Catalina - Capri - 25s International Assocaition Logo(2006)  
Assn Members Area · Join
h.jpg Home.
a.jpg Association Forum
s.jpg Ships Store
c.jpg Cruising
r.jpg Racing
t.jpg Technical Tips
g.jpg Photo Gallery - New
o.jpg Boat Search - Updated
m.jpg Manuals & Brochures
3rdrpt.jpg Swap Meet
l.jpg Links
f.jpg Officer Flag Line & Staff
b.jpg Bylaws & Constitution
 
1.jpg Members Area
1.jpg Join the Association
 
Notice:
The advice given on this site is based upon individual or quoted experience, yours may differ.
The Officers, Staff and members of this site only provide information based upon the concept that anyone utilizing this information does so at their own risk and holds harmless all contributors to this site.
 
Association Forum
Association Forum
Home | Profile | Register | Active Topics | Forum Users | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Catalina/Capri 25/250 Sailor's Forums
 General Sailing Forum
 Warning regarding spyware [B)]- non sailing		  New Topic  Topic Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

tmhansen
Captain

Member Avatar

USA
397 Posts
Initially Posted - 09/18/2005 :  03:47:52  Show Profile  Visit tmhansen's Homepage
Just got done reformatting my computer after picking up some new kind of scourge on the internet called spyware. The actual program I got was called "Spy Sherrif". I thought I had sufficient measures in place but got nailed with this malicious software simply by hitting a web page that was a carrier. My work IT guys had me load Spybot to help get rid of it but it was too late and I had lost the ability to load software. Make backups and install barriers against this stuff that acts like it is something else. We were not even fooled and knew instantly that we had caught it but it was useless information.
Todd Hansen
Fiorghra'
San Luis Obispo, CA
Edited by - on

ClamBeach
Master Marine Consultant

Members Avatar

3072 Posts
Response Posted - 09/18/2005 :  12:36:22  Show Profile
Todd... Did you try booting into the safe mode? Can you load an app from there?

Here's a thread that details a successful cleanup of spy sherrif
http://www.geekstogo.com/forum/index.php?act=ST&f=37&t=52439

The next step beyond that is booting from the OS CD
and using the 'recovery console'. (not knowing what OS version you're on).

If you're familiar with 'Bart PE' or another bootable OS version you can
go that direction to recover from an infection like this too.

At any rate, I feel like typing this morning so here's what I recommend to stay safe.
This is IMHO stuff, provided in good faith, but use at your own risk/discretion.
[Note: I do this for a living]

1) If you're running MS Windows upgrade to XP-SP2. (Windows XP, service pack #2)
If you can't upgrade, do the best you can with the rest of the suggestions.

2) Let windows update do automatic patching or visit the windows update page on microsoft.com
on a regular basis. Let it scan and apply patches as needed. You can also use the new
'microsoft update' service which packages MS Office updates too.

3) Turn the XP firewall on. (Installed and turned on by default in XP-SP2 and beyond)

4) If you don't have XP-SP2, ZoneAlarm firewall from Zonelabs is very good.
It's also free for personal use. www.zonelabs.com

5) On XP, load the MS Anti-malware Beta from www.microsoft.com
It's the best I've seen so far and getting better every day.

6) If you're not on XP, try Spybot from (www.safer-networking.org/en/index.html)
other 'known good' free anti-malware programs are EWIDO (www.ewido.net/en/)
and Spyware Blaster (www.javacoolsoftware.com/spywareblaster.html)

7) AVG Anti-virus from Grisoft is free for personal use... and it's very good.
(www.grisoft.com/).

Note that I'm including the 'home' links for these products... downloads are safer that way.

As far as browser security. Some folks say Firefox is a safer browser, but now that it's become popular, it's being targeted and the number of security holes discovered in it is increasing to the point where it's being patched more than Internet Explorer. Take your pick.

For an extra measure of safety, you can go into Internet Options, Security and set all the 'Active X' controls to 'prompt'... (except keep 'never' on unsigned controls). This will be a bit of a nuisance, as you'll get prompts from pages with active X components asking if it's ok to run.

Unless I trust a site or am expecting an Active X application to run (Like Adobe Acrobat Reader, Windows Media Player etc.), I just say no. It's surprising how many sites are trying to run Active-X apps on your machine that don't appear to have any bearing on the way the site functions.

(Active X is a method for allowing a web site to actually load and run a program on your computer. Visit a malicious site with active X set 'on' and you are giving them the go-ahead to run the bad stuff unless you have something else in place to block it.)

