Early this year I became aware that my computer was running slower and slower, even when I was off line. Then I noticed my Internet browser was defaulting to an unknown web page. A friend suggested I download spybot and see if I had spyware on my computer. Boy did I. Spybot cleaned out some files but did not clean my registry. I then downloaded Ad-ware and it cleaned my registry and I thought my hard drive was spyware free.

Last week I got hit with a vicious piece of malware (malicious ware). My browser was constantly being redirected to coolsearch .biz. I had automatic dialer trojans on my computer. I ran Ad-aware and it found the contaminated files and some of the registry spyware but it could not locate the trojan that was behind all this.

This trojan was a beaut. Not only did it redirect my browser but when I logged off the internet it would log back on a few minutes later. I went out Sunday afternoon and when I came home a few hours later I found out that my computer had dialed back on to the internet and I had all kinds of porn address coming up and windows trying to get me to accept their offer to change my ISP to an overseas company, an unnamed or specified company, and that I would be responsible for all the rates and charges.

I was pissed. I didn't know what to do to get rid of this crap. I told my kids and wife not to do a thing on the computer until I straightened this thing out. My SYSTEM32 file had been corrupted as well. When my computer would boot up I would receive various error messages.

My friend, the same one who suggested I try Spybot and Ad-Aware, has been having the same problems. He suggested I try Ewido. It took two scans, two hours per scan, to locate the trojans and remove them. Finally I had my browser back and my computer was running tasks a lot quicker. I thought I had the problem licked. I even used my recovery disk to correct the problems I was having with my SYSTEM32 file. However, when I would reboot the computer I was still getting an error message. I typed in the error message into a Google and found that this was due to malware that was piggy backed onto my computer when I downloaded Ad-Aware. I used Panda to scan my computer and it found the trogans, http://www.antivirusworld.com/articles/virus/downloader.gk.php. However, I used Panda's free scan to locate the trojans, I had two, but in order to remove them I need to purchase the software. Afterwards I ran Ad-Aware and it found 6 spyware files, then I ran the Ewido program and it found no trace of the malware or the trojans that Panda had just found.

I don't know what to do. I am thinking of purchasing Panda but am not confident that it, or anyother software package can catch all the mal and spyware out there. I'm sick of these hacker bastards totally screwing up my computer. Does anybody know of a program that is pretty much able to locate all the current mal & spywares out there, and a company that offers up to the minute updates.

Death to all Hackers and originators of spy & malware. :mad:

Coolsearch is a pain in the ass to purge from a system.

You need both anti-virus and anti-spyware programs. They don't duplicate. They complement. AV programs are not designed to find spyware, and the spyware proggies won't catch viruses.

For up-to-date antivirus protection, Norton AV is excellent. Symantec releases daily updates (http://www.symantec.com/avcenter/download/pages/US-N95.html) to the definition files. If you're in the market for it, see if you can find NAV 2003 or 2002. 2004 is excellent, but Symantec instituted an activation process similar to what MS uses for XP. You're therefore stuck with using it on only one machine. 2002 and 2003 don't require it, and they perform just as well.

Note: AdAware considers browser cookies to be spyware, "tracking cookies". They're harmless, but it you run AAW after Web-surfing, it will find them if nothing else. Spybot may as well, but I run it after AAW, which makes the cookies go away. Ergo, they're never there for Spybot to find.

And, if you don't have one, get a firewall. That's indispensable, especially on broadband (DSL/cable) connections. I use BlackICE PC Protection, but ZoneAlarm is pretty good as freebies go. A router with a built-in firewall is the ultimate weapon, but unless you have a home network, it's overkill. Another option is using an old box as a Linux-based firewall.

For prevention, the most important advice that can be offered is to refuse to click on email attachments, even if they come from your saintly, white-haired grandma. 99% of viruses come that way. "Warez" programs are notorious for being infected. Also avoid opening ICQ attachments. If you use P2P programs such as KaZaa, don't open the downloaded files until after you've scanned them for viruses.

Spyware often piggybacks on "freeware" programs, and it's installed in the process of installing the wanted program. Even commercial programs are known to put the crap into the machine.

KaZaa quite openly installs adware with its free version, and removing it disables the program.

Computer security begins with the owner. The best defensive software is worthless if the computer users are unfamiliar with security.

To followup on Doc's message.

Spyware can take many forms. Some simply dump cookies onto your hard drive and collect your web surfing habits and build a profile of those habits. For example, you might see banners from sites that might advertise a service or company in your area, even though the site itself is national or international.

Other spyware can be far more dangerous, such as keystroke collectors, which will attempt to record all keystrokes from a PC. These are usually used to collect information such as SS, credit card or banking numbers. Other spyware will throw popups all over your screen. Cool Web Search is a perfect example of this.

