Let me start from the beginning... my computer was running slower than slow yesterday, and my husband recommended downloaded Ad-Aware and running a scan... he then said to go to their help forums (bulletin board, like here) and they will walk you through what to do next. I did that, and at the time had quite a few items in quarantine. One of the guys said I could easily delete everything, no problem. So I did, and then another guy, apparently a moderator, said that I shouldn't have listened to his advice, because he's a newbie (der, I should have looked, he had 14 posts and this moderator guy had like 6000!). Anyway, my pc is running fine right now, so hopefully whatever I deleted yesterday wasn't a necessary thing. (I tried to go to my quaratine log and recycle bin to restore, but nothing was in either one). Maybe the files are hidden somewhere? Luckily (or not) I didn't do a shut down last night, I logged off (I have Windows XP).

This morning when I got into work I downloaded the updates, and ran a new scan. I now have 80 or so things in quarantine, but I don't know whether I should delete them (and nobody has answered my ?? in the forum over there).

My 3 questions:
1. How do I know what is safe to permanently delete, and what isn't?

2. If I install Yahoo IM on my machine, does that open me up to more unwanted files than just surfing the net? My husband thinks that all IM's are bad news.

3. How can I set my cookie/security/privacy settings in Tools/Internet Options, so that I can still visit sites without much hassle (for instance, hotmail, a MSN group, Yahoo email etc).

Thanks in advance for any help/insight anyone can give me... I'm worthless when it comes to this stuff!!!

~Tara

ps - my hubby said I should just talk to the IT people, but I want to wait and see if I can do this myself...

I've used ad-aware for a year now.

As to your first question, yes, feel free to delete whatever you've got quarantined. if you look at the results every time you scan, you'll see that most of the spies are recurring.

As for the second, I've been told that IMs introduce these spies to your system. that's why you run ad-aware (or another good one is spybot) on a regular basis.

As for the third, no idea. Sorry.

Val

Typicaly speaking, you can pretty much delete everything that ad-aware and spybot detect. These programs are directed to search out unwanted cookies in your system that are known culprets. I have always deleted everything that it has come up with and you will have to know what you are looking at in order to keep the ones that are safe (I use this term loosly). It would be a good idea to run both ad-aware and spybot as one has a tendancy to pick up stuff that the other one doesnt.

As far as the IM goes. I run MSN IM without any problems. It may open you up to unwanted advertising but you can just run the two prorams once a week to clean things up. More than likely you wont get much of anything through the IM.

The firewall, hmmm, well you can use the one in XP but it isnt a very strong one. You are better off downloading a better firewall. There are quite a few good ones out there and maybe some people here can give you some options. I have mine set up through a Linksy's system. With the XP one, you will just have to go through everything to decide how strong you want it and what to allow.

I'd ask your IT department before you go any farther.

1. I delete everything that Ad-Aware finds.
2. I agree with your husband. IM's are a big security hole if the firewall allows the traffic.
3. Depends on how proactive you want to be. If you want your PC to be ultra secure then your going to be hassled alot. You kind of have to find the happy medium for yourself.

3) I would try and avoid IE if at all possible. There are several good alternatives out there including Mozilla FireFox (www.mozilla.org) and Opera (www.opera.com) . There have been several warnings that Internet Explorer should not be used because of the way it handles things such as ActiveX controls.
http://www.internetnews.com/security/article.php/3374931

As for Reefscapes suggestion about a firewall, as far as software firewalls go, ZoneAlarm (http://www.zonelabs.com/store/content/home.jsp) is good and there is a free version. You mentioned you were at work, so you shouldn't need to worry about running a firewall there as I would assume that you are behind a decent hardware firewall.

And yes, as suggested by Walrus talk to the IT guys before installing/changing things.

Great, thanks guys!!

Reefscape ~ that's my problem, I don't know what I'm looking at when I look at the qt log, so I don't know what's ok and what's not ok to delete.

Firewall ~ Like Elmo said, I don't think I need a firewall, my company has a good one, I'm sure of it.

Other browers ~ My husband uses Mozilla on our home pc and I love it, except that it doesn't allow me to post on my MSN boards (which is what I do most on the internet, besides here!)

IT guys ~ I don't like any of them, hahah! But if I get into any real trouble I'll talk to them. I think I should be ok with the Adaware and maybe installing Spybot too.

Internet security ~ I have Privacy set to Custom (accept 1st party cookies, prompt 3rd party, always allow session cookies) and have a few websites over-rided to allow cookies.

IM ~ I may try to download Yahoo IM and see what happens... after I get my computer cleaned up right now!

Thanks for your help everyone, you have no idea how much I appreciate it!

~Tara

Once the items are in quarantine and your computer is still starting/running fine, then you can delete them.

