restore Cd how to use

[Guest]

Hi, my computer is under a year old and has norton protecting it,this is set
to automatic updates. How ever i have spent a week trying to get rid of
trojan feat 2. I have looked at various sites and downloaded several
including spy bot ad aware ectra but nothing is stopping my pages from being
hijacked and adds being thrown at me (normally for add stoppers and trojan
stoppers). I should like to restore my computer back to its original
settings. I have the discs but no information on how to use them. can any one
point me in the right direction please. many thanks
Irene

 

[Modem Ani]

Did your computer not come with instructions on how to use the restore CDs?
In any case, restore CDs are proprietary, so you'll have to ask the company
that made your computer.

Modem Ani

 

[Mike Hall \(MS-MVP\)]

Irene


Please try the processes below.. and do them in order.. none of the
processes are beyond the abilities of a newbie user..



You would be better advised to work on the problems rather than start over
now, have the same things happen again, and then have to repeat the
process.. maintaining a computer should be done regularly, and will only
take a few minutes per week..



OK.. start by turning OFF the System Restore function.. click on the Start
button.. right click on 'My Computer', then select Properties.. now select
the 'System Restore' tab..

Check the box "Turn off System Restore" or "Turn off System Restore on all
drives".. now click on 'Apply'.. you will be asked if it is ok to lose all
restore points.. answer YES to this.. now click on 'OK'



Now to the removal process..



Run a one shot virus remover.. I have found that McAfee Stinger works for
people.. download and run it..



http://vil.nai.com/vil/stinger/



Another alternative is ..



http://housecall.trendmicro.com/housecall/start_corp.asp



Finish this process first..



You will also need to download Spyware removal software.. Spybot and Adaware
are available at these websites.. both are free.. download and run them..
don't forget to check for updates after you have started them..



http://www.safer-networking.org/en/index.html



http://www.lavasoftusa.com/software/adaware/



.... and this link is for the latest Microsoft helping..



http://www.microsoft.com/athome/security/spyware/software/default.mspx



Spybot has the ability to immunize a system, but there is better for this
function, so download and run Spyware Blaster too.. again, check for
updates..



http://www.javacoolsoftware.com/



Time to turn ON System Restore.. this is obviously like turning it OFF, so
just reverse the procedure..



If you have any sense, you will now remove any programs that are known
carriers of all things bad.. some, like Patchou's MessengerPlus can be
installed such that the sponsor software does not get installed with it..
the sponsor software, if left, will re-infect your system immediately it is
run again.. use ADD/REMOVE PROGRAMS to un-install and then re-install,
taking care to check the box that gives you the option of NOT accepting the
sponsor crap.. if a program installation process does not allow you to do
this, forget about it.. leave it well alone..



If you have had your Internet browser hijacked, that is to say, you get
redirected through a search engine NOT of your choosing, you will need
different tools..



HijackThis is a popular and effective tool.. download it from here..



http://www.spychecker.com/download/download_hijackthis.html



CWShredder will eliminate CoolWebSearch and variants.. there is a free
download here..



CWShredder.. http://www.intermute.com/spysubtract/cwshredder_download.html



About:blank.. http://www.securiteam.com/securityreviews/5RP0L0UD5U.html or

http://www.pchell.com/support/aboutblank.shtml



For other tools in the fight against spyware, visit this website and
bookmark it..



http://www.pchell.com



Mark Hasting has put much work into this site.. it is an invaluable site,
both for reference and fix-its..



You must also run a firewall and anti-virus program.. here are some links
for you..



http://www.mcafee.com

http://www.symantec.com

http://www.zonealarm.com

http://www.kerio.com

http://www.sygate.com

http://www.avast.com

http://www.grisoft.com



If you do not run a firewall and anti-virus solution, you are leaving
yourself open to attacks of all kinds.. these two types of program are your
first line of defence..



So by now, your system should be in reasonable shape.. you will have tools
'locked and loaded', ready for weekly use against those who seek to destroy
your pleasure.. incorporate these into a housekeeping policy that includes
running Defragmenter and Disk Cleanup, and you will be able to easily
maintain your system..



Please return to this thread and provide feedback.. it is the only way that
helpers here can determine how effective the advice given has been..



Good luck..