Cool Web Search maybe the most insidous piece of spyware ever written and maybe the hardest to get rid of. My suggestion is to go to the webroot.com site and download Spy Sweeper (http://www.webroot.com/products/spysweeper). The program and first update is free, but to continue to get updates, the cost is $29.95. However, it is well worth it as it the most robust spyware removal tool out there. AdAware and Spybot have fallen behind the times and just are not as effective a weapon as they used to be, as spyware has become more and more sophisticated. And with having Cool Web Search on your system, Spy Sweeper is the way to go.

Also, here (http://www.spysweeper.com/remove-coolwebsearch.html) is a way to manually remove CWS from your system.

As for AV tools, Doc and I have a friendly disagreement on that. He prefers Norton and I prefer the EZ-Armor Suite from Computer Associates (CA). The main reasons I prefer EZ-Armor is that it is a small, tight program takes very few Windows resources, offers multiple updates per day (sometimes as many as five per day), has a more robust virus signture table and therefore, I have found it more adept at catching viruses than Norton. Also, Norton has a tendancy to bog down a system and corrupt it's registry as times goes on. I have just seen Notron miss too many viruses and bog down too many systems to really recommend it.

You can download the 1 year free trial of EZArmor here (http://www.my-etrust.com/microsoft/).

Also, CA is offering EZ-Armor free one year, due to a promotion they have had going with Microsoft since last year. After that, yearly renewals are only $24.95. So it is a cheaper solution overall. Also, since it is free for the first year, if you find you do not like it, just simply uninstall it and try Norton. That way you have not wasted any money on a product that you do not like. You can't lose either way.

As for a firewall. ZoneAlarm and BlackICE are probably the two best out there. EZ-Armor comes bundled with ZoneAlarm and I tend to prefer it myself. If you are on a boardband connection, I would urge you to get a router with a built-in firewall, as software firewalls are not always up to the task when it comes to a broadband connection. The band I recommend is Netgear. The RP614 model is what I use and you can get it cheap at your local Staples, Office Max etc. It generally runs about $60, but it is on sale a lot at those stores and on their websites. Sometimes, after rebate, it can be as little as $30. You can see the specs for that router here (http://netgear.com/products/prod_details.php?prodID=131).

Can I ask a question, please?

What is an AV tool? I do not have cable, DSL, or broadband, but am on dial up. Do I need the EZ-Armor thing? How do I know if I have a "firewall" or not? I am just NOT computer literate.

I have AdAware, Spybot and Norton Anti-virus (which I have to renew, but haven't had the $ lately, I know shame on me). I just can't afford all these things!

AV = Anti-virus program (or tool). Such as Norton or EZ-Armor.

If your Norton has expired, I would strongly suggest trying the EZ-Armor suite. And since it is free for the first year, you will not have to worry about paying for it until next September. If you find you do not like it, you can always uninstall it and purchase the Norton update. The link to the free 1 year trial of EZ-Armor is here. (http://www.my-etrust.com/microsoft/).

Since you are on dialup, you really only need a software firewall. The ZoneAlarm firewall is bundled with the EZ-Armor suite, so that would take care of that problem for you right there as well. :)

One important note for you and Abe. You MUST uninstall Norton before installing the EZ-Armor suite (or any other AV program for that matter). Two anti-virus programs should never be running be running on a PC at the same time

This site will help readers to decide what AV package to use. They do a fairly comprehensive analysis of the programs.

Anti-Virus Software Review (http://www.anti-virus-software-review.com/index.html)

Bit Defender and PC-Cillin are the top rated ones.

OTOH, here's another site with almost complete disagreement with the one above.

Antivirus Software Best Buy Reviews (http://www.software-antivirus.com/)

Ergo, it's a matter of who you want to believe.

A special thanks to Doctor Doom & NosferatusCoffin. I think I finally got the problem licked, but what an ordeal. I, as I'm sure you guessed, am not that computer saavy. I didn't realize that the spyware would not catch viruses and that AV software would not catch spyware.

Anyway, It took a combination of downloadable software to eliminate the problem. Ewido removed many of the problems I has experiencing. It removed the automatic dialers and restored my internet browser to my control. However, I was still experiencing a few error messages when I booted up and a free online Panda scan revealed that I still had the vicious malware, downloader.gk, in my computer. I did some research on the internet and visited some tech support boards and was able to remove some of the start up commands from my computer, that put an end to the error messages I was receiving when I booted up my computer. I then downloaded a free version of Panda it revealed the location of the downloader.gk trojans. However, it did not remove them. I had to choose to reveal my hidden folders and then I went into my C drive and removed them manually. This did the trick. My computer now shows now spyware or malware on my computer.

