May 06, 2005

Protecting my computer

So last night ... it became apparent that some kind of spyware had descended onto my home computer. There were many horrible signs ... including a ton of error messages, really slow loading-time ... AND - weirdly enough - all of these sex sites added to my Favorites section. I don't know how they got there, I never opened one of the links, but they refuse to go away. I kept deleting the sex sites, and that would be fine - and then when I would re-boot the computer -there they would be again!

Now. Obviously I have to call customer support with my laptop - but going forward: what on earth can I do to protect myself better?

I have Macafee ... but what else?

And how do I get the damn porn sites out of my Favorites section? How the hell did they get there in the first place?

Stuff like this makes me convinced, despite all my optimism, that there are people in this world who just want to make life difficult for others. They enjoy harassing strangers. They LOVE it. Sheerly because it's fun to be a pain in the ass.

Help?

Posted by sheila
Comments

Ad Aware and Spybot are both very good, free programs that do a good job of rooting out spyware.

Posted by: Bill McCabe at May 6, 2005 06:20 PM

Err, this is the correct Spybot URL.

Posted by: Bill McCabe at May 6, 2005 06:21 PM

Option 1) Run windows update daily, and get a NAT gateway/firewall of some sort. Linksys makes fairly inexpensive units which work fine for most purposes.

Option 2) Get a Mac.

Posted by: Mr. Lion at May 6, 2005 06:23 PM

Agree with Bill.. Ad-aware and Spybot - Work for me.

Although if spy-ware is getting through you may want to review your security settings on IE and firewall.. regular updates an essential.

It's not universally liked, and it's not free.. but I've never had any complaints about the Norton Internet Security package.

Posted by: peteb at May 6, 2005 06:31 PM

Red - You might want to check out Mailwasher. They have a free download so you can try before you buy. Same goes for a program called Spy Sweeper by a company called WebRoot Google for direct access. I have 3 different spyware programs installed (Ad Aware, Noadware3, and Spy Bot - Search and Destroy),and after I run ALL of them, Spy Sweeper finds more that were missed. Let me know what works for you. Best, Terry p.s. I've sort of been out touch as I've moved to Wichita, KS following open heart surgery last August. For what it's worth, you're still on my daily must read list

Posted by: Terry Reynolds at May 6, 2005 06:33 PM

Zone Alarm has its fans also.

Posted by: peteb at May 6, 2005 06:34 PM

If none of that works. This article suggests the use of HijackThis for those unwanted 'favourites'. Haven't tried it myself, but perhaps someone else can comment on its effectiveness

Posted by: peteb at May 6, 2005 06:48 PM

OOOh, this is sore spot for me. I had spyware majorly screw up my computer a while back. Had to reformat my hard drive and start over.

So, I would suggest using computer experts to find out what bastard did it and dispatch a hit team, or maybe something Monte Cristo-esque involving complete rack and ruin.

Ad aware is good. I am using Microsoft's anitspyware beta software and it is working very well. It runs twice a day as well as alerts you when something nasty shows up.

Posted by: j swift at May 6, 2005 06:58 PM

"Hijack This" runs a thorough search and pulls up a list suspects but you have to go through the list carefully and zap the offending files. Not for a novice.

Posted by: j swift at May 6, 2005 07:05 PM

Someone else mentioned Norton but its worth mentioning again. I hated Macafee. Bought Norton System Works for 50 bucks at Walmart and have loved it. Easy to install and works like a dream.

Posted by: Carl V. at May 6, 2005 07:10 PM

You neglected to mention what version of WIndows you use. That can make a difference. For example, if you have XP, you might want to use the Microsoft Anti-Spyware utility, which works very well and updates itself automatically and is free.

Also, I prefer Anti-Vir Personal Edition--which is also completely free--over McAfee's anti-virus. But that won't get rid of your current problem. The Anti-Spyware utility will.

Posted by: Dean Esmay at May 6, 2005 07:11 PM

http://www.spywareinfo.com/newsletter/archives/2005/may5.php

Sheila, there is an article there by Mike Healan, the Editor of Spywareinfo. HiJackThis is a powerful program but it should be used only under the direction of an expert. And there are experts in the Spywareinfo Chat Room. Please email me if there are any questions...

Posted by: Noggie at May 6, 2005 07:40 PM

The hit team is a very good idea too.

Posted by: peteb at May 6, 2005 07:47 PM

Get a Mac. Problem solved.

From a devoted former PC user who switched to Mac.