And BTW- zonealarm does not work with Trillian.

One more question!

From the Adaware QT screen, when I click on delete, that deletes the QT backup files, but does it actually delete the files themselves, or do I have to go somewhere else to delete them?

edit: :eek: *#!@!! I deleted something that I shouldn't have!!! When I rebooted, I got this message:

c/windows/downloaded program files/bridge.dll
specified module could not be found

And now that I think about it, when I clicked on "restart" I got a message that said rundll32.exe ending - end now? Any unsaved information could be lost.

What did I do?!

~Tara

Dwayne,

1. If you are nervous about deleting a system file in windows XP here's what you do....do you have a Windows XP boot up disk?
If not then go to My Computer-->C: then click on Tools up at the top of the window, pick "Folder Options", pick the "View" tab, and make sure the "Show hidden files and folders" option is picked.

Hit apply and you will see several, previously unseen files in your C: drive. Copy three of these files onto a diskette: (boot.ini, NTDETECT.COM, and ntldr) and label that diskette as a Windows XP Boot Disk. Keep it close to your computer where you always know where it is.

With that disk, if you accidentally delete a file or folder that prevents your computer from booting up, you can put the diskette in and start up your computer.

Now about fixing the problem after you have booted up:

XP comes with a wonderfully useful feature called System Restore. Your computer automatically saves your computer's configuration every few days. If you delete something important for the functionality of your computer you can use system restore to recover from it.

After you have booted up using the boot disk, go to START-->All Programs-->Accessories-->System Tools-->System Restore and follow the Wizard that pops up to guide you through the restore. Trust me, this feature has saved me from having to reinstall Windows XP several times.

2. As far as how much security you need for your computer that depends on what you use your computer for and how safe you want it to be. Do you keep personal information on your computer? Do you pay your bills online, order online, or do online banking? If so then you will want to secure it well to prevent identity theft.

Pick one of the brands of adware removers. I use Aluria's Spyware/Adware remover but their are others just as good. You can use that to get rid of unwanted programs on your computer that can spy on you and/or steal personal information.

Reefscape mentioned a Linksys router and this is a good device to protect your computer. Even though it is called a router it is actually a level 3 switch(just means it's a switch with Network Address Translation"NAT" software in it).

When you use a NAT device, it will show it's address to the internet but not the address it is using to connect to your computer. So if someone tries to send a malicious program to what they believe is an IP address of a computer, it will only get as for as the NAT device and then be stopped. But make sure you set a password on the NAT device with a really good password. Otherwise someone could hack into the device and bypass it.

-Disclaimer- The NAT device is not a sure fire way to protect a computer. It only makes it more secure. The only way to completely protect a computer is to disconnect it from the internet and any other computers and lock it in a vault. Anything less and you can be hacked into.

3. In the Tools/Internet Options you can choose the Privacy tab and choose to block all cookies by raising the bar to the highest setting. Under the Security tab, you click on the Custom Level button and can go through everything that IE will or will not allow to secure your web browsing. Those options are personal decisions about what you are most worried about being taken advantage of. You could click every one on Prompt so your computer will ask you first before it allows anything.

If there's any other questions or clarification of anything shoot me a PM and I'll try to help out.

Check this out:

http://www.2-spyware.com/file-bridge-dll.html

and

http://www.experts-exchange.com/Operating_Systems/WinXP/Q_20898768.html

The bridge.dll is spyware, and it can cause corruptions in the other file. Removal won't be a bad thing. If you're getting something that's asking for the bridge.dll, it may mean that you still have some of the spyware installed on your machine.

Thanks OG.... I just tried to do a system restore, and it said that that function was turned off my computer! I activated it, but since that dll is a spyware anyway, then I won't stress about it! I'll check out those other sites you posted for me too.

Thanks again everyone for all the help and suggestions!

~Tara

I thought someone had mentioned Spybot, but I couldn't find it in any of these posts... but whomever put the bug of Spybot in my ear, thanks a TON!!! I downloaded it, did a total scan of my computer, it picked up stuff the AdAware missed, and even got rid of whatever files were causing that annoying error message when I boot up!

Thanks, friends!
:D

~Tara

Actually Tara, I think Reef mentioned it but didn't give a specific site to go to because I went home and did the very same thing and walaa.... my pop-ups are all gone too :D

I hi-jacked the idea ;)

Oh D-doll, you are such uh........uhhhhhhh Hijacker :thud:

:D

And you guys are welcome.

hehehe, ah Reef, was there ever any other doubt? ;)

(and I appreciate anything from you! :D)

hehe, hi-jacker! You can hi jack my thread any time DD!

Thanks Reef!

