Re: Trojan Horse?

From: jmatt (jmatt.14wif0_at_mail.mcse.ms)
Date: 04/18/04 

Date: Sun, 18 Apr 2004 03:05:29 -0500

1st step , run a virus check from all of these .
Online Virus check ( free )
http://www3.ca.com/virusinfo/virusscan.aspx
http://housecall.antivirus.com/
http://www.coledata.com/virusalert.htm
http://www.cybertechhelp.com/html/misc/av.php
http://www.pandasoftware.es/actives..ivescan-com.asp
http://www.ravantivirus.com/scan/
http://www.bitdefender.com/

System Restore option in Windows Me/XP
http://www.augustana.ab.ca/other/cns/virus/
http://www.adamtj.org/repository/ho..2.Blaster.Worm/
Users of Windows Me and Windows XP should temporarily turn off System
Restor
e. Windows Me/XP uses this feature, which is enabled by default, to
restore
the files on your computer in case they become damaged. If a virus,
worm, or
Trojan infects a computer, System Restore may back up the virus, worm,
or T
rojan on the computer.

Windows prevents outside programs, including antivirus programs, from
modify
ing System Restore. Therefore, antivirus programs or tools cannot
remove thr
eats in the System Restore folder. As a result, System Restore has the
poten
tial of restoring an infected file onto your computer, even after you
have c
leaned the infected files from all the other locations.

Also, a virus scan may detect a threat in the System Restore folder
even tho
ugh you have removed the threat.

For instructions on how to turn off System Restore, read your Windows
docume
ntation, or one of the following articles:
How to turn off or turn on Windows XP System Restore
http://service1.symantec.com/SUPPOR..src=sec_doc_nam

===========================================

Remove Spyfiles by using these 5 programs .
Make sure you use the SpyBot/SpywareBlaster/Ad-aware/Bazooka/Swat It >
Onlin
e > Update button regularly .
Once you have the program installed , open SpyBot and select the
"Immunize"
icon on the left & Click on Immunize , in the new page .
Permanently running bad download blocker for Internet Explorer .
Select > Block all bad pages silently & click Install .
Then check the box "lock hosts file read-only as protection against
hijacker
s".

Select your download site .
Open Spybot Search and Destroy. After clicking the button that says
"Search
for Updates" you will see 5 items near the top of the window, "Search
for Up
dates", "Download Updates", UniDo(Europe), "Show Log" and "Help". Next
to Un
iDo(Europe) you will see a "down" arrow. Click the "down" arrow and you
will
see download site choices (3 in Europe, 1 in USA and 1 in Australia).

http://beam.to/spybotsd
http://www.wilderssecurity.com/spywareblaster.html
http://www.lsfileserv.com/
http://www.lavasoftsupport.com/inde..showtopic=11613
http://forums.net-integration.net/?;act=ST;f=38;t=3051
Bazooka
http://www.kephyr.com/spywarescanner/index.html
Swat It
http://swatit.org/

What does SpyBot-Search & Destroy?
SpyBot-S&D searches your hard drive for so-called spy- or adbots;
little mod
ules that are
responsible for the ads many programs display. But many of these
modules als
o transmit
information about your surfing behaviour and more to the net.
If SpyBot-S&D finds such modules, it can remove them - or replace them
with
empty dummies in
case their host software won't run with its bot removed. In most cases,
the
host still runs
fine after removing the bot.
For a list of 'supported' bots see the feature lists below. The
Spybot-S&D i
nterface is so
easy, that updates just require replacing a file of about 80k in size.
Those
updates are
distributed by my software mailinglist, over this page and are also
availabl
e from inside the
programs update section.

Another feature of Spybot S&D is the removal of usage tracks, which
makes it
more complicated
for unknown spybots to transmit useful data. The list of last visited
websit
es, opened files,
started programs, cookies, all that and more can be cleaned. Supported
are t
he three major
browsers Internet Explorer, Netscape Communicator and Opera.

Make sure you use the SpyBot > Online > Update button regularly .

Select your download site .
Open Spybot Search and Destroy. After clicking the button that says
"Search
for Updates" you will see 5 items near the top of the window, "Search
for Up
dates", "Download Updates", UniDo(Europe), "Show Log" and "Help". Next
to Un
iDo(Europe) you will see a "down" arrow. Click the "down" arrow and you
will
see download site choices (3 in Europe, 1 in USA and 1 in Australia).