NosferatusCoffin was sure right about not running more than one AV program at the same time. As I experimented with various AV programs to locate the trojans they would all try and set up shop on my computer. I forgot I had Nortan, running, trying to protect my computer. It came with my computer 2 years ago and I forgot about it when the free year was up. Ewido was still trying to protect my computer and so was Panda. My computer was moving as slow as dirt. I had to go in and manually turn off all Pandas functions. I left Ewigo up and running to protect my computer. Now my computer is back to running at a fast pace as well as being virus and spyware free. I should probably go in an remove Nortan as well.

I have Ewido for free for another 2 weeks and Panda for free for the next month. After there free trials are over I think I'll uninstall all the programs and try EZ-Armor suite for a year.:cool:

This has been a real eye opening experience. BTW, does anyone know what will happen to all the spyware and malware that has been quarentined when I uninstall these temp programs and install EZ-Armor?

Glad that you got everything squared away and your PC is running smoothly now. :thumb:

As for the AV's running at the same time, yes, that will bog a systen down horribly and is a major crash waiting to happen. I would remove Norton and Panda for now and keep the other one until it expires. Then I would suggest getting EZ-Armor.

As for the spyware that is quaratined, you should have an option within the spyware remove tool to delete are spywares that are in Quaratine. You want to delete them totally. Also, cleaning out your cache would be a good idea as well.

Good to hear, bro. As for which is the "better" AV program, this will be a Ford vs Chevy debate for a long time. The factor to keep in mind is not how many viruses/worms it will catch as an impressive but meaningless number. WGAS if it detects one that hasn't been seen since 2000. The issue is how many does it detect of the ones that are actually "in the wild" and likely to appear in one's email or on the Web? All of them do that.

Best bet: do a Google search for reviews of whatever package you decide to get, and consider it based on prevailing opinions, particularly from IT and security sites. You'll find the views of all of them ranging from, "I'd strongly recommend it to my ex-wife's lawyer!" to, "It's the best thing since multiple orgasms!"

The old maxim applies: Cavet emptor -- Let the buyer beware. An informed decision is a good one.

AV = Anti-virus program (or tool). Such as Norton or EZ-Armor.

If your Norton has expired, I would strongly suggest trying the EZ-Armor suite. And since it is free for the first year, you will not have to worry about paying for it until next September. If you find you do not like it, you can always uninstall it and purchase the Norton update. The link to the free 1 year trial of EZ-Armor is here. (http://www.my-etrust.com/microsoft/).

Since you are on dialup, you really only need a software firewall. The ZoneAlarm firewall is bundled with the EZ-Armor suite, so that would take care of that problem for you right there as well. :)

One important note for you and Abe. You MUST uninstall Norton before installing the EZ-Armor suite (or any other AV program for that matter). Two anti-virus programs should never be running be running on a PC at the same timeHey Nos,
I have another question if you don't mind ... I tried to go get the EZ-Armor thing, but everytime I click on the download button nothing happens. I uninstalled my Norton, but didn't realize that ZoneAlarm comes with EZ-Armor Suite -- I had already downloaded the ZoneAlarm. Does that mean now it is blocking me from downloading the EZ-Armor anti-virus? Or do I not need an anti-virus now?
I am so confused! :question: Thanks for all your help!

That was a nasty bug! A few months ago my PC was hit with an embedded program that when using Google, it would come up with advertisement links only. I used S&D and AdWare. Those two were able to do the job, thankfully. I downloaded Sygate firewall for free and use that in combination with Norton. Since then, I've come up clean in all scans.

At work it drives me insane when people have Real Player, desktop themes that change by automatically going online every few days, etc. Those little programs cause all sorts of problems with spyware. I've started removing from all PCs at my worksite. Of course you can tell people to disable them when they are not in use but sure, they'll remember to do that. :unsmile:

As for the spyware that is quaratined, you should have an option within the spyware remove tool to delete are spywares that are in Quaratine. You want to delete them totally. Also, cleaning out your cache would be a good idea as well.One follow-up to this: if you are running Windows ME or XP, both of them have System Restore ability. This could cause grief. Once you've purged all the garbage and are sure that the system is running normally, TURN OFF System Restore to purge all the restore points. Then turn it back on and create a new point.

The rationale is that if you need to do a restore, you might choose one after your system was infected, and you'll restore the malware as well. It's better to have one good point than a dozen infected ones.

My system restore no longer works, it has an error whenever I try to launch it.
To lazy to try reinstalling XP though, and I haven't actually needed it.

Though there was that time when my resolution shrunk so little that all I could see was the bottem left start button and a little around it. (Probably from a program I downloaded and used that opened up with a really small res, I closed the program, and turned off the computer, next day I woke up with different settings.)

After messing around for a long time, (I wasn't able to change anything since whenever I tried to open something, it would appear to big.) I finnaly went into safemode (where everything was nice and normal) reopened the program but this time set it to launch at 800x600, and repeated the process that got me introuble to begin with.

Sooner or later I'm going to have a catastrophic error I won't be able to fix like that though...