WARNING!!!!!

SECURITY COMPRMISE there is a recent spywere program that effects windows
security and windows fire wall I have been infected with a SPYWARE that
installs bunch of programs that effect the windows secutiry centre and
changes the firewall allowance settings with out warning and changes your
homepage to an unchangeable setting as well as the windows update website
settings in control pannel and start menu to their web emulation and re
installs when you go there.
this exploit needs attention now. firstn signs are a window that says you
have been infected with sypware and need to install spyware gold or adwere
gold. and is a pain!!!!!!!!!!!! to get rid of because it desguises it's files
in then windows, system, and system 32 folders. I have returned my computer
to a form of fuctionality but still trying to find the rest of the files i
will do my best to make a list of the files and post them when ever posable

Mike wrote:
> SECURITY COMPRMISE there is a recent spywere program that effects
> windows security and windows fire wall I have been infected with a
> SPYWARE that installs bunch of programs that effect the windows
> secutiry centre and changes the firewall allowance settings with out
> warning and changes your homepage to an unchangeable setting as well
> as the windows update website settings in control pannel and start
> menu to their web emulation and re installs when you go there.
> this exploit needs attention now. firstn signs are a window that says
> you have been infected with sypware and need to install spyware gold
> or adwere gold. and is a pain!!!!!!!!!!!! to get rid of because it
> desguises it's files in then windows, system, and system 32 folders.
> I have returned my computer to a form of fuctionality but still
> trying to find the rest of the files i will do my best to make a list
> of the files and post them when ever posable

So.. You got Malware...
What did you do prior to getting to getting it to prevent such things?

--
Shenan Stanley
MS-MVP
--

"Mike @ thatplacethatiam@gmail.com" <Mike @
thatplacethatiam@gmail.com@discussions.microsoft.com> wrote in message
news:1A6F3BD6-06B1-4EAC-9F54-42490CBAA26B@microsoft.com...
> SECURITY COMPRMISE there is a recent spywere program that effects windows
> security and windows fire wall I have been infected with a SPYWARE that
> installs bunch of programs that effect the windows secutiry centre and
> changes the firewall allowance settings with out warning and changes your
> homepage to an unchangeable setting as well as the windows update website
> settings in control pannel and start menu to their web emulation and re
> installs when you go there.
> this exploit needs attention now. firstn signs are a window that says you
> have been infected with sypware and need to install spyware gold or adwere
> gold. and is a pain!!!!!!!!!!!! to get rid of because it desguises it's
> files
> in then windows, system, and system 32 folders. I have returned my
> computer
> to a form of fuctionality but still trying to find the rest of the files i
> will do my best to make a list of the files and post them when ever
> posable

While the warning is appreciated it is standard operating mode for a lot of
malware. Most computers brought to me for malware removal exhibit similar
behaviour. It is not limited to any one spyware or virus program. A lot of
them try to alter security settings and/or disable antivirus and antispyware
applications.

Kerry

ROTFLMAO..

When I first saw this post earlier today, I thought that the OP (that's you)
had discovered something new, so I didn't answer straight off of the bat..

The bad news is that you have discovered nothing, on the basis that somebody
else discovered it before you.. I say 'it'.. there are way more than one of
these things..


Some programs, like Kazaa for instance, will always give you problems.. even
if you install the so-called spyware free versions, files downloaded from
these services can be devastating.. there are users of these services that
deliberately make infected files available to the unwary.. others just do
not realise that their systems are infecting those of others in a covert
manner..



Please try the processes below.. and do them in order.. none of the
processes are beyond the abilities of a newbie user..



Maintaining a computer should be done regularly, and will only take a few
minutes per week.. of course, you will have to download protection..



OK.. start by turning OFF the System Restore function.. click on the Start
button.. right click on 'My Computer', then select Properties.. now select
the 'System Restore' tab..

Check the box "Turn off System Restore" or "Turn off System Restore on all
drives".. now click on 'Apply'.. you will be asked if it is ok to lose all
restore points.. answer YES to this.. now click on 'OK'



Now to the removal process..



Run a one shot virus remover.. I have found that McAfee Stinger works for
people.. download and run it..



http://vil.nai.com/vil/stinger/



Another alternative is ..



http://housecall.trendmicro.com/housecall/start_corp.asp



Finish this process first..



You will also need to download Spyware removal software.. Spybot and Adaware
are available at these websites.. both are free.. download and run them..
don't forget to check for updates after you have started them..



A note re.Spybot.. this version of the program (v 1.4) may work for you, but
it does not display correctly for me.. it is a very good program, and I was
a little annoyed at having to uninstall it, but there were some buttons that
I could not access.. if you have the same problem, uninstall it..



http://www.safer-networking.org/en/index.html



http://www.lavasoftusa.com/software/adaware/



.... and this link is for the latest Microsoft helping..



http://www.microsoft.com/athome/security/spyware/software/default.mspx



Spybot has the ability to immunize a system, but there is better for this
function, so download and run Spyware Blaster too.. again, check for
updates..



http://www.javacoolsoftware.com/



Time to turn ON System Restore.. this is obviously like turning it OFF, so
just reverse the procedure..