It's the wild west out there.
Edited by - on
Go to Top of Page

Jim Mc
1st Mate

Members Avatar

USA
43 Posts
Response Posted - 09/18/2005 :  15:43:07  Show Profile
I also had a serious problem this week that turned out to be caused by spyware. My dell computer started running slow and I started receiving 10+ copies of each incoming E-mail. I thought I was well protected by my 2005 Norton Internet Security / Anti Virus program. Not so!!! Dell support sent me to download.com to download a free copy of Ad-Ware SE Personal Edition. After using this program to scan the computer we found more than 500 potential spyware files. After deleting these files and the duplicate E-mails the computer is running fine.
Edited by - on
Go to Top of Page

johnsonp
Admiral

Members Avatar

USA
606 Posts
Response Posted - 09/18/2005 :  19:22:03  Show Profile
My Gateway laptop runs Microsoft XP with SP2.........with upgrades when available.
I have been using Norton Anti Virus for many years with live updates almost every time I log and on ocassion would find a problem I was not even aware of.

Around Jan this year I started to have problems so bad that I had to use the Restore Program several times.

In August, I added No AdWare ,this program found about 100 problems and cleared things up.

Last week I had problems again, computer running very slow,etc and using the programs named above didn't fix it. I also could not use the Restore Promgram at all.

I Downloaded TrendMicro,which by the was free, this program found 125 problems and corrected them.

So far so good.

Well now that's my story and I'm sticking to it........


paulj
Edited by - on
Go to Top of Page

ClamBeach
Master Marine Consultant

Members Avatar

3072 Posts
Response Posted - 09/18/2005 :  20:03:32  Show Profile
A little more general info... this doesn't have much to do with sailing except here we are on the internet.

There are three main threat 'vectors' to PC's. (Vector = means of infection).

1) Viruses/Trojan Horse/Worms usually delivered via email/instant messaging/infected disks etc.
This is/was 'handled' by traditional anti-virus programs. The old line anti-virus vendors
are finally branching out into anti-malware efforts. May take them awhile to get up to speed
on it.

2) Crapware/Malware/Adware/Trojan Horse infections from to malicious web sites.
Anti-malware programs are directed at these threats. Who's best? It has varied a lot,
but I think MS is the best out there right now. Many 'serious' internet hacks have multiple
anti-malware programs running at the same time.

3) Intrusions/Hacking directly from the internet.
Firewalls are designed to protect against these threats. You can use a software firewall
like Zonealarm or the native MS firewall. Another alternative is or a hardware firewall
like the Linksys or D-Link boxes commonly offered for $50 or so.

You really need protection from all three threats to be 'safe' (whatever that is). Keep everything updated as much as possible, it's a continual cat and mouse game between the good guys and the bad guys. A recent study had an unprotected box sitting on a broadband connection being compromised in about 5 minutes.
Edited by - on
Go to Top of Page

tmhansen
Captain

Members Avatar

USA
397 Posts
Response Posted - 09/18/2005 :  20:51:43  Show Profile  Visit tmhansen's Homepage
Clam thanks for the information. Too late for me but I hope others don't get burned. I'd rather spend my computer time here than fixing my PC.

I'm off to download SP2
Edited by - on
Go to Top of Page

pjeffarch
Navigator

Members Avatar

USA
135 Posts
Response Posted - 09/18/2005 :  22:42:26  Show Profile
It never ceases to amaze me what great resources this forum brings! Thanks all for the info and links, as I just learned I've got a virus and need to clean it up...will work on it!
Edited by - on
Go to Top of Page

SailFisher
1st Mate

Members Avatar

USA
62 Posts
Response Posted - 09/19/2005 :  22:31:37  Show Profile
<b><font size="1"><font color="blue"><font face="Verdana">Here's an email I update and send to all family and friends every April (Winter blues). Sorry if this post is long, I know it helps.(I was just promoted to First Mate, Aarrgghh!!!)

1. System Restore
2. Backup
3. Disk Cleanup
4. Uninstall
5. Msconfig
6. Scandisk
7. PC Pitstop
8. Microsoft
9. Download 5
10. Clean IE
11. Fix Buffer
12. Defragment
13. Reboot
14. PC Pitstop

First things first:
1. (XP Only) If you have System Restore in your
Start/Programs/Accessories/System Tools/System Restore
Create a new restore point, it's easy and fast. What
it does is stores all your PC settings from today and
saves them, if you screw up later, you can return your
computer back to this point. Like backing up all your
computer settings.

2. (All) Backup: Addressbook, Documents, Favorites,
Fotos, Music, anything that's important. Save to CD,
RW-CD, USB drive, or better yet, Save to the Internet.
Always accessable, from anywhere, for FREE, maybe
Yahoo! Briefcase
http://briefcase.yahoo.com/

3. (XP) Run Disk Cleanup and it's OK to check and
click all boxes and buttons. Run everything EXCEPT
Cleanup Restore Points. Goto
Start/Programs/Accessories/System Tools/Disk Cleanup

4. (All) Delete and uninstall all not needed and not
used software and/or programs. Best way is to use
Start/Settings/Control Panel/Add Remove Programs.
Some things don't list here. Then goto
My Computer/C Drive/Program Files and start trashing.
ONLY GET RID OF THE STUFF, IF YOU KNOW WHAT IT IS.
IF YOU DON'T KNOW, YOU MUST KEEP IT.

5. (2000/XP) Advanced users (geeks) can try this
one. Goto Start/Run/type msconfig then goto the
Startup tab and uncheck any software you don't want to
load at startup. To see all the programs running right now,
hit CTRL+ALT+DELETE. You can shut them off here, but
that is just once, MSCONFIG disables them at startup
for good or until they are needed.
ONLY GET RID OF THE STUFF, IF YOU KNOW WHAT IT IS.
IF YOU DON'T KNOW, YOU MUST KEEP IT.(call me w/?)

6. (not XP) Run Scandisk, it only takes a few minutes,
but really worth it.
Start/Programs/Accessories/System Tools/ScanDisk
use Standard with fix errors automatically, you can
run a Thorough when you go to sleep, it takes a lot
longer.

7. (All) Goto and sign up at PC Pitstop, this GREAT
diagnostic and fix it place. It's all FREE.
http://pcpitstop.com/default.asp
Go there, sign-up, and run a full test and start fixing
theproblems. You can trust everything here and also
trust the Autofixes. So test and record your score. Fix
problems and record your fixes. Restart and retest and
record better score. Keep fixing and tweaking away to
a lean, healthy, and mean machine.

8. (All) Visit Microsoft Windows Update Website
http://v5.windowsupdate.microsoft.com/v5consumer/
Microsoft Support, lots of answers to lots of questions ...
http://support.microsoft.com/default.aspx?scid=FH;EN-US;FAQS

9. (All) Install 4 pieces of important FREE software
ZoneAlarm 5.5 an internet security firewall, doorlock
http://www.download.com/ZoneAlarm/3000-10435-10367376.html?tag=list
AdAware 1.05 a spyware finder, seeker and destroyer
http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022-10319876.html?tag=list
Spybot 1.3 another spyware program, use this also
http://www.download.com/Spybot-Search-Destroy/3000-8022-10289035.html?tag=list
Pop-up Blocker 3.1 very powerful, reliable, and easy
http://download.com.com/3000-2366-10159182.html?tag=lst-0-9
ZoneAlarm will run at startup, OK and recommended.
Allow or Deny every program and website into your PC.
AdAware and Spybot I run every now and then (monthly).
The first time is very very important.
Pop-up Blocker I also run at startup, recommended.
Just hit CTRL+Click anytime you really want a new
window to open up.
PLEASE RESIST THE URGE TO DOWNLOAD OTHER
PROGRAMS AND SOFTWARE. We are trying to
cleanup your machine not put more junk in there.

10. (IE) Delete ALL cookies, cache, and history. Open
IE/Tools/Internet Options/General And click:
Delete Cookies, Delete Files, and Clear History.
Change Days to keep pages in History to 30.

11. (IE) Fix internet download buffer size to 80. Goto
IE/Tools/Internet Options/General/Settings
Change the Amount of disk space to use: 80 MB

12. (All) Finally and most important if your done for the
day, at night, during sleep, whenever, but this can take
over an hour, Defragment the harddrive. Goto
Start/Programs/Accessories/System Tools/Disk Defragmentor
select Drive C and OK, then Show Details. This is the
most important thing on the whole list. But do it last,
after all your uninstalling, deleting, and installing.
DO NOT INTERRUPT THIS PROCESS. PLEASE DO
NOT INTERRUPT THIS PROCESS. ALSO, DO NOT
INTERRUPT THIS PROCESS.
(The above mentioned Microsoft Defragmenter is
weak and inferior to Diskeeper 9. The Microsoft one
only defrags partially. A much better defragmentor
is available for a 15 day trial, just long enough for us.)
http://www.download.com/Diskeeper/3000-2094_4-10335605.html

13. (All) Reboot your computer by turning it completely
off, count to 3, then start up again. Restart is not
always best.

14. (All) Now run PC Pitstop full test again and record
and enjoy your new score. You will notice increased
performance, faster programs, faster startup and
shutdown, faster internet, faster everything, a cleaner
leaner machine, your machine the way it should be,
with you in control.

Good luck, may the force be with you.</font id="Verdana"></font id="blue"></font id="size1"></b>
Edited by - on
Go to Top of Page

mwalkup
1st Mate

Members Avatar

USA
79 Posts
Response Posted - 09/20/2005 :  12:08:34  Show Profile
Thank all above for this tech. information update.

It just may help us continue to "sail smooth" on
Catalina25/250.org

Mike
83fk/tr
Edited by - on
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Association Forum © since 1999 Catalina Capri 25s International Association Go To Top Of Page
Powered By: Snitz Forums 2000 Version 3.4.06
Notice: The advice given on this site is based upon individual or quoted experience, yours may differ.
The Officers, Staff and members of this site only provide information based upon the concept that anyone utilizing this information does so at their own risk and holds harmless all contributors to this site.