-----------------------------

http://www.wilderssecurity.net/spywareblaster.html

SpywareBlaster doesn't scan and clean for spyware - it prevents it from
ever
being installed.

How? By setting a "kill bit" for the CLSIDs of spyware ActiveX
controls, it
prevents the
installation of any of them from a webpage. You can run Internet
Explorer wi
th Active-X enabled,
but you will never even get a "Yes/No" box popped up, asking you to
install
a spyware Active-X
control (Internet Explorer will never download or run it!). All other
Active
-X controls or
plug-ins will work fine.

The SpywareBlaster database contains information on these known spyware
Acti
ve-X controls. Make
sure you run the Check For Updates feature frequently to get the latest
data
base! (And make sure
you check the new items to protect your system against them!)

As a side benefit, setting this "kill bit" will also prevent the
spyware Act
ive-X from running,
in many cases, if it is already installed on your system.*

--------------------------------

Ad-Aware
http://www.lsfileserv.com/software/adaware/
http://www.lsfileserv.com/support/download/
Get rid of spyware now!
Download the most recent version of our award winning, free multi
spyware re
moval utility.

---------------------------------

Bazooka
http://www.webgrid.co.uk/security_2.html
http://www.winsite.com/bin/Info?17000000037943
http://www.kephyr.com/spywarescanner/index.html
Bazooka Adware and Spyware Scanner detects a multitude of spyware,
adware, t
rojan, keylogger and trackware components; sources of irritation that
antivi
rus software does not deal with. The scanning process will only take a
fract
ion of a second and tell you how to uninstall the invasive spyware or
put yo
u in contact with the spyware developer for the most up-to-date and
safe uni
nstall instructions.

Spyware and adware is often bundled with software such as Kazaa,
Morpheus, G
rokster, Imesh, Xolox, Gnutella and a myriad of other programs, and in
many
cases installed without your knowledge. Some send information about
your sur
fing habits to ad companies, which target you with popup ads that fit
your p
references.

Bazooka Adware and Spyware Scanner search for Gator, GAIN, Bargain
Buddy, Co
mmonName, FlashTrack, IPInsight, n-CASE, NetRatings, NewDotNet,
SaveNow, Wur
ldmedia, etc. The complete list is available here. To stay up-to-date
with t
he latest spyware and adware software Bazooka downloads the threat
definitio
ns from the web.

Bazooka is freeware and Windows 95/98/ME/NT/2000/XP compatible.

Click on the files found & you will be taken to a site that will show
you ho
w to remove , either with a program or manually .

It reports on all drives & partitions , so remember to check all these
, whe
n doing manual remove .

After the Download - It is important to remember that once the
installation
of Bazooka is completed , that you should update the File Signatures by
clic
king on the Update tab and check for an update .
Make sure you Update regularly .

Spyware and Adware Encyclopedia
http://www.kephyr.com/spywarescanne..ource=bassindex

--------------------------------

Swat It
http://swatit.org/
Swat It is a Completely FREE program that scans your files for Trojans,
Worm
s, Bots and other Hacker programs. Swat It can detect and remove over
4000 d
ifferent Trojan programs plus variants. Swat It was recently
independently t
ested against popular commercial scanning software and we were
absolutely de
lighted by the results.

We try our utmost to keep our software more up to date and current than
othe
r similar software. The comparison results strongly indicated Swat It's
abil
ity to detect and remove the latest Trojans that are in circulation.

After the Download - It is important to remember that once the
installation
of Swat It is completed, that you should update the File Signatures by
click
ing on the Update tab and check for an update. All Product and File
Signatur
e Updates are Totally FREE, this means that you will never have to pay
a sin
gle penny to get the very latest version of Swat It or to update the
File Si
gnatures.

Beware of SpyHunter
http://www.post-gazette.com/pg/03289/231446.stm

===========================================

Safe XP
http://free.hostdepartment.com/t/theorica/safexp.htm
http://free.hostdepartment.com/t/th../SafeXPHelp.htm
http://www.softcities.com/Safe-XP/download/10988.htm
http://freewebhosting.hostdepartmen..ee/download.htm
for Windows 95/98/ME/2000/XP
Safe XP improves your system performance and makes Windows to run
faster, mo
re secure and more stable!
It is suitable for beginners and experts!
Product Description
Download FREE Version
Buy SafeXP No. It's free. 

--
jmatt
------------------------------------------------------------------------
Posted via http://www.mcse.ms
------------------------------------------------------------------------
View this thread: http://www.mcse.ms/message580118.html