XP virus / spam problem?

  • Thread starter Thread starter Dana Young
  • Start date Start date
D

Dana Young

Hi gang - I just joined and this is my first post, so please be gentle! :)

My XP pro machine recently started acting strange - pop-ups that my blocker
wasn't catching (of an offensive nature), text being highlighted and acting
strange on web sites, and general slowdown of performance on the machine in
general.

I'm afraid one of the kids went to a "bad" site and got some spyware or
virus on there.

Tried several spyware programs such as "Adaware", and scanned with Norton
Anti-virus Pro - removed alot of junk, but problems persist. Also went to
Remove Programs and got rid of everything I could think of...

I'm afraid something must of gotten permanently imbedded in the os. Full
backup and reinstall XP - maybe?? I don't want to lose my files and they are
spread all over the place!!

Any suggestions?
Thanks in advance!!
 
sounds like hi-jack or spyware.

Scan for previous posts on this subject...I seem to recall a rather
extensive post not too long ago dealing with this very issue.

I'd give you more direction, but I'll yield to the more "expert" folks out
there.

Search google for "spybot" software...install, update and scan.... You may
find a lot of stuff still lingering in the rafters.
 
-----Original Message-----
Hi gang - I just joined and this is my first post, so please be gentle! :)

My XP pro machine recently started acting strange - pop- ups that my blocker
wasn't catching (of an offensive nature), text being highlighted and acting
strange on web sites, and general slowdown of performance on the machine in
general.

I'm afraid one of the kids went to a "bad" site and got some spyware or
virus on there.

Tried several spyware programs such as "Adaware", and scanned with Norton
Anti-virus Pro - removed alot of junk, but problems persist. Also went to
Remove Programs and got rid of everything I could think of...

I'm afraid something must of gotten permanently imbedded in the os. Full
backup and reinstall XP - maybe?? I don't want to lose my files and they are
spread all over the place!!

Any suggestions?
Thanks in advance!!


.
turn on the xp firewall and/or disable messenger service
in services.

try running spybot security.kolla.de
 
Thanks to all -

Windows messenger had been disabled for a while - learned that one pretty
quick <grin>...

I will seach for spybot info as advised - also previous posts...

Thanks!
 
Disabling Windows Messenger is NOT going to stop popups from the messenger
service. They are two entirely different beasts! A firewall will stop these
types of popups. So will turning of the messenger service and changing the
setting to disable. You can reach this through right click on My Computer /
Manage / Services and applications / services.

--
Regards:

Richard Urban

aka Crusty (-: Old B@stard :-)
 
Greetings --

There are at least three varieties of pop-ups, and the solutions
vary accordingly. Which specific type(s) is troubling you?

1) Does the title bar of these pop-ups read "Messenger Service?"

This type of spam has become quite common over the past several
months, and unintentionally serves as a valid security "alert." It
demonstrates that you haven't been taking sufficient precautions while
connected to the Internet. Your data probably hasn't been compromised
by these specific advertisements, but if you're open to this exploit,
you may well be open to other threats, such as the Blaster Worm that
recently swept cross the Internet. Install and use a decent,
properly configured firewall. (Merely disabling the messenger
service, as some people recommend, only hides the symptom, and does
little or nothing to truly secure your machine.) And ignoring or just
"putting up with" the security gap represented by these messages is
particularly foolish.

Messenger Service of Windows
http://support.microsoft.com/default.aspx?scid=KB;en-us;168893

Messenger Service Window That Contains an Internet Advertisement
Appears
http://support.microsoft.com/?id=330904

Stopping Advertisements with Messenger Service Titles
http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp

Blocking Ads, Parasites, and Hijackers with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm

Whichever firewall you decide upon, be sure to ensure
UDP ports 135, 137, and 138 and TCP ports 135, 139, and 445 are _all_
blocked. You may also disable Inbound NetBIOS (NetBIOS over TCP/IP).
You'll have to follow the instructions from firewall's manufacturer
for the specific steps.

You can test your firewall at:

Symantec Security Check
http://security.symantec.com/ssc/vr_main.asp?langid=ie&venid=sym&plfid=23&pkj=GPVHGBYNCJEIMXQKCDT

Oh, and be especially wary of people who advise you to do nothing
more than disable the messenger service. Disabling the messenger
service, by itself, is a "head in the sand" approach to computer
security. The real problem is _not_ the messenger service pop-ups;
they're actually providing a useful, if annoying, service by acting as
a security alert. The true problem is the unsecured computer, and
you've been advised to merely turn off the warnings. How is this
helpful?

2) For regular Internet pop-ups, you might try the free 12Ghosts
Popup-killer from http://12ghosts.com/ghosts/popup.htm, Pop-Up Stopper
from http://www.panicware.com/, or the Google Toolbar from
http://toolbar.google.com/, which is what I use.

3) To deal with pop-ups caused by any sort of "adware" and/or
"spyware,"such as Gator, Comet Cursors, Xupiter, Bonzai Buddy, or
KaZaA, and their remnants, that you've deliberately (but without
understanding the consequences) installed, two products that are
quite effective (at finding and removing this type of scumware) are
Ad-Aware from www.lavasoft.de and SpyBot Search & Destroy from
http://security.kolla.de/. Both have free versions. It's even
possible to use SpyBot Search & Destroy to "immunize" your system
against most future intrusions. I use both and generally perform
manual scans every week or so to clean out cookies, etc.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
Dana said:
Tried several spyware programs such as "Adaware", and scanned with Norton
Anti-virus Pro - removed alot of junk, but problems persist. Also went to
Remove Programs and got rid of everything I could think of...

I'm afraid something must of gotten permanently imbedded in the os. Full
backup and reinstall XP - maybe?? I don't want to lose my files and they are
spread all over the place!!

It sounds as if something is being missed - make sure you have the
latest definitions of Adaware (there is a button on it to update, and
one came out only a couple of days ago).

Go to Start - Run and run MSConfig

Look on its Startup page for anything that looks suspicious, and uncheck
it to see.

If you find you have to clear out a repair install is the thing to do
in the first instance (but back up vital data files first, just in
case). Set the BIOS to boot CD before Hard disk, then boot the XP CD,
start Setup (do not take 'Repair' at this stage), then after the license
agreement take 'Repair Installation'. This will retain your existing
software installations and most settings. But Updates will have to be
run again, especially SP1;
It is important to activate the basic XP Firewall before you ever
connect to the net to get the patches, so as to be protected against
things like the BLAST worm.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top