--
Mike Hall
MVP - Windows Shell/user

 

[Joan Archer]

Why do you think it necessary to turn off SR before doing clean up jobs,
surely it would be better to leave this alone until problems have been
sorted out, at least that way if something gets screwed up you can get
back to a working system by using it. After the system has been cleaned
you could flush out SR to get rid of any rubbish left in there and set a
new clean checkpoint.
Joan

 

[Mike Hall \(MS-MVP\)]

Joan

If something gets screwed, using System Restore will in all probability
re-introduce every problem.. this assumes of course that System Restore
completes without errors.. it may or may not complete because the problem
infection is well embedded in every restore point.. virus and trojan authors
are not stupid and recognised aways back that System Restore had to be
targeted.. Help and Support, and any incumbent diagnostic tool can be and
often are disabled in the same way..

It is important to eliminate as many possible causes as normal removal
procedure allows.. leaving useful utilities that were downloaded and run
with 'sponsor programs' intact, P2P sharing programs et al must go.. there
is little point in carrying out any clean up procedure if on a reboot, it
all comes back because the offending software is still there, having been
given clearance by the user to operate freely at some earlier point in
time..

So, the user completes, in order, all that I suggest and duly reboots, and
as long as the tools have done their job, System Restore will contain one
restore point, and it will be a good one..


--
Mike Hall
MVP - Windows Shell/User

 

[Joan Archer]

I hear you, <g> and yes it could bring back the problems but at least
there would still be a system to try again.

The clean up and tools you recommend should do the job nicely but there is
always the chance a user could by mistake not do a certain procedure
correctly or hit a wrong button and *be up the creek without a paddle*
but at least they would have the option to go back through SR and start
again.

I don't in any way want to argue the point with you as I know there are
many who agree with your approach but of course many others who don't, I
was just asking the reason why you suggested it.

I will bow out gracefully now and let you continue with your excellent
help <g>
Joan

 

[Mike Hall \(MS-MVP\)]

Joan

I have seen more than a few problems created by System Restore restoring
virus infections, much to the surprise of the user, and cases where System
Restore failed completely, making the situation worse.. there is a
temptation by some to format and start over when this happens, which is what
I am trying to avoid..

That said, users are welcome to use whatever part of the advice they think
will work for them, and if it does, all power to them..


--
Mike Hall
MVP - Windows Shell/User

 

[Guest]

Irene


Please try the processes below.. and do them in order.. none of the
processes are beyond the abilities of a newbie user..



You would be better advised to work on the problems rather than start over
now, have the same things happen again, and then have to repeat the
process.. maintaining a computer should be done regularly, and will only
take a few minutes per week..



OK.. start by turning OFF the System Restore function.. click on the Start
button.. right click on 'My Computer', then select Properties.. now select
the 'System Restore' tab..

Check the box "Turn off System Restore" or "Turn off System Restore on all
drives".. now click on 'Apply'.. you will be asked if it is ok to lose all
restore points.. answer YES to this.. now click on 'OK'



Now to the removal process..



Run a one shot virus remover.. I have found that McAfee Stinger works for
people.. download and run it..



http://vil.nai.com/vil/stinger/



Another alternative is ..



http://housecall.trendmicro.com/housecall/start_corp.asp



Finish this process first..



You will also need to download Spyware removal software.. Spybot and Adaware
are available at these websites.. both are free.. download and run them..
don't forget to check for updates after you have started them..



http://www.safer-networking.org/en/index.html



http://www.lavasoftusa.com/software/adaware/



.... and this link is for the latest Microsoft helping..



http://www.microsoft.com/athome/security/spyware/software/default.mspx



Spybot has the ability to immunize a system, but there is better for this
function, so download and run Spyware Blaster too.. again, check for
updates..



http://www.javacoolsoftware.com/



Time to turn ON System Restore.. this is obviously like turning it OFF, so
just reverse the procedure..



If you have any sense, you will now remove any programs that are known
carriers of all things bad.. some, like Patchou's MessengerPlus can be
installed such that the sponsor software does not get installed with it..
the sponsor software, if left, will re-infect your system immediately it is
run again.. use ADD/REMOVE PROGRAMS to un-install and then re-install,
taking care to check the box that gives you the option of NOT accepting the
sponsor crap.. if a program installation process does not allow you to do
this, forget about it.. leave it well alone..



If you have had your Internet browser hijacked, that is to say, you get
redirected through a search engine NOT of your choosing, you will need
different tools..



HijackThis is a popular and effective tool.. download it from here..



http://www.spychecker.com/download/download_hijackthis.html



CWShredder will eliminate CoolWebSearch and variants.. there is a free
download here..



