>>> You must have installed ACID 4 at some point in time, yes?<<<

Not that I remember - and even if I did it was never ever on this machine. I have only had this since November-ish.

The only other thing I can think of that would be there then, is the Get Media feature, but that shouldn't be/isn't active to my knowledge. You have to engage it to cause it to go live.

Good list of tools, HappyFriar...

I use those along with Bazooka Scanner, which often finds one or two things the others miss; and BHODemon to identify browser helper objects. It's incredible and incredibly annoying how even the most careful of us wind up with this crap on our systems.

What I don't understand about those guys that write these spybot codes and programs is, these guys obviously have computers of their own. They must know how much of a pain spyware and self installing programs must be. Wouldn't one guy while writing one of these programs sit back and say...."Hey, I'm a pain in the ass !! Maybe I should stop ..."

Must be a weird state of mind knowing that your job is to create grief and you're ok with it.

yeah, but most of these things could be stopped with windows update. I don't do that because i don't want to. I used to install specific updates, but stopped when I noticed that you could have problems if they wearn't installed in a certain order, or you didn't have certain ones.

None of my editing PCs at home or at work are connected to any form of LAN but our old Internet PC was forever getting spyware and other crap until I put in a new hard drive, installed Windows 2K and Office 2000 then added McAfee Security suite and Web Root. Web Root appears to be a heck of a lot better than lavasoft's adaware and I guess most of you are familair with Norton Hantavirus's shortcomings.

btw: there is apparently a stripped down version of Kazaa that does not come with built-in spyware. Never tried it and don't know where one would get it but some of my co-workers praise it.

Another off topic note: apparently some groups are posting multiple copies of bogus tracks on Kazaa; fellow at work said he had to go and buy the new Rammstein CD because most of the tracks on Kazaa were duds. Ha ha ha!

Peter

I use virtual PC to run my internet stuff. If it gets hits, I restore one file and the "PC" is back. It does run standard anti-virus, spy bot, lavasoft and is current on all patches. So far it is not hit. If I do need something downloaded, I copy it via a RW-CD as I have security set so the virtual PC cannot see the rest of the network.

I also hide behind a firewall. If you can, turn off ICMP (ping) on your firewall. This will hide you from alot of hackers, not all, but a alot.

I think Microsoft should be the one to step up to the plate on the spyware issue! If they hold a virtual monopoly on the OS market they should be doing everything they can to protect the user base from computer B&E. (I'm not holding my breath.) Mac folks don't have near the issues we suffer. It's not that I'm an Apple booster, they're overpriced and overrated. However, if Vegas came out for Linux I'd be gone in a heartbeat!

Microsoft just bought Giant Antispyware and will give it (sell it?) to registered users.

Sort of a backwards way to fix Windows, but every little bit helps I guess.

There's some great advice here -- I'm sorry you had this problem. My advice to you --

One word: firewall.

To anyone who has an active internet connection but not a firewall, you're a sitting duck. ZoneAlarm is the most popular, and it's better than nothing, but Outpost Firewall is even better -- especially for those of you unwilling or unable to spend time learning a little bit about configuring a firewall properly (understandable, as it is a very broad topic).

That said, I try to see every problem as an opportunity to learn something new, so I purchased Tiny Personal Firewall, the software firewall with the meanest, leanest capabilities but with a slightly steep learning curve as well. It has proven to be an exceptional tool -- after a few minutes configuring, I get a perfect rating at ShieldsUp!

I paired it with F-Secure, which along with Kaspersky, is the highest rated AV software around, given what I've read from a series of "in the wild" tests. None of the more popular AV apps seem to work nearly as well as promised, and are often very intrusive -- McAfee, Norton, Symantec, AVG, etc. I tried both Kaspersky and F-Secure with their 30 day free trials and found Kaspersky had some software conflicts with my machine, where F-Secure didn't. I'm not going to bother myself troubleshooting one when the other works perfectly fine.

I have all of MS's auto-update and messaging features off, and I run Firefox and Thunderbird.

I haven't gone to SP2 because SP1 works fine -- why fix what ain't broke?

I scan all incoming downloads and attachments, as well as run a comprehensive, deep scan of all my files once a week when I know I'll be out of the house with the machine otherwise idled.

I haven't had a problem with my machine in months, except for an external firewire enclosure going dead :)

- jim

>>>- I'm sorry you had this problem. My advice to you --

One word: firewall.<<<

Not sure if this was for me? But if so I already mentioned several times I have a firewall up. You can read what I did to resolve the issue down below under the "Solved - I hope" heading. You might also want to read the "WOAH!! Sony spyware???" part as well. If it were not for the firewall I would not have even known this was going on.

As for the other stuff - yes, I agree and the main reason I started this thread, which seemingly most people have not gotten, is that this seems to be something *new*. While the actual toolbar might be somehting old how it gets onto a system might be new. Since I have been using computers I have never gotten hit with any virus or trojon. I am extremely careful and have always run virus scan and now, because of having a network up, run firewalls and run through a router that also has a firewall. I don't use Auto update on anything. I have never used Outlook Express. Blah blah - point is that this little beauty snunk onto the system and installed without any OSD, download messages or scan messages. Ad-Aware did not find it either. The files that installed and ran, once I found them, did not come up in searches. All were dated January 17, 2005. So take it for what it is worth.

Anybody else used your machine? - G

They heard you apparently!

http://www.microsoft.com/athome/security/spyware/strategy.mspx

Beta's available for download.

Pierre

(Edit: it detected 3 threats: Bargain Buddy, Kazaa, and Gain. Now to try it with Ad-aware).
(Edit: Ad aware only got 8 tracking cookies, TrojanHunter says it found the CPUhog trojan, while spybot also found gain plus BDE Projector and DSO Exploit. I feel like I need a shower)

The "DSO Exploit" found by Spybot is a bug - it ALWAYS "finds" that. Removing it causes no harm, so it's no biggie.

The MS program used to be called GIANT before MS bought the program. It was a well accepted newcomer on the spyware geek forums, and the company was responsive to suggestions. It showed a few false positives, but also caught more than anyone else. A good tool for the arsenal, IMO.

I found this - it is probably how it all happened. I have put the relevant info and cut the rest:

The flaw has been found in Java, which works on a variety of computer operating systems – from Microsoft’s Windows to free software Linux – which means any worm which exploits it could hit a variety of computer platforms.
[SNIP]
"Java is a cross-platform language so the same exploit could run on various [operating systems] and architectures," Pynnonen adds in his alert, issued on 23 November.
[SNIP]
The Java Plugin flaw is known to affect both Microsoft's Windows platform and the Linux operating system. It has also been tested on Internet Explorer and rival browsers Firefox and Opera. However, the flaw is not yet known to affect Apple's OSX operating system.

I also found a post like mine -
I'd been surfing the web for more than ten years and just got hijacked by a secret IE 'toolbar' the other day - some REALLY obnoxious thing from a 'Perezzz Software', apparently with an .ru domain (a Soviet operation?). Darned thing literally installed itself on my PC, just like a program, with its own sub-directory in Program Files, a bunch of registry entries, that Sypbot and Adaware didn't even recognize.

>>> Anybody else used your machine?<<<

In the real world - no.
In the cyber world - clearly yes. And these days it seems like that is just how it goes. With more and more software "demanding" the use of java and .NET is seems to be impossable to not allow someone (something?) to in some way take over your system. But at least with things like Vegas it informs you that it "needs" something, this Spyware install came from nowhere with no warning and little info anywhere on how to deal with it.