How to Stop Hijackers & Spyware Infections, And other malware
SO, HOW DID I GET INFECTED IN THE FIRST PLACE?
You usually get infected because your security settings are too low.
Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:
1.) Watch what you download!
Many freeware programs, and P2P programs like Grokster, Imesh, Kazaa and others are amongst the most notorious, come with an enormous amount of bundled spyware that will eat system resources, slow down your system, clash with other installed software, or just plain crash your browser or even Windows itself. If you insist on using a P2P program, please read This Article written by Mike Healan of Spywareinfo.com fame. It is an updated and comprehensive article that gives in-depth detail about which P2P programs are "safe" to use.
2.) Go to IE > Tools > Windows Update > Product Updates, and install ALL High-Priority Security Updates listed.
If you're running Windows XP, that of course includes the Service Pack 2! If you suspect your computer is infected with Malware of any type, it is better you to not install SP2 if you don't already have it. Once you are sure you have a clean system, it is highly recommended to install SP2 to help prevent against future infections.
It's important to always keep current with the latest security fixes from Microsoft.
Install those patches for Internet Explorer, and make sure your installation of Java VM is up-to-date. There are some well known security bugs with Microsoft Java VM which are exploited regularly by browser hijackers.
3.) Open IE and go to Internet Options > Security > Internet, then press "Default Level", then OK.
- Now press "Custom Level."
Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed.
Sites that you know for sure are above suspicion can be moved to the Trusted Zone in Internet Option > Security.
So why is ActiveX so dangerous that you have to increase the security for it?
When your browser runs an activex control, it is running an executable program. It's no different from doubleclicking an exe file on your hard drive.
Would you run just any random file downloaded off a web site without knowing what it is and what it does?
4.) Install Javacool's SpywareBlaster
It will protect you from most spy/foistware in it's database by blocking installation of their ActiveX objects.
Download and install, download the latest updates, and you'll see a list of all spyware programs covered by the program (NOTE: this is NOT spyware found on your computer)
Press "Enable All Protection", and you're done.
The spyware that you told Spywareblaster to set the "kill bit" for won't be a hazard to you any longer.
Although it won't protect you from every form of spyware known to man, it is a very potent extra layer of protection.
Don't forget to check for updates every week or so.
5.) Let's also not forget that Spybot Search & Destroy has the Immunize feature which works roughly the same way. Another feature within Spybot is the TeaTimer option. This option immediately detects known malicious processes wanting to start and terminates them. TeaTimer also detects when something wants to change some critical registry keys and gives you an option to allow them or not.
6.) Microsoft now offers their own free malicious software removal tool. Windows Defender improves Internet browsing safety by guarding over fifty (50) ways spyware can enter your PC.
7.) Another excellent program by Javacool is SpywareGuard.
It provides a degree of real-time protection solution against spyware that is a great addition to SpywareBlaster's protection method.
8. ) IE-SPYAD puts over 20,000 sites in your restricted zone, so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all. Another good hosts program is mvpshosts. This little program packs a powerful punch as it block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial.
*It is important to note that all of the above programs/files can be run simultaneously on your system. They will work together in layers, so to speak, to help protect your computer. However, the following suggestions are designed to only run one of each. It is not a good idea to run more than one firewall, and one anti-virus program. Running more than one of these at a time can cause system crashes, high system usage and/or conflicts with each other.*
9.) It is critical that you use a firewall to protect your computer from hackers. Windows firewall doesn't block everything that may try to get in, and the entire firewall is written to the registry. As various kinds of malware hack the Registry in order to disable the Windows firewall, it's far preferable to install one of the excellent third party solutions. Three good ones that are freeware to boot are ZoneAlarm, Kerioand Sygate
10.) An Anti-Virus product is a necessity. There are many excellent programs that you can purchase. Some very good and easy-to-use free A/V programs are AVG, Avast, and AntiVir. It's a good idea to set these to receive automatic updates so you are always as fully protected as possible from the newest virus threats.