CWShredder.. http://www.intermute.com/spysubtract/cwshredder_download.html



About:blank.. http://www.securiteam.com/securityreviews/5RP0L0UD5U.html or

http://www.pchell.com/support/aboutblank.shtml



For other tools in the fight against spyware, visit this website and
bookmark it..



http://www.pchell.com



Mark Hasting has put much work into this site.. it is an invaluable site,
both for reference and fix-its..



You must also run a firewall and anti-virus program.. here are some links
for you..



http://www.mcafee.com

http://www.symantec.com

http://www.zonealarm.com

http://www.kerio.com

http://www.sygate.com

http://www.avast.com

http://www.grisoft.com



If you do not run a firewall and anti-virus solution, you are leaving
yourself open to attacks of all kinds.. these two types of program are your
first line of defence..



So by now, your system should be in reasonable shape.. you will have tools
'locked and loaded', ready for weekly use against those who seek to destroy
your pleasure.. incorporate these into a housekeeping policy that includes
running Defragmenter and Disk Cleanup, and you will be able to easily
maintain your system..



Please return to this thread and provide feedback.. it is the only way that
helpers here can determine how effective the advice given has been..



Good luck..


--
Mike Hall
MVP - Windows Shell/user





Hi Mike

This sounds like really good advice several things you mentioned are true
for me. The day my home page was hijacked and "about blank "became my home
page i tried to use restore to go back to an earlier date. It told me it
could not restore to any point i tried. After down loading some of the tools
you mentioned it told me i was infected with cool webseach and trojan horse
12q and some thing else malware?. i had naively thought i could just put in
the discs and press the button and go back to the begining!. Any way i will
try your method. Can you tell me how to print off your instructions please .
i have highlighted the information but only the section showing in the window
actually prints.
many thanks
Irene

 

[Mike Hall \(MS-MVP\)]

Irene

Do you highlight the text and use the 'copy' function such that you can
paste into a WordPad document and then print out, or are you trying to print
directly from wherever you are viewing?.. try the former..

I use Outlook Express to access newsgroups.. this page will tell you how..
scroll down to the How to: Newsgroup part..

http://www.microsoft.com/windows/ie/using/oe/default.mspx

Others will tell you to use this or that or anything as long as it is not a
Microsoft program.. for now, just try OE.. if it works for you, stick with
it..

Post back with your progress.. and Good luck..

--
Mike Hall
MVP - Windows Shell/User

 

[Guest]

Hi Mike
I copied and pasted and it worked. Thanks for that. I am going to run
through what you suggested to get rid of the trojans ect. Hopefully i will be
able to use my computer afterwards to say thanks
regards
Irene

 

[Guest]

Hi Mike
I have run through the list you gave me and tese are the results

stinger said i had nothing on my computer
housecall tren -i could not download it my computer said it would have to
shut down 3 times!
spybot found 3 problems and fixed them
ad aware found 23 critical objects and fixed them
microsoft found about blank
spyware blaster i enabled
i then went to add/remove programes but could not remove/search
extender/shopping wizzard/home search assistant(they just put up open the
internet connection when i clicked on them?
Hijack this i am not sure how to work
the shredder said that about blank is not present also that cool websearch
was not present. I then restarted and i got an error message which read
system fehler code 1400 invalid window handle.
i logged on to the internet and got two adds straight away also lots of
little windows telling me that programes were trying to change settings. Is
the cure going to be worse than the ailment(only joking). It's obviously not
quite right yet. can you help please.
Irene

 

[Husky]

stinger said i had nothing on my computer
housecall tren -i could not download it my computer said it would have to
shut down 3 times!
spybot found 3 problems and fixed them
ad aware found 23 critical objects and fixed them
microsoft found about blank
spyware blaster i enabled
i then went to add/remove programes but could not remove/search
extender/shopping wizzard/home search assistant(they just put up open the
internet connection when i clicked on them?
Hijack this i am not sure how to work
the shredder said that about blank is not present also that cool websearch
was not present. I then restarted and i got an error message which read
system fehler code 1400 invalid window handle.
i logged on to the internet and got two adds straight away also lots of
little windows telling me that programes were trying to change settings. Is
the cure going to be worse than the ailment(only joking). It's obviously not
quite right yet. can you help please.
Irene

Just my $0.02, but you were given more info than you needed.
Running all the above is possibly causing trouble. A firewall, and virus
program should be all you need for protection from invaders.

