undetectable search spyware w/ pic

[MidNiteMysT]

desktop picture

whenever i search for something thats supposed to give me a no page found page, it gives me this website. i have adaware pro and norton antivirus and neither picked it up. it makes me worry cause now what if other adware/spyware/viruses are on my computer and these things arent picking them up?

how do i fix this and detect other possible spyware/adware?

im very careful about the sites i go to and always go into options and choose the best settings.

 

[MidNiteMysT]

i reinstalled service pack 2 and that seemed to have done the trick.

but now im still worried that my computer might still have more spyware/adware that my stuff wont pick up. what do you think i should do?

 

[Tenshodo]

Sybot search and Destroy and Windows Defender.

 

[mechBgon]

Also try this antivirus/antiTrojan scanning utility: instructions, follow precisely LMK if it gives you any trouble. If the bad stuff got installed by a Trojan, this may get to the root of the dandelion instead of just plucking off the part that's above ground, so to speak.

 

[MidNiteMysT]

Originally posted by: mechBgon
Also try this antivirus/antiTrojan scanning utility: instructions, follow precisely LMK if it gives you any trouble. If the bad stuff got installed by a Trojan, this may get to the root of the dandelion instead of just plucking off the part that's above ground, so to speak.

the website linked in that text file looks very shady and i dont even think its the real mcafee site. the real mcafee site has a search bar on the top right. i even pinged www.mcafee.com and it doesnt give me that ip address. im def not following those shady instructions. unless someone else can confirm its validity, im not touching it.

i might get the spybot search and destory since ive heard about it before. sounds like a good program.

havent heard of windows defender though, but ill look at that too.

 

[networkman]

I've recommended StopSign.com to folks that have an infected machine at home and want to fix it themselves. I've even used it to help in identifying culprits on a machine; it won't do a clean without paying, but I've found it quite helpful in tracking down things that other programs have failed to find.

 

[mechBgon]

Originally posted by: MidNiteMysT

Originally posted by: mechBgon
Also try this antivirus/antiTrojan scanning utility: instructions, follow precisely LMK if it gives you any trouble. If the bad stuff got installed by a Trojan, this may get to the root of the dandelion instead of just plucking off the part that's above ground, so to speak.

the website linked in that text file looks very shady and i dont even think its the real mcafee site. the real mcafee site has a search bar on the top right. i even pinged www.mcafee.com and it doesnt give me that ip address. im def not following those shady instructions. unless someone else can confirm its validity, im not touching it.

i might get the spybot search and destory since ive heard about it before. sounds like a good program.

havent heard of windows defender though, but ill look at that too.

LOL... I made that text file myself, guy. You're seeing the real McAfee/NAI site. And I would know, since we use the full-on McAfee/NAI Active VirusScan suite at work, where I am the IT guy and general bringer of final doom to any malware that dares try to poke its nose in my network. The Virus Information Library page at nai.com is my homepage and I see it about one jillion times per day.

The reason that the address is given numerically, rather than starting with http://vil.nai.com, is that infected computers often cannot reach http://vil.nai.com because the malware does a 127.0.0.1 loopback using the sytem's HOSTS file to keep the infected computer from getting antivirus updates. But the IP address will work even so. Make sense now?

(hint: I did not rack up ~25000 posts by handing out shady links )

 

[MidNiteMysT]

i tried what you said and it only found one "possibly infected" file that i dont think was infected, but at least now i know my computer isnt infected, or its just infected with something not big. thanks

what program should i use to prevent more viruses/spyware? i see that zonealarms internet suite got very good reviews so im leaning towards that instead of my ad aware pro/norton av combo im using now.

 

[mechBgon]

What was the name of the possibly-infected thing? That could be helpful in figuring out what's going on.

The best program to prevent more spyware is really not a program, it's using a Limited account. Plus avoiding warez, keygens, that kind of stuff. And keep your software patched up, not just Windows but stuff like Office, Adobe Reader, Flash, WinAmp, alternate browsers you may be using, you got to keep them up-to-date too.

If you're going to be using an Administrator-class account for daily-driver stuff, then I'd vote for using Kaspersky Antivirus Personal, combined with Windows Defender Beta 2. They both provide real-time protection, to keep you from getting into trouble, rather than trying to get you back OUT of trouble after the fact. If you use Kaspersky, make sure to change it to use the Extended Databases. McAfee's home-user antivirus software is actually pretty good too, but it gets in your face more. And Kaspersky's still the one that has the hourly updates, versus daily updates with McAfee.

