OT malware protection

Sounds like something I had to deal with on my niece's laptop. Finally killed it with a program called Malwarebytes.

Pete

I'm a masochist, I'm running *nix apps under Windows 2000.

Wes

You do update their databases regularly, right??

General help and specific instructions for difficult cases:

"Spybot" for spy and adware:

ZoneAlarm firewall, this takes a while to adjust itself to your computer, then runs invisibly. The log shows that it rejects a LOT of suspicious pings to high-numbered ports:

Sysinternals "Process Explorer", which shows all active processes and who admits to them, or more importantly doesn't:

"Hijackthis", which ferrets out oddities added to the Registry:

Process Explorer runs minimized for its little CPU activity % icon in the system tray, the others are on call when needed. This is -only- a

1GHz PC on dialup so I don't want to slow it down.

This PC has stayed pretty clean. I researched and downloaded those free programs when I inherited two contaminated PCs and wanted to learn how to clean out and fix them. One contained a critical test program we couldn't find the source for, the other was one I bought whose worst contaminant was Comcast proprietary Internet software. I finally wiped and reloaded that one.

I display cookies by date, so the latest are at the top of the screen and easy to search and destroy without losing my preferences and logins.

While you are messing around, right-click in a blank part of the toolbar at the bottom and create a new toolbar "My computer", which will give you icons for all your drives. I move it to the top of the screen and make it two rows high to accomodate USB drives.

Jim Wilkins

Just like Pete Snell, I got a home pager stealer off the wife's computer with Malwarebytes.

.

I accessed this via Wiki rather than Google in case of spoofing:

I'm working my way through your list. No joy so far. FWIW, it seems to be a program from Skype which is an internet telephone program. Or maybe something imitating it???

How many of these programs do you keep running all the time? Looks like it will bring the 'puter to its knees just running all this stuff.

Karl

Thanks for pointing this out Karl. Downloaded and scanned my work computer. Clean surfing pays off, 189,286 items scanned, zero problems! Now to go scan my kid's computer....

Jon

My FreeBSD machine (mostly server duty) runs a minimum of 48 apps at any given time on 512MB RAM. The Linux machine (mostly desktop duty) is running 127 right now... on 384MB RAM.

Neither is feeling any load at all.

My list? The links as posted all pull up the proper websites, I just rechecked them. If you Google the names you may get a similar-sounding spoof site instead, that's why I went through Wiki to get to Malwarebytes.

Process Explorer runs all the time, ZoneAlarm when on line, Spybot and AdAware only when called up to do a scan maybe once a week, HJT if I suspect trouble. Right now, on line and composing text, the system idle process reports 95 - 98%, sometimes 100%. I do have AVG8 antivirus running but it shows no activity right now. Its daily scan is off and it only reports bad cookies etc.

Jim Wilkins

Why Windows 2000?

Malwarebytes works well to remove , but unless you buy the full version , it doesn't provide real-time protection . I'm using a combo of Windows Defender , Spybot Search and Destroy (beware of imitators !) , AdAware SE , and Avast! antivirus . They must be doing a decent job , I haven't had any virus problems . I also use a program from Sammsoft called Advanced Registry Optimizer , the only "bought" program (other than a timeserver program) I use . It's worth the $29.95 I paid ...

This patch enables compressed / zipped folders in Win2000, so you can open downloaded .zip files just like XP:

Cause that is what is on this box I bought many years ago. It still works fine.

I have XP pro on a laptop, I don't see that it is much of any improvement for me. Anything that makes it seem better is likely from the ram and dual cores.

I have another box on a kvm switch that does the EMC2 version of Ubuntu, Fedora, and another install of W2k.

As long as something is working, I'm fine with using it. I'm not an early adopter by any means.

Wes

follow up. I guess I'm beat. I've done everything mentioned. No Joy. None of the programs are finding any more problems.

This program launches whenever i go to ebay. Something from Skype. I'm thinking the only option left is to go nuclear - reformat - reinstall everything.

Karl

Try Avira for a different free antivirus program

but you may need to use a bootable CD with antivirus software on it that doesn't use windows in order to clean your system. Here's a page with links to free virus rescue disks.

I'm using AVG Antivirus 8.0; Comodo Firewall; Spyware Terminator 2.5 All are freeware. So far no problems.

RWL

Try to identify it and track it to its hide with Process Explorer, then use MSCONFIG to 'neutralize' it.

Are you seeing this?

"Some Windows users have been affected by a malware program that imitates Skype software and attempts to steal sensitive information.

65404-SkypeDefenderSetup.exe is classified as an Infostealer, that is, a Trojan horse program that attempts to steal sensitive information such as login credentials.

"When executed it displays a confirmation window with the following text, 'Skype-Defender(TM) Installed! Please login to your account to apply new plugins'".

And my Sun unix Workstation (Sun Blade 2000) is running 232 processes at the moment -- again with no noticeable load. (The load average is currently 0.02 with a load average of 4.0 being barely noticeable. This is with 6 GB of RAM.

Unix systems (including linux and BSD variants) tend to be very good at running multiple processes at once.

If I were to switch to Gnome from CDE as the window manager, things might be a little more loaded, but still pretty good.

Enjoy, DoN.

Thanks for the reference, Pete.

Turns out I had a couple of trojan loaders that I didn't even suspect.