Dear list...
I am sorry for bothering you with this, but knowing that some of you have Windows on your box, I rely on your forgiveness :
A week ago I had to buy a new PC for one of my daughters (14 years old). She absolutely needed Windows in order to run some special, school-related apps. The PC came with WinXP pre-installed.
The first thing I did was to install Mozilla, OpenOffice and some sort of firewall, called ZoneAlarm. Now, I thought it was safe....
Suddenly, when she tries to send an e-mail (from within Mozilla, of course, I'm not THAT stupid), up pops a message from our ISP saying that the box is compromized, accordingly the smtp-server won't accept the mail. In fact, her IP was blacklisted.
Some on-line security scans, revealed no less than 159 trojans, worms and viruses !
After heavy googling around, I purchased a spyware/trojan scanner called XoftSpy, which cleaned most of the shit. But nevertheless, a spyware trojan keeps coming in (SAHAgent). No matter what I do.
(The bugger doesn't show up in ControlPanel --> Remove software).
Well, I know next to nothing about Windows, but before I subscribe to a windows-list (which I would hate, really), I would like to ask if you can recommend :
1. A good, reliable firewall for Windows (preferably OSS and free) ? 2. A spyware/trojan/worm cleaner capable of removing all malware ? 3. Shutting down the whole kaboodle and wait for SP2 ?
Many thanks and apologies in advance
Kaj Haulrich.
Kaj; There's a firewall installed in WindowsXP. Look at the properties for your network card and click the "advanced" tab. Hopefully, that will help. Otherwise, try the free one at http://www.sygate.com.
For spyware, try Ad-Aware which can be found at ;
http://www.lavasoftusa.com/software/adaware/ , and make sure you also grab and install Reghance at the same site. Do the anti-spyware updates, and go thru the configuration menu to make sure that reghance gets attached to Ad-Aware.
SP2 is a major POS. I suppose you can try it, but the firewall isn't much better than the one that is already in WindowsXP, and SP2 can also break some existing software. Install and use at your own risk!
Install SP1 ( I strongly suggest you grab the download version in case you ever need to re-install it because Microsoft will be deleting it from their site soon!), without any other updates at all, then DirectX 9. That's all. Then install Mozilla-Firefox, block pop-ups in it, and set your system to deny all cookies. Under tools in Firefox, you can allow cookies for a specific site when you need to with a single click.
Link for DirectX 9 : Please copy/paste the entire link!
http://www.microsoft.com/downloads/details.aspx?FamilyId=9226A611-62FE- 4F61-ABA1-914185249413&displaylang=en
Use this link for Service Pack 1 if it's not already installed on your system, but do it quickly because Microsoft is already saying that it is no longer available!
http://www.microsoft.com/windowsxp/downloads/updates/sp1/network.mspx
Once SP1 is installed, remove Internet Explorer (it's OK, it'll just remove any mentions to it on the desktop and in menu's. You can still access it when you absolutely need to by going to "Start>Run>iexplore.exe". You should only need it when doing MS updates.). While you're at it, un-install Outlook Express and MSN Messenger. replace those with Mozilla-Thunderbird, and Trillian Messenger instead. You can find Trillian at http://www.trillian.cc/ ,
and it has NO spyware or Adware at all. handles ALL IM networks although Trillian has been battling with AOL for the last few weeks.
In Windows XP, go to My Computer and right-click the icon. Click on "Manage". Once you're in the new panel, go to Services and turn off the service called Messenger which only allows a lot of pop-ups to appear on your screen due to a vulnerability in Windows.
Return to the desktop, right-click on My Computer again, and this time, click on properties. Turn off Automatic Updates, and "Error Reporting" in the various panels or tabs of that applet.
Return to the Manage and Services sections I mentioned above, and turn off "Automatic Updates", and Remote Access". make sure you set them to "disabled" in the properties section of each one.
It's a lot, but that should help lock down your daughters system. If you need more help, contact me Off-List.
HTH
Lanman
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