Other goodies you could use in addition: IE-SPYAD and SpywareBlaster, and Spybot Search & Destroy 1.4.

Also, if your CPU supports Data Execution Prevention, make sure to fully enable it like this pic.

 

[MidNiteMysT]

thanks for your in depth posts. i was actually doing a lot of research and decided to get kaspersky so you telling me that only confirms my selection. it seems to have a very high detection rating which i like a lot. windows defender i havent researched yet but someone else recommended it to me too. looks like ill have to download that too.

i completely forgot the name of the possiblity infected file lol. and i deleted the report too. i dont think it had any real relevance though. maybe i should have kept the report.

im going to think about that limited access account, although it might be annoying to transfer my settings and such to comfortably use and switch over to it all the time.

im currently using adaware pro, youre suggestions are better than adaware pro im guessing right? if i had to choose, i might go with spybot since ive heard about it more.

so im planning to get kaspersky, windows defender (maybe since its beta) and maybe spybot. after i have these, i should be set except for a firewall. should i use a firewall program or just use windows built in one for that?

edit: and i just enabled DEP

Thank

 

[mechBgon]

im going to think about that limited access account, although it might be annoying to transfer my settings and such to comfortably use and switch over to it all the time.

What you do, is you make a new account named Admin or something, and then you switch your own existing account down to Limited in the Control Panel > User Accounts. So you don't have to transfer your settings and stuff

im currently using adaware pro, youre suggestions are better than adaware pro im guessing right? if i had to choose, i might go with spybot since ive heard about it more.

What I'm shooting for is real-time protection against malware. Spybot isn't. It has some immunization features, but Defender or another good realtime protection is what's going to say HEY OMG SOMETHING IS TRYING TO CHANGE J00R SETTING><0Rs, DO J00 WANT?!?!!!!11!!1! :Q right when the malware tries to do it. I haven't tried Ad-Aware Pro so I don't know how it compares. But Defender's free.

should i use a firewall program or just use windows built in one for that?

I just use the built-in one, plus a router between my modem and my computer. If I'm on my Limited account, then that would keep malware from using my account to nuke the firewall or reconfigure it. If you want more alerting of outbound stuff

 

[MidNiteMysT]

very good idea. i just did what you suggested and im now on limited i feel more secure already!

i guess ill use spybot occasionally just to see if it picks up anything that passed through adaware. gonna download defender too though to try it out. the adaware makes reports and tells me when stuff is being edited which is what i like and it seems to be what you were describing

i also have a router, so that should help.

thanks for all your great tips and sorry for doubting you in the beginning hehe.

 

[rasczak]

intereting read. i might follow some of these suggestions

 

[RebateMonger]

I'm pretty leary of any PC that's been infected by spyware or trojans. There are more and more infections whose purpose in life is to gather private information, such as passwords and credit card numbers. And they are getting tougher to detect. A good one WON"T announce itself with some stupid error like you are seeing. There won't be any indication at all.

If it was MY computer that got infected, I would:
1) Rebuild the system from scratch or from a known-good image.
2) Install a single firewall (I like the built-in XP SP2 firewall), a single AV program, and a single active AntiSpyware application
3) Set my Local user priviliges to "Restricted User"
4) Follow Security Best Pratices regarding web surfing, email, etc.

 

[MidNiteMysT]

im having a little problem. when i logged into my account, it said it couldnt load .net framework which is what i need for the ati software. is there a way to allow my account to load .net framework? im not sure why it would deny it in the first place.

 

[mechBgon]

How about reinstall .NET framework, you can get version 2.0 from Windows Update if you use the Custom update option.

 

[MidNiteMysT]

Originally posted by: mechBgon
How about reinstall .NET framework, you can get version 2.0 from Windows Update if you use the Custom update option.

i already have 2.0. thats the version im talking about. when i log in as admin, theres no problem, but when i log in as limited, it gives a problem. so for some reason, the limited isnt letting the .net framework load.

 

[mechBgon]

Huh. That's a new one to me. Is there any stuff in the Event Viewer that sheds light on what the hangup is? Right-click My Computer, choose Manage, and then you can check the Event Viewer's different event logs to see. Look for stuff that coincides with the time that you log on.