Posted by: Kerry at May 6, 2005 07:49 PM

Why on Earth would you want to remove porn sites from your favorites menu? I'd consider that a beeping blessing!

Posted by: Emily at May 6, 2005 08:18 PM

I suspect that you are running I.E. I had to fix a similar problem several times back when I was doing tech support for the department.

If I remember correctly, I went into internet settings and mucked about until I found a hard-coded set of favorites - that might have been to solve the problem of the computer opening lots of windows every time IE launched, but still. You have something lurking in your internet options that is re-installing those favorites.

Finally, change your internet settings to disable java and activex and, for now at least, prompt you for javascript.

You might want to switch to Mozilla, which has a smaller list of vulnerabilities (and some really neat tricks like tabbed browsing.)

Posted by: Ted K at May 6, 2005 08:48 PM

I have a mac, and I find I'm adding porn sites....

Posted by: Mr. Bingley at May 6, 2005 08:49 PM

I'm with Ted.

Mozilla's Firefox is faster and easier than Internet Explorer, and since most spyware and adware programs are geared to IE, switching to Firefox means no more hassle. I haven't had a single popup ad or "bonus" favorite since I switched months ago.

Firefox is, of course, free.

Posted by: Big Dan at May 6, 2005 09:03 PM

Yeah, switch to mozilla or better yet firefox. IE stinks.

Posted by: Mr. Bingley at May 6, 2005 09:12 PM

Ad-Aware, Hijack This, and Norton are all useful things to have around. I use them in conjunction with IE6 and XP Pro Service Pack 2, and have little or no trouble. I don't know much about XP Home (if that's what your OS is). I briefly tried McAfee and hated it, but YMMV, VWPBL, etc. (maybe that should be ETC.). Anyone who can afford to upgrade from XP Home to XP Pro should do so, forthwith and post haste. ;-)

One of my final parting gifts before I finished my MBA was scoring XP Pro from the university bookstore for $20 (previously got Office 2000 for $10).

Posted by: Ken Hall at May 6, 2005 11:52 PM

I also highly recommend the free AntiVir Personal Edition. (After a Mac, or Firefox, Ad-aware, Spybot, and Zone Labs or Kerio for a firewall. Zone Labs is a little more user-friendly.)

Posted by: dorkafork at May 6, 2005 11:54 PM

My two cents:

AVG Anti-Virus is free and very regularly updated. Works great. Honestly, I'd suggest that over Norton; every system I've looked at that has Norton running on it tends to slow to a crawl. Many of my old-school geek friends agree it's more trouble than it's worth.

But your real problem is spyware, which most anti-virus programs won't deal with. I second the one-two punch of Ad-Aware and Spybot. My own personal experience with Spy Sweeper is that it tends to start acting as spyware itself if used constantly; I only resort to it if there's a real nasty bug to squash. Your mileage may vary.

I've heard good things about Hijack This but the trick to it is that you need to have some spyware experts help you. What you do is take the scan results and post it in a forum and other users point out what's junk and what's not. Not the most efficient process in my opinion, but it could be useful if you're in a real pinch.

I'm assuming your recent Internet hookup is broadband; if so, get a router to put between your modem and computer. Even if you just have one computer, the router acts as an excellent firewall that's usually more effective than a software-only firewall.

Also, think about dumping Internet Explorer. It's easily exploitable by many spyware purveyors. My personal favorite is Firefox. My second suggestion would be "anything else"; Internet Explorer is just bad ju-ju.

Anyway, that's my set-up and I've never had a single infection. The only reason I know so much about spyware is from cleaning it off of other people's computers. If you want more details on any of this stuff, feel free to shoot me an e-mail.

Posted by: Mark at May 7, 2005 04:08 AM

One word: Mac. I made the switch a year and a half ago and have never looked back. I even bring my PowerBook to work so I don't have to use the PC there. Everything about the PB always works flawlessly.

Posted by: Bud at May 7, 2005 07:28 AM

Switching from Internet Explored to Mozilla Firefox made a huge difference for me.

You'll be happy to know that a spammer was recently sentenced to 9 years in jail under a new Virginia law (although the bastard is currently free on appeal)

Posted by: David Foster at May 7, 2005 08:17 AM

I have to second, or third, or what not, everyone's recommendation to use Firefox. It's a great program and it really cuts down on all the pop-ups. Ad-Aware also really helps, and I'm sure one of the anti-spyware utilities mentioned here will help too.

As for the people who did this -- well, not only do they enjoy harassing strangers, they ALSO want your money. There was a guy up here in New Hampshire who, after infecting people's computers with spyware, made a lot of money selling anti-spyware programs. Which didn't work. He ended up in a LOT of trouble because of it, but that is another story ...

Posted by: Benjamin Kepple at May 7, 2005 08:52 AM

I second the recommendations for Adaware and Spyware Search&Destroy. There are a lot of other interesting recommendations here; I think I'll bookmark this thread.

One of my home computers - the one the kids used - just shut down d/t spyware and viruses. I'm going to be reformatting it the next time I have a break. Grrr.

However, I think I'm going to haul off the next time someone answers this thread "get a Mac!". Yeah, I love Macs, too - I'm a UI designer, and the sheer aesthetics of their GUI framework are a joy to behold - but they're EXPENSIVE. Even if you buy a MiniMac (and upgrade it to make it usable), you still have to drop a couple hundred on applications you need for whatever you do to cost-justify owning it (for me - Office, Visio and probably Illustrator). Maybe when I hit the Powerball, but until then, when I can by a perfectly good Windoze desktop for under $250, it just doesn't add up.

Posted by: mitch at May 7, 2005 09:21 AM

Well, how much is your time worth, mitch? Look at all the hours of labor being called for here; that's got to bear in the calculation somewhat, it seems to me, as well as all these spyware and virus programs she's being advised to buy. And if you're using your computer for home, really all you need to do is boost the mini's memory to 512. Any serious gamer shouldn't waste their time on the platform, for sure, but I don't think that's an issue here. And last I checked you had to pay to get Office on the PC, too. So I don't think it's as unreasonable suggestion as you may think.

And since I didn't actually use the phrase, I've avoided the "haul off!" Woo-hoo!

Posted by: Mr. Bingley at May 7, 2005 11:17 AM

One other word of caution that nobody warned me about when I switched from IE to Firefox: don't try to delete IE.

Internet Explorer is now a necessary part of windows. Keep Internet Explorer, just never never run it again. When Firefox turned out to work so swimmingly, I naively tried to delete Internet Explorer from my computer and ended up having to use the laptop for a week while my computer was fixed and windows re-installed.

Posted by: Big Dan at May 7, 2005 11:52 AM

I'll side with mitch here; yeah, Macs are nice, but it seems like a bit of an overkill. It comes down to your own personal preference.

As for my suggestions, other than the router, every one of them is free. I'm prudent, but cheap. Some simple careful Internetting will keep a PC happy and secure.

Posted by: Mark at May 7, 2005 01:09 PM

Have to agree with a lot of others here: GET OFF IE! You can use Mozilla or even Opera to browse. I was adamantly against ridding myself of IE for the longest time. Finally, about two years ago I decided just to d/l it and look at it. Never have gone back to IE. Haven't had many of these problems with Mozilla and Opera and I still keep ad-aware and spybot running just in case...things will still get through Mozilla or Opera...anyone who suggests otherwise doesn't know what they are talking about but the fact remains, get off IE and you will see a significant reduction...as in almost no problems, if you stop using IE.

Posted by: Serenity at May 7, 2005 02:14 PM

Oh and yah, I second Big Dan's comment about not trying to rid yourself of IE. I did that and while I was still able to get the desktop open using the Task Manager, it was a pain in the butt. (I wrote a post about it, don't know if you remember it.)

Just as Big Dan says, keep it there but don't use it to surf the net.

Posted by: Serenity at May 7, 2005 02:15 PM

How does one install Firefox or Mozilla? What is the process?

I've installed Adaware and Spybot now - and deleted a ton of "critical objects" (but still: I'm seeing those pesky Favorites showing up - also my browser keeps re-setting itself - annoying - I am suddenly getting pop-ups too for the first time, a sure sign of infection)

I need to get on the phone with my computer company and have them walk me through all this.

Thanks so much everybody for all the suggestions!!

Posted by: red at May 7, 2005 02:28 PM

Just go to the website for Mozilla and click d/l. It should automatically begin installing on your computer after the d/l is complete. If you want, you can email me and I'll walk you through it free of charge.

Posted by: Serenity at May 7, 2005 02:53 PM

I'm hardly a tech guy, but Ad Aware, SpyBot and Zole Alarm together seem to have kept my computer clean and secure...so far...as far as I know. As for getting rid of stuff that's already there, like your favorites and such, I hate to say it, but to make explcit what's already been implicit in some of these comments, an ounce of prevention is worth a pound of cure. You've caught it relatively early, though: a couple of years ago, my stepbrother managed to fill up my mom's computer with so much spyware that it was truly beyond saving, not even by reformatting the hard drive. Fortunately, we got the important files off there first, and she'd been thinking about getting a new computer anyway.