Cookies is what Adaware is good for. Tracking cookies. It does do more, but
cookies and hijackers is it's primary target. Adaware isn't necessary to run
real time. SP2 does what Adaware can do, block cookies and popup's.

You needed to remove the crap. Trend pccillin can do it, or Norton should be
able to do it.
Adaware is for the minor crap that trend or Norton miss.
Depending on which version of XP you're using SP1 or SP2, SP2 has it's own
built in security section.
I can only speak about SP2. don't have SP1 anymore. If you aren't running a
firewall, and SP2, turn one of the firewall's off. In most cases a 3rd party
firewall is better than the SP2 built in. so turn that one off if you have one
and use the 3rd party firewall.

You should have some sort of virus protection installed. If not SP2 will tell
you every 2 minutes.

start->control panel->security options. You should see firewall, automatic
updates, and virus protection. They should all be ON.

Too much paranoia ware is as bad as none, or ignorance of what's invading your
machine.

a good virus program, a firewall, and go from there with the other stuff but
not running concurrently with the main defenses. IE6 is the main defense
against cookies, popup's and some malicious code. So no need to run Adaware or
a popup blocker if you're running IE6 and have ie6 set to default settings for
cookies and popup's..

I own Adaware, but only run it once in awhile. Trend I run real time and good
it does. it does something EVERY day. Either blocks something, or updates
itself. And as a double check when it does update. IE6 notices when trend is
off and warns you that you're vulnerable.
Trouble is that I found on the April 23rd, the updates don't take effect until
after a reboot. The trend pccillin virus of April 23 did more damage than any
virus. Everything locked. Had to turn off services to access the machine.
I'll renew with Trend when time comes again. Just shows they're really
modifying their software with updates.

What you should do is join some news group that addresses this subject spy
ware, ad ware, virus, Trojans malware, etc.. specifically.

http://www.dshield.org/
This link can help you to help others. it's FREE It'll show you how many
attacks your machine is getting daily. Requires a firewall to be installed that
writes the attacks to a log file.

I'm thinking the attitude it won't happen to me is based on the idea that these
attacks are coming from individuals, and your machine is hidden by the vastness
of the web. The attacks coming from individuals is minor. In most cases it's
scatter gun automated attacks run from several machines. Possibly your own
machine is doing the attacks without your knowledge.


this news group link here will answer all your questions about what's out
there, what stops it, and where to get it.

GRC.com also has it's own news server with many news groups. just point your
news reader to news.grc.com and browse his security news groups.

 

[Gordon]

Husky wrote:
|| Just my $0.02, but you were given more info than you needed.
|| Running all the above is possibly causing trouble. A firewall, and
|| virus program should be all you need for protection from invaders.

Um just having a firewall and AV will *NOT* protect you from malware.
Malware is NOT detected by AV programs as it's NOT a virus.
Neither will a firewall protect you from malware as you get them (usually)
from a website you are already on. You don't have to open anything, thus the
firewall is not alerted to illegal activity.

 

[Mike Hall \(MS-MVP\)]

Irene

Normally, the processes clear up issues that you had.. contrary to the
beliefs of some, none of the programs suggested make anything worse, and
many run them without problems..

You must set a firewall.. if you do not have one, enable the XP firewall for
now.. it will stop any invasion from outside sources.. go to Properties for
your internet connection, then click on the 'advanced' tab.. check the box
to enable the firewall..

Download the free version of Zonealarm.. http://www,zonealarm.com .. and set
it running.. once in place, you can disable the XP firewall..

Hijackthis is not the easiest program to use but it is effective.. there are
forums where you can post the results and people there will diagnose from
them.. unfortunately, it does leave the user having to edit registry, which
can bring problems of its own..

OK.. firewall in place?.. reboot the machine into safe mode by tapping the
F8 key as Windows starts to load.. then run Adaware, Spybot and any other
defence.. hopefully, they will detect any other hidden stuff..

Restart the machine and see what happens.. look in the ADD/REMOVE programs
list for anything that you do not think should be there.. make a list and
report back with it..

Another talked of SP2.. if you do not have SP2 installed on your system, do
nothing about it until all of the bad things have been eradicated.. SP2 does
not like being installed on a corrupted operating system.. we will deal with
that as and when..