I will faithfully run Spybot and Adaware, and delete all internet temporary files once per week.

~Tara

I'm late to this discussion but I haven't gotten any spyware crap on my system in months since I started a dedicated lock down of the machine.

I do use IM (Trillian, MSN, and AIM) and used correctly there's no more chance of getting spyware from it then a web browser. I also use emule and soulseek with no problems.

1: Firewall software
This should be the first line of defense. This keeps your ports closed so if someone scans you you won't have open ports to the Net. It will also tell you if a program is trying to use the Internet; if Silly game demo.exe is calling home, you'll know with a firewall. Even more so, if you don't know what silly game demo.exe is you can look it up online and see if it is known to be spyware. Otherwise it can connect to the internet silently.

I heard ZoneAlarm and Norton Internet Security were okay. I like BlackIce, but it's hard for newbies to configure. <y favorite is Agntium Outpost, it looks and works well and it is easy to get working. This software is the most important piece of the puzzle. With open ports worms like Blaster can easily get on your machine.

2: As was mentioned a NAT firewall is a good idea (I however, had been runnning for several months without NAT but with all the other things in place and didn't get any spyware outside of relatively benign cookies). For someone like me who runs a lot of P2P software (gotta download Japanse TV somewhere) NAT is a pain in the butt, but for normal use it can really help to lock down a network and machine, since it will keep connections outside connections from connecting to you.

3: Antivirus software. This has to be kept updated. I get Symantic Corporate from my University, but Norton, Mcaffee, F-prot, and Panda are all good. Scan anything you download, especially rar, zip, and exe files. AND KEEP IT UPDATED!

4: Don't use Internet Explorer and Outlook express. I use Firefox for web browsing and Thunderbird/Eudora for mail (if I have to, I tend to just use webmail). Firefox has many great features, including themes, tabbed browsing and hundreds of useful plugins. Other good browsers are Opera and Camino for the Mac (though Macs are far less prone to this crap).

5: Dedicated scumware checking: In a well established aquarium, you shouldn't have ammonia. But you still need to have a check for it. Ditto with spyware. I run both Spybot and Adaware regularly.

6: Disable the Windows XP services you don't need. Mac OSX does this automatically. Here is a good walkthrough of everything you need to do for it:
http://www.blackviper.com/WinXP/servicecfg.htm

Now, the reason someone is telling you not to remove files with Ad-aware is this: some worms/viruses will attack and attach themselves to windows networking files. When you remove it, you screw up windows networking and cause other problems (this happened to me w/ spybot and what prompted the lock down). Obviously the scumware people do this so you won't uninstall their crap next time. The best way to test this is to quarientine first. If you reboot and there's a problem its probably the taking out of the spyware.

This is why I believe spyware being on your machine is a failure. Taking it out can cause problems. As with aquariums, prevention is the best cure. Like I said in months of computing (including always being logged on to two or three IM services) I've never had a problem. Before this dedicated lock down I would always find some scumware hidden somewhere on my machine and it really killed my performance.

Thanks for your response kikuchiyo! Since I'm at work, I am leary to install a different browser (we use mozilla at home), and I don't think a firewall is necessary. I am so glad I put these programs on my computer and will faithfully clean my system once a week!

ps ~ what does your signature mean (the japanese letters)??

~Tara

No problem. At work you might already have a system wide firewall, but it might be good to ask your company IT monkey ;)

It says "Otoko wa tsurai yo." Being a man is hard. Though my girlfriend always retorts "Onna wa tsurai!" or being a woman is hard (and I tend to agree with her). It's also the title of a long running series of Japanese movies about a guy traveling Japan and the silly difficulties of manhood.

Being a woman is 10,000 times harder than being a man! ;)

~Tara

Originally posted by dwayne
hehe, hi-jacker! You can hi jack my thread any time DD!

Thanks Reef!

I will faithfully run Spybot and Adaware, and delete all internet temporary files once per week.

~Tara

Thanks Tara ;)

Originally posted by kikuchiyo

6: Disable the Windows XP services you don't need. Mac OSX does this automatically. Here is a good walkthrough of everything you need to do for it:
http://www.blackviper.com/WinXP/servicecfg.htm


Just a note, I would avoid simply disabling the services that this guy says are safe to disable unless you have some sort of an idea of what you are doing. I have had a fair number of people coming in very frustrated after spending a lot of time trying to figure out why something isn't working, and the fix ends up being a service not being able to start because a dependancy was disabled. Often this has been a result of someone following an xp tweak tutorial without fully understanding what they were doing.

Thanks for the heads-up Elmo... I would never mess with my windows settings, unless specifically told by one of my IT people. I am not even sure I would know what to disable and what not to disable! :D

~Tara