The next time I see him, I'll ask my father, the Geek of All Geeks (semi-retired intel community crypt guy, MIT AI Lab, DARPANet vet, online since before God, etc.) what he uses...on his personal laptop, not the servers on the racks in the locked room. ;-)

Posted by: Dave J at May 7, 2005 02:59 PM

Stepping back a bit...seems to me there's a real issue here. As dependent as Americans (and others) have become on personal computers & the associated Internet connections, we can't afford the continuation of all these outages, reboots, security problems, etc etc. The total drain on national productivity must be huge...not to mention the frustration.

Maybe the PC software companies need to hire some people with experience in writing software that actually *has* to work reliabily...elevator controllers, aircraft autopilots, heart defbrillators, etc etc.

When is the last time you were stuck on an elevator because the controller had to reboot?

Posted by: David Foster at May 7, 2005 03:26 PM

Get Firefox Here. Its better than the old Clint Eastwood movie, I promise.

Posted by: Bill McCabe at May 7, 2005 03:36 PM

Microsoft have a section on hints and tips for avoiding spyware

It mostly covers what's already been said here.

Additionally, it sounds like you may have a CoolWebSearch(CWS) infection.. many many variations listed here

You could try CWShredder and see if that works.

As for Firefox and Mozilla. I've seen them. They're rubbish. *ahem* Only half-joking. I have tried them and I'm sticking with my regularly updated and protected IE.. familiar and I found that the other options appeared to be slightly slower. It's a personal quirk.

Posted by: peteb at May 7, 2005 03:50 PM

Red - Lots of good suggestions here.One other: upgrade, (if you can), to Windows 2000 Professional. I did, (from Win 98 to 2000), about 2 years ago and haven't had a system crash since. Almost forgot how to reboot. /s All the best and I'm glad you got to see your family again. Best, Terry

Posted by: Terry Reynolds at May 7, 2005 05:08 PM

I notice nobody recommended Linux. It's free, beats Mac for speed and flexibility, doesn't get spyware, viruses, or the blue screen of death, and is free. There is a little bit of a learning curve for those used to Microsoft, but I've found the latest distributions install and configure a lot easier than Windows. With Linux, older generation hardware will run faster than the latest machines with Windows.

Posted by: CW at May 7, 2005 07:30 PM

Red,

Have you considered prayer?

Posted by: Big Dan at May 7, 2005 09:45 PM

I've heard that Faith Spyware Removal and Norton Faith Anti-Virus© are the hot new computer security trends among those who believe in Creationism and Intelligent Design.

"Foul demons who have taken this computer, be gone! The power of Christ compels you! The power of Christ compels you!"

Posted by: Bill McCabe at May 7, 2005 10:27 PM

If you do opt for Faith Spyware Removal and Norton Faith Anti-Virus©, make sure you download the most recent patch as well. It allows you to cast demons from most versions of Windows, as well as from your toaster and VCR.

Posted by: Big Dan at May 8, 2005 07:07 AM

Hmmm, Linda Blair's head spins, hard drives spin, cd drives spin...the connection is there, plain to see!

Posted by: Mr. Bingley at May 8, 2005 07:58 AM

Bingley,

The computer downstairs spewed CDs on me a few weeks ago, then told me to plug my mouse into the keyboard port.

Posted by: Bill McCabe at May 8, 2005 09:48 AM

Did it say things like "Your mother is a TRS-80!"?

Posted by: Mr. Bingley at May 8, 2005 01:12 PM

Oops, late to the party again. Everything I'm going to say has been covered, but here it is anyway. I've cleaned up several messes like yours for other people, and nothing so far has been able to defeat the AdAware/Spybot/Norton AntiVirus combo. However, if you've got some really bad stuff, Norton will find it but can't delete it, so then you have to go to www.sarc.com and get the removal instructions - they will most likely involve booting in Safe Mode.

Once it's clean, keep Windows updated and definitely get some sort of router/firewall to put between you and the 'Net badness. And using Firefox helps too.

Feel free to e-mail me if you need some help. This month I'm running a free phone support special for redheaded bloggers who like the Red Sox - operators are standing by.

Posted by: skillzy at May 9, 2005 12:04 PM