I really must apologise for putting you through all of this.. in 99 cases
out of 100, it works fine.. yours is obviously #100.. I feel that we will
get through this, and both learn something.. I will add a section to my set
piece on the importance of having a firewall running before any procedures
are carried out.. it is a sad fact that people like you have to learn this
way.. unfortunately, there are those out there who don't care as they send
yet another invasive and destructive program to the unwary..

If at any point, you feel that it would be better to start over, I will
understand.. I was and still do hope that we can get over this without the
need for you to clean install, and possibly lose anything important.. once
the problems have gone, you will be way more aware, and will have the tools
and the knowledge to at least stand your ground..

If you choose to take it to a local repair guy, have it in writing that he
will save as much data as possible before wiping your system, and do not pay
him until you see your system working with everything in place..

Thank you for being so patient and willing to try all that I suggested..

Here's hoping..

--
Mike Hall
MVP - Windows Shell/User

 

[Guest]

Hi, Just to clear up some issues, the computer is under a year old and i had
Norton running automatic updates and my firewall was on, i had micosoft auto
updateing. Every thing was going fine until my home page dissapeared and i
was bombarded with adverts normally form virus removers. I down loaded avg
which did a scan and told me i had malware including cool web search and
about blank as i am writing this a warning from avg tells me that
c:/windows/d3wo.exe trojan horse downloader 12D and 12Q is trying to enter so
i have healed it. i am worried by all this as i do my banking ect online.Can
any one help with this? has anyone got rid of this? i think i would really
like to start from scratch, i have my discs but nothing to tell me how to use
them. i am not really very confident re the registery so i am looking for a
fix for dummies.If some one can tell me how to do this and then what to load
after i restart to keep myself safe i would be very grateful. And i just want
to say thanks to every one who has tried to help.
irene

 

[Husky]

Husky wrote:
|| Just my $0.02, but you were given more info than you needed.
|| Running all the above is possibly causing trouble. A firewall, and
|| virus program should be all you need for protection from invaders.

Um just having a firewall and AV will *NOT* protect you from malware.
Malware is NOT detected by AV programs as it's NOT a virus.
Neither will a firewall protect you from malware as you get them (usually)
from a website you are already on. You don't have to open anything, thus the
firewall is not alerted to illegal activity.

You'll excuse me if I disagree. I have plenty of paranoia software [collecting
dust]. My machine is clean.
I have trend running real time as both firewall, and virus. I run Adaware once
in awhile.
If you have GOOD software that does what's expected of it, my statement stands
as is. You don't need 30 programs that all find the same problems. In addition
they can cancel each other out if they're running at the same time.

And it costs $15.00 a year for me. Not counting Adaware, since it's just a
cookie cleaner to me.
I have no idea what you're talking about with me not being protected from
malware. Maybe your firewall and virus stuff won't protect you. I don't have
that problem. Maybe you should consider a different virus and firewall program
if you aren't blocking the problems with what you're using.

My ISP has a FREE to members AV program. No firewall [that's extra], no spam
blocking [that's extra].
I didn't read everything about it cause even free it was no bargain.
It was like putting a band aid on a shotgun blast.
IE6 blocks most crap from the web that's malicious. But not all that's the
reason for the firewall. And the virus cleaner is just an after the horse has
left the barn solution. I download stuff all the time with garbage in it. I
dump it to a TEMP folder where nothing but images leave or run without a virus
scan 1st.

 

[Husky]

Hi, Just to clear up some issues, the computer is under a year old and i had
Norton running automatic updates and my firewall was on, i had micosoft auto
updateing. Every thing was going fine until my home page dissapeared and i
was bombarded with adverts normally form virus removers. I down loaded avg
which did a scan and told me i had malware including cool web search and
about blank as i am writing this a warning from avg tells me that
c:/windows/d3wo.exe trojan horse downloader 12D and 12Q is trying to enter so
i have healed it. i am worried by all this as i do my banking ect online.Can
any one help with this? has anyone got rid of this? i think i would really
like to start from scratch, i have my discs but nothing to tell me how to use
them. i am not really very confident re the registery so i am looking for a
fix for dummies.If some one can tell me how to do this and then what to load
after i restart to keep myself safe i would be very grateful. And i just want
to say thanks to every one who has tried to help.
irene

I can only speak from what I know.
Adaware will search and find some problems. Enough that I upgraded from the
FREE version for the extras.
Adaware as is [FREE] is still your strongest tool against malware, tracking
cookies, some virii and Trojans, and hijackers which you say you have.

Trend Housecall 1st, then run Adaware. Some things you MUST reboot And rescan.
You know what a tick is right ? They attach themselves so that the only way is
to burn them off, ditto with some malware. Once it's in use while running, the
only way to remove it is to chop it's legs off while running, reboot and remove
the head.
Weatherbug was like that. search bar, home page hijackers are like that. You
can delete the body, but if you don't get the head it continues infecting. The
head is usually just a registry entry or web page that keeps on installing
itself every time you access the web in the back ground.

From experience whenever I had to re-install the OS, the 1st program installed
was the anti virus.
Then several days of configuration. Then connect to the web.
If I were you and still having your problems, would be to go back to Trend and
run Housecall.
I'm just wondering if you're actually blocking the installation of Housecall.
It does need to install something on your machine. Take the load off their
servers to inspect your machine, by providing you with a free scanner to look

Husky wrote:
|| Just my $0.02, but you were given more info than you needed.
|| Running all the above is possibly causing trouble. A firewall, and
|| virus program should be all you need for protection from invaders.

Um just having a firewall and AV will *NOT* protect you from malware.
Malware is NOT detected by AV programs as it's NOT a virus.
Neither will a firewall protect you from malware as you get them (usually)
from a website you are already on. You don't have to open anything, thus the
firewall is not alerted to illegal activity.

[/QUOTE]

 

[Guest]

Hi Mike,
The fire wall has all ways been on and i honestly thought i was safe with
that and the norton, there is one born every day!!. I will run through the
rest of your instructions in the morning and let you know how i get on. I
have three progrms in my add/remove list which i know i did not add on and no
matter how many times i try and delete them it asks me to logg on to the web
to take them off? they are search extender,shopping wizard and home search
assistant. I am also having a problem removing messenger from my tool bar. it
just keeps popping back up each time i log on. Sorry i have no idea what sp2
is. Please don't apologise for trying to help. i have been grateful for every
ones input. That people are willing to help a stranger and a total beginer is
great. So thatnks to all who are trying to help
regards
Irene

 

[Husky]

Hi Mike,
The fire wall has all ways been on and i honestly thought i was safe with
that and the norton, there is one born every day!!. I will run through the
rest of your instructions in the morning and let you know how i get on. I
have three progrms in my add/remove list which i know i did not add on and no
matter how many times i try and delete them it asks me to logg on to the web
to take them off? they are search extender,shopping wizard and home search
assistant. I am also having a problem removing messenger from my tool bar. it
just keeps popping back up each time i log on. Sorry i have no idea what sp2
is. Please don't apologise for trying to help. i have been grateful for every
ones input. That people are willing to help a stranger and a total beginer is
great. So thatnks to all who are trying to help
regards
Irene

SP2 is XP's service pack 2. It's a recent release this last year. It installs
an enhanced security section into XP.
As for those things asking to visit the web to remove them it's just one more
hook to get you to their site. Take those three items

search extender,shopping wizard and home search assistant

and ask in the news group. They can direct you to
specifics on how to remove these three.

messenger. Need more info. There's windows messenger, and messenger service.
messenger service can be disabled [and is recommended by MS] by
start->admin tools->services->messenger[ fast movement, just hit the letter key
'M' three times till it gets to the messenger service. Then just disable it.
This is assuming you have admin rights on the machine.

Windows messenger can just be removed from add/remove.
You may have part of the problem in Outlook express. It has messenger on by
default.

To stop connecting to your messenger service

Outlook Express automatically attempts to start your messenger service program
and log on to its services. You can stop it from doing this.

In Outlook Express, on the Tools menu, click Options.
Clear the Automatically log on to your messenger service check box.

 

[Husky]

Hi Mike,
The fire wall has all ways been on and i honestly thought i was safe with
that and the norton, there is one born every day!!. I will run through the

You actually should have been safe with a firewall and Norton. But then I don't
know what's included with your Norton.

You should really be paranoid about hitting anything that pops itself right in
your face and says install me.
Like Alice in Wonderland.. Eat me. drink me. we all know what came of that.
If it's the XP firewall. XP doesn't make any real claims about it. It should be
good if you've learned what to watch out for on the web. Otherwise if Norton
comes with a firewall, you'd probably be better using Norton's, and turning off
the XP firewall. But make sure at least one of them is running.
1 firewall = good 2 firewall's = bad

And they say paranoia isn't good.