If you have any sense, you will now remove any programs that are known
carriers of all things bad.. some, like Patchou's Messenger Plus can be
installed such that the sponsor software does not get installed with it..
the sponsor software, if left, will re-infect your system immediately it is
run again.. use ADD/REMOVE PROGRAMS to un-install and then re-install,
taking care to check the box that gives you the option of NOT accepting the
sponsor crap.. if a program installation process does not allow you to do
this, forget about it.. leave it well alone..



If you have had your Internet browser hijacked, that is to say, you get
redirected through a search engine NOT of your choosing, you will need
different tools..



HijackThis is a popular and effective tool.. download it from here..



http://www.spychecker.com/download/download_hijackthis.html



CWShredder will eliminate CoolWebSearch and variants.. there is a free
download here..



CWShredder.. http://www.intermute.com/spysubtract/cwshredder_download.html



About:blank.. http://www.securiteam.com/securityreviews/5RP0L0UD5U.html or

http://www.pchell.com/support/aboutblank.shtml



For other tools in the fight against spyware, visit this website and
bookmark it..



http://www.pchell.com



Mark Hasting has put much work into this site.. it is an invaluable site,
both for reference and fix-its..



You must also run a firewall and anti-virus program.. here are some links
for you..

http://www.mcafee.com

http://www.symantec.com

http://www.zonealarm.com

http://www.kerio.com

http://www.sygate.com

http://www.avast.com

http://www.grisoft.com



If you do not run a firewall and anti-virus solution, you are leaving
yourself open to attacks of all kinds.. these two types of program are your
first line of defence..



So by now, your system should be in reasonable shape.. you will have tools
'locked and loaded', ready for weekly use against those who seek to destroy
your pleasure.. incorporate these into a housekeeping policy that includes
running Defragmenter and Disk Cleanup, and you will be able to easily
maintain your system..



Please return to this thread and provide feedback.. it is the only way that
helpers here can determine how effective the advice given has been..



Good luck..


--
Mike Hall
MVP - Windows Shell/User
http://dts-l.org/goodpost.htm





"Mike @ thatplacethatiam@gmail.com" <Mike @
thatplacethatiam@gmail.com@discussions.microsoft.com> wrote in message
news:1A6F3BD6-06B1-4EAC-9F54-42490CBAA26B@microsoft.com...
> SECURITY COMPRMISE there is a recent spywere program that effects windows
> security and windows fire wall I have been infected with a SPYWARE that
> installs bunch of programs that effect the windows secutiry centre and
> changes the firewall allowance settings with out warning and changes your
> homepage to an unchangeable setting as well as the windows update website
> settings in control pannel and start menu to their web emulation and re
> installs when you go there.
> this exploit needs attention now. firstn signs are a window that says you
> have been infected with sypware and need to install spyware gold or adwere
> gold. and is a pain!!!!!!!!!!!! to get rid of because it desguises it's
> files
> in then windows, system, and system 32 folders. I have returned my
> computer
> to a form of fuctionality but still trying to find the rest of the files i
> will do my best to make a list of the files and post them when ever
> posable

So what is the solution. What should I do.


"Kerry Brown" wrote:

> "Mike @ thatplacethatiam@gmail.com" <Mike @
> thatplacethatiam@gmail.com@discussions.microsoft.com> wrote in message
> news:1A6F3BD6-06B1-4EAC-9F54-42490CBAA26B@microsoft.com...
> > SECURITY COMPRMISE there is a recent spywere program that effects windows
> > security and windows fire wall I have been infected with a SPYWARE that
> > installs bunch of programs that effect the windows secutiry centre and
> > changes the firewall allowance settings with out warning and changes your
> > homepage to an unchangeable setting as well as the windows update website
> > settings in control pannel and start menu to their web emulation and re
> > installs when you go there.
> > this exploit needs attention now. firstn signs are a window that says you
> > have been infected with sypware and need to install spyware gold or adwere
> > gold. and is a pain!!!!!!!!!!!! to get rid of because it desguises it's
> > files
> > in then windows, system, and system 32 folders. I have returned my
> > computer
> > to a form of fuctionality but still trying to find the rest of the files i
> > will do my best to make a list of the files and post them when ever
> > posable
>
> While the warning is appreciated it is standard operating mode for a lot of
> malware. Most computers brought to me for malware removal exhibit similar
> behaviour. It is not limited to any one spyware or virus program. A lot of
> them try to alter security settings and/or disable antivirus and antispyware
> applications.
>
> Kerry
>
>
>

Install antivirus software, anti spyware software, get a firewall, install
all windows updates, turn on windows updates and update all definitions

come on!!!!

"lm" <lm@discussions.microsoft.com> wrote in message
news:B07D0018-634D-48D4-A53E-41802762C118@microsoft.com...
> So what is the solution. What should I do.
>
>
>

"lm" <lm@discussions.microsoft.com> wrote in message
news:B07D0018-634D-48D4-A53E-41802762C118@microsoft.com...
> So what is the solution. What should I do.
>

Here's some links that will help:

http://www.aumha.org/secure.htm

http://rgharper.mvps.org/cleanit.htm

Read all the information at the above links and follow through with their
tips. If that is beyond your capabilities (nothing wrong with being
inexperienced) then take the computer to a local professional to have the
malware removed. Make sure you back up all your important data before doing
anything. Some malware hooks itself so deeply into windows that the process
of removing it can cause problems with internet access or windows itself.
The procedures at the sites listed above will clean most infections.

