# Computer Security



## hardheadjarhead (Mar 18, 2005)

I've had problems with my home computer.  My son had installed XP pro on it (which made the computer slow), and then we got DSL. Shortly after that I got a LOAD of spyware/adware on it.  I had Zone Alarm installed (the free version) and when I went to check it...the file was empty.  It had somehow been uninstalled.  Or something.

I disconnected it from the DSL and it seems to be regenerating the spyware.  I did a virus scan (outdated version of Norton Anti-virus), used Spyware, AdAware and Window Washer to get rid of whatever I can...and it keeps coming back.

Suggestions?  Do I have to wipe the computer by reformatting it?  Is there virus software out their that I can use that'll fix it?

I've got Firefox on my computer at work.  If I use it on the home computer, will that suppress this stuff?

Security recommendations?

Anyone?


Steve


----------



## bignick (Mar 18, 2005)

Well the real big pushes for security are going with firefox and thunderbird for you surfing and e-mail needs.  It won't necessarily fix all your problems, but you will be a whole lot safer.

If you have an older computer and you put XP on it, I could definitely see where that would slow it down.  As for the spyware that keeps coming back, I'd check for file sharing software or other similar programs like that.  They usually come loaded with spyware. 

The fact that ZoneAlarm was uninstalled is troubling.  I definitely recommend getting some updated virus software and doing a scan.


----------



## hardheadjarhead (Mar 18, 2005)

bignick said:
			
		

> Well the real big pushes for security are going with firefox and thunderbird for you surfing and e-mail needs.  It won't necessarily fix all your problems, but you will be a whole lot safer.
> 
> If you have an older computer and you put XP on it, I could definitely see where that would slow it down.  As for the spyware that keeps coming back, I'd check for file sharing software or other similar programs like that.  They usually come loaded with spyware.
> 
> The fact that ZoneAlarm was uninstalled is troubling.  I definitely recommend getting some updated virus software and doing a scan.




Thanks.  

I'm going to give Firefox a shot tonight and see what happens.


Regards,



Steve


----------



## Bob Hubbard (Mar 18, 2005)

Get rid of the outdated Norton, and grab the Grisoft AVS (links in my Virus article). 
Disable the auto-restore crap that XP uses and hit your system with the AntiVirus, Adaware and SpyBot combo.


----------



## Ping898 (Mar 18, 2005)

The auto restore Kaith mentioned is a big thing to make sure you turn off.  

Make sure when you are doing this scanning you scan the whole computer, especially if you have multiple hard drive/partitions.  And get some of the updates to Win XP too.  Firefox is also a good way to go cause the exploit development community hasn't really set their sights on it yet, but make sure you keep up on the updates for it.


----------



## bignick (Mar 18, 2005)

good call on the disabling the system restore...

It can save your behind if something goes horrible wrong, but all the viruses and spyware you had at the time when the restore point was made will be reinstalled as well, I believe...


----------



## Feisty Mouse (Mar 18, 2005)

I'm having similar problems, with Ping has been very patiently and graciously advising me on.  I'm up for my third go soon, Ping!


----------



## Kreth (Mar 20, 2005)

Make sure to reboot to Safe Mode before running your scans. It's common for virii/adware/spyware to have a process running so it can reinstall itself as soon as you clean it...

Jeff


----------



## Cryozombie (Mar 20, 2005)

Windows update!

 Its critical to XP.  As was mentioned above, use a COMBINATION of anit-spyware tools, such as Spybot AND Ad-aware.

 FWIW, I have found the new microsoft Anti-spyware tool to be useless.  Ad-aware found 53 pieces of Spyware that the new MS one didnt touch on my office PC.


----------



## hardheadjarhead (Mar 21, 2005)

Thanks folks...

This is actually somewhat fun...the learning part, not the frustration part.  'Tis almost like a computer game, trying to outwit some sort of AI.

It apparently is a Trojan, correct?  Given that it is re-generating, I'll assume that.  I checked with my son, and he didn't disable Zone Alarm...so I can only assume that the Trojan did it somehow.

They need to have an anti-Trojan program called Hector.  Nah, bad idea.  Somebody would design a Trojan that would kill it and drag it around the firewall seven times.

I think it got in by me allowing it in.  There was an executable file called D3Rdm... or something like that...that Norton said ought to be blocked.  I think I may have let it in using Spybot.  I probably thought it was legit software that had to do with the system.

Now to kill it.  I'll try your suggestions.

What's the key command for going to Safe Mode?



Regards,


Steve


----------



## dubljay (Mar 21, 2005)

To enter safe mode you hit the "F8" key as your system starts up.  Be sure to hit F8 before you see the Windows XP loading screen.

 When your computer acts up and you cant solve the problem you can always teach it self defense 
	

	
	
		
		

		
			





 Feel free to contact me if you need any more help.

 -Josh-


----------



## Cthulhu (Mar 21, 2005)

One thing you can try:

 Download HiJackThis from:

http://www.spywareinfo.com/~merijn/downloads.html

 After installing (into it's own directory), shut down all web browsers and run the program, saving the log file.  Paste the log file here.

 Cthulhu


----------