11.) Finally, after following up on all these recommendations, why not run Jason Levine's Browser Security Tests
They will provide you with an insight on how vulnerable you might still be to a number of common exploits.
12. FOUR free and recommended programs available to remove spyware from your system:
* Download, Update and Scan with Adaware SE (get the free edition). Update the program before scanning (do NOT skip this step. A short tutorial included to help with instructions)
Download and install Adaware SE
http://www.lavasoft.com/products/ad-aware_se_personal.php
Adaware Tutorial Updates & Scanning
http://forum.gladiator-antivirus.com/index...?showtopic=8050
Reboot your PC after scanning and cleaning with Adaware
* Download, Update and Scan with Spybot Search and Destroy. (Be sure to Update the program first)
Download and install Spybot Search & Destroy
http://www.safer-networking.org/
A more comprehesive Tutorial by the Author of Spybot Search & Destroy:
http://www.safer-networking.org/index.php?...p?page=tutorial
* Microsoft Windows Defender :
http://www.microsoft.com/athome/security/s...re/default.mspx
Download, install and get the Updates before scanning. This program also includes realtime protection to prevent spyware from installing in the first place.
* A Special Tool for Coolwebsearch and it's many variants is CWShredder (free) from Trend-Micro
http://www.trendmicro.com/cwshredder/
Just download it and doubleclick on the CWShredder icon on your desktop and hit the *fix* button (don't use the scan only button). Let it fix whatever infected files it finds. (Might be a good idea to make note of what they were)
The CoolWebSearch Chronicles, The story of a thousand hijacks
http://cwshredder.net/cwshredder/cwschronicles.html
13. Scan for Viruses and common trojans online and free Panda's Active Scan http://www.pandasoftware.com/activescan/co...n_principal.htm
Trend Micro (PC-cillin)-Free on-line Scan http://housecall.antivirus.com/
eTrust AV web scanner (Computer Associates)http://www3.ca.com/virusinfo/virusscan.aspx
Kaspersky www.kaspersky.com/virusscanner
Bitdefender www.bitdefender.com/scan8/ie.html
Symantec:http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
14. If you still have problems and think you are infected after following the various scans and help above...... get HiJackThis (another free program & diagnostic tool), and post your log back .
Download *Hijack This!*
http://www.merijn.org/files/hijackthis.zip
Alternate download for HijackThis
http://computercops.biz/zx/Merijn/hijackthis.zip
Unzip, and save to it's own folder on your hardrive. Then, doubleclick HijackThis.exe, and hit "Scan".
When the scan is finished, the "Scan" button will change into a "Save Log" button. Press that and copy & paste its contents here. Most of what it lists will be harmless or even essential, don't fix anything yet. Someone will be along to tell you what steps to take after you post the contents of the scan results.
15. Some Security Sites worth reading and bookmarking for reference and to help you get started in your PC Security.
Home Computer Security
http://www.cert.org/homeusers/HomeComputerSecurity/
Protecting Your Home Network
http://www.microsoft.com/windowsxp/pro/usi...tecthomenet.asp
Home Network Security
http://www.cert.org/tech_tips/home_networks.html
Malicious Code Propagation and Antivirus Software Updates
http://www.cert.org/incident_notes/IN-2003-01.html
National Institue of Standards and Technology
Computer Security Resource Center
http://csrc.nist.gov/
Stay Safe Online
http://www.staysafeonline.info/
Protecting Your Privacy & Security on a Home PC
http://www.spywarewarrior.com/uiuc/main-nf.htm
IE-SPYAD: Restricted Sites List for Internet Explorer
http://www.spywarewarrior.com/uiuc/resource.htm#IESPYAD
Working with Internet Explorer 6 Security Settings
http://www.microsoft.com/windows/ie/using/...ty/settings.asp
How to configure the enhanced security features in SP2:
http://www.microsoft.com/technet/security/...xp/iesecxp.mspx
Category: Antispyware, Antivirus, Appz, Protection, Security, Tutorial
0 comments