Kerry




>
> "Kerry Brown" wrote:
>
>> "Mike @ thatplacethatiam@gmail.com" <Mike @
>> thatplacethatiam@gmail.com@discussions.microsoft.com> wrote in message
>> news:1A6F3BD6-06B1-4EAC-9F54-42490CBAA26B@microsoft.com...
>> > SECURITY COMPRMISE there is a recent spywere program that effects
>> > windows
>> > security and windows fire wall I have been infected with a SPYWARE that
>> > installs bunch of programs that effect the windows secutiry centre and
>> > changes the firewall allowance settings with out warning and changes
>> > your
>> > homepage to an unchangeable setting as well as the windows update
>> > website
>> > settings in control pannel and start menu to their web emulation and re
>> > installs when you go there.
>> > this exploit needs attention now. firstn signs are a window that says
>> > you
>> > have been infected with sypware and need to install spyware gold or
>> > adwere
>> > gold. and is a pain!!!!!!!!!!!! to get rid of because it desguises it's
>> > files
>> > in then windows, system, and system 32 folders. I have returned my
>> > computer
>> > to a form of fuctionality but still trying to find the rest of the
>> > files i
>> > will do my best to make a list of the files and post them when ever
>> > posable
>>
>> While the warning is appreciated it is standard operating mode for a lot
>> of
>> malware. Most computers brought to me for malware removal exhibit similar
>> behaviour. It is not limited to any one spyware or virus program. A lot
>> of
>> them try to alter security settings and/or disable antivirus and
>> antispyware
>> applications.
>>
>> Kerry
>>
>>
>>

lm wrote:
> So what is the solution. What should I do.
>
>



To deal with pop-ups caused by any sort of "adware" and/or
"spyware,"such as Gator, Comet Cursors, Xupiter, Bonzai Buddy, or
KaZaA, and their remnants, that you've deliberately (but without
understanding the consequences) installed, two products that are
quite effective (at finding and removing this type of scumware) are
Ad-Aware from www.lavasoft.de and SpyBot Search & Destroy from
www.safer-networking.org/. Both have free versions. It's even
possible to use SpyBot Search & Destroy to "immunize" your system
against most future intrusions. I use both and generally perform
manual scans every week or so to clean out cookies, etc.

Additionally, manual removal instructions for the most common
varieties of scumware are available here:

PC Hell Spyware and Adware Removal Help
http://www.pchell.com/support/spyware.shtml

More information and assistance is available at these sites:

Blocking Ads, Parasites, and Hijackers with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm

The Parasite Fight
http://www.aumha.org/a/parasite.htm

Neither adware nor spyware, collectively known as scumware,
magically install themselves on anyone's computer. They are almost
always deliberately installed by the computer's user, as part of some
allegedly "free" service or product.

While there are some unscrupulous malware distributors out there,
who do attempt to install and exploit malware without consent, the
majority of them simply rely upon the intellectual laziness and
gullibility of the average consumer, counting on them to quickly click
past the EULA in his/her haste to get the latest in "free" cutesy
cursors, screensavers, "utilities," and/or wallpapers.

If you were to read the EULAs that accompany, and to which the
computer user must agree before the download/installation of the
"screensaver" continues, most adware and spyware, you'll find that
they _do_ have the consumer's permission to do exactly what they're
doing. In the overwhelming majority of cases, computer users have no
one to blame but themselves.

There are several essential components to computer security: a
knowledgeable and pro-active user, a properly configured firewall,
reliable and up-to-date antivirus software, and the prompt repair (via
patches, hotfixes, or service packs) of any known vulnerabilities.

The weakest link in this "equation" is, of course, the computer
user. No software manufacturer can -- nor should they be expected
to -- protect the computer user from him/herself. All too many people
have bought into the various PC/software manufacturers marketing
claims of easy computing. They believe that their computer should be
no harder to use than a toaster oven; they have neither the
inclination or desire to learn how to safely use their computer. All
too few people keep their antivirus software current, install patches
in a timely manner, or stop to really think about that cutesy link
they're about to click.

Firewalls and anti-virus applications, which should always be used
and should always be running, are important components of "safe hex,"
but they cannot, and should not be expected to, protect the computer
user from him/herself. Ultimately, it is incumbent upon each and
every computer user to learn how to secure his/her own computer.


To learn more about practicing "safe hex," start with these links:

Protect Your PC
http://www.microsoft.com/security/protect/default.asp

Home Computer Security
http://www.cert.org/homeusers/HomeComputerSecurity/

List of Antivirus Software Vendors
http://support.microsoft.com/default.aspx?scid=kb;en-us;49500

Home PC Firewall Guide
http://www.firewallguide.com/

Scumware.com
http://www.scumware.com/


--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH