program and in the left hand side you'll see a blue coloured square to scan your registry, and the broom to sweep your temp and recycler. There will be a button on each to run or scan at the bottom near the centre and another off to the right to correct what was found.
    the download link....

  • 10. The Cleaner Popular Trojan Finder if you have found some with A squared I suggest get this for thirty days trial. *NOTE* On average now there is about three worms and two Trojans daily made and found on the internet.
    Description: Features include:
    Easy to use interface
    Huge database (over 3800 entries)
    Constantly updated
    Fastest scanning engine (~2 million trojans/sec) Inspects ZIP, RAR, ARJ, ACE and CAB archives Finds stealth trojans using our exclusive FileSpect(TM) technology TCActive! stops trojans before they can activate Interactive trojan database browser Install and uninstall No conflicts with any programs
    Operating systems supported:

    WindowsNT4 Workstation
    WindowsNT4 Server
    Windows2000 Pro
    Windows2000 Server
    WindowsXP Home
    WindowsXP Pro

  • Thanks to you all for the continuing support and please make a donation to these people who do the programming. That way the good keeps going and the bad ones fade away.

  • siren

    I once said I run BitDefender Antivirus and Avast together although one is not actively scanning, Donna told me this, Please read.
  • *I have to thank Donna for this update*
    Please remember that one antivirus program is enough. Just make sure that the antivirus program that you are using is UP-TO-DATE and SUPPORTED.
    SUPPORTED means the maker of the antivirus software continues in providing product updates and upgrades. An antivirus (or any security tool) that do not have development (updates/upgrades) is in my humble opinion, a product to stay away. Malware isn’t using old tricks so your antivirus program should continue to support the software by providing detections and program updates and upgrades. Sticking with old version shouldn’t be put into practise just because it is the one you like/prefer and/or it is free. Old versions is usually not supported. There are times unsupported versions is OK to use but be sure it is not a security tool. A security tool prevents malware.
    UP-TO-DATE means your antivirus software (or any security tool) has the latest detections. Running an antivirus with old detections is useless. You are are putting your computer at HIGH RISK and you are posing a threat to other users because your computer is maybe sending out malware to some of your contacts. You should also run a malware scan regularly. It is also a good idea to use the program’s scheduler or Windows Schedule Task to manage the scan schedule. As for getting all the protection you can get… it depends on how a person is using the internet and the computer but the best thing to do is follow the best practise that were published by:
    * Sophos
    * Microsoft
    Like you, I don’t want to use a computer by only maintaining it everyday but I want to enjoy using the computer and the internet so one of my practises is by keeping a good full system backup twice a month or whenever I feel like backing-up. If anything happens, I don’t have to worry of losing any settings, files and the system. Learn more about backups in:
    * Data Backup vs System Backup
    * Why you should backup
    Again, *one (1) antivirus program is enough*. No user is getting extra protection by installing more than 1 antivirus program. If you need to know whether the system is infected and you want to use another antivirus scanner, run an online virus scan:

    Remember the two benefits of failure. First, if you do fail, you learn what doesn't work; and second, the failure gives you the opportunity to try a new approach. - Roger von Oech

    Trojans are often not caught by virus scanning engines, because these are focused on viruses, not Trojans. Catching such threats would require the use of a Trojan scanner (a.k.a Trojan cleaner, Trojan remover, anti-Trojan, a-Squared). see,

    Ok now If you require help we could do this.........
    Get your PC a solid support package or, even better; make sure to have a friend or relative close at hand who knows their way around a computer and I will be there when help is needed. Instructions on how to XP's " Remote Desktop", which will allow you to connect to another PC and control it. We can turn it on when you need me to assist you and off when there is no need to connect. Call me for details on names and codes.
    Thanks Ric:^D.

    Back to the Meeting Page *OR* see PAGES 1st , 2nd , 3rd , The beginning

    Truth is the way things are.

    1. ONEsite | Join | Legal | Be Safe | Help | Copyright © 2006 ONEsite, Inc.

      0 (0 Ratings)

      Desined for you in mind

      Thursday, February 16, 2006, 2:00 AM [General]

      Well your here because you have lost control of you computer....well so did I once, twice, etc.
      0 (0 Ratings) | Join | Legal | Be Safe | Help | Report User | Report Content