Have you tried to do a restore? Quoting LarryB <larryb227@xxxxxxxxxxxxx>: > I really appreciate all the information late or not and obviously I > will learn from all this. > > Presently I have kinda got it our of the systray but still get the > yellow triangle with "System Alert: Trojan-Spy-Win32@mx" > > Then the moment I try to go to the Internet I get railroaded to > "secureonlinetags.com" and have to use Task Manager to stop the > initiated system scan that also starts. > > The site comes up with M$ colors and starts the scan. > again the Task Manager stops it for the moment. > > When and If I get this thing resolved I'll be back for other setup > instructions. > > Again Thanks for your time and effort all. > > Larry Browning > K & L Electronics > Anderson, SC > > > > Clint Hamilton-PCWorks Admin wrote: >> I can't find your post now, but yesterday you asked about >> Spyware Blaster and SpyBot and how they block things. I forgot >> to answer that in my reply. I thought I already said this, but >> Spyware Blaster does not have to be running in the background, >> in fact, it can't. It works by simply placing thousands of bad >> URL's and websites in the browser's Restricted Sites zone (FF >> too), and using thousands of registry tags, downloaded program >> files blockers, hosts file protection, etc., etc. All these >> things prevent its detected malware from ever getting on your >> PC. You have to be sure to "Enable all protection" with it, >> and be sure to make backups with it. It can make a "System >> snapshot", and backup important things that can be restored. >> >> SpyBot does it BOTH ways. In addition to what Spyware Blaster >> does (using the "Immunize" button), it has two 'scanners' >> so-to-speak. One is some kind of DLL, "Resident SD Helper" >> that blocks all downloads from sites in its database. You did >> not have it active, because like I said yesterday, I couldn't >> even get to that website, it blocked me from it. The other is >> a great one, "Resident TeaTimer" which DOES have to be running >> in the background. It shows in the System Tray. This protects >> you from things being added to the Start Up folder, and that >> "Run-" area in the registry where things are added to startup >> in Msconfig's area, as well as many other forms of protection. >> NEITHER of these are checked by default, you have to check both >> boxes in SpyBot's Tools > Resident area. Like a firewall, >> TeaTimer will ask if you want to allow or deny action it >> detects, and if you want it to remember the action. Then >> there's also the "IE Tweaks" area that can "Lock the Hosts >> file........." as protection against hijacks. >> >> None of this ever would have happened if you would have had >> those areas active. But, now you know. ;-) Even if you click >> on something bad, nothing will happen with these programs and >> ALL of their features active (as long as the malware or website >> is in its def's and database of course). But both the SD >> Helper and TeaTimer also work off of heuristics and detection >> of suspicious behavior, so even if something is not in their >> def's, they can still protect you from the "actions" of said >> malware. >> >> Regarding the firewall, regardless of how complicated they may >> be, everyone should still use one. Even at their default >> settings they are still better than nothing. Yes, like >> anti-malware programs, one router is not enough. I guess two >> is enough, anymore than that could lead to conflicts. A >> hardware firewall (like from the router) is good for certain >> things, but not for others. You will also get no warnings from >> it when it blocks or allows traffic. A software firewall adds >> another *configurable* layer of protection that protects >> against far more things than just traffic. Using both, and >> having both setup CORRECTLY, you have the best chance of >> protecting yourself. It's sort of like a bulletproof vest; >> level II is fine for most handguns (sort of like maybe the >> router firewall), level III is fine for all but the most >> powerful of handguns, and the new "dragon skin" type or level >> III+ with the ceramic shield will stop anything except the .50 >> cal or magnum sniper rifles at close range, which is in a >> manner of speaking what you want to achieve with your PC. >> -Clint >> >> God Bless >> Clint Hamilton, Owner >> http://www.OrpheusComputing.com[1] >> http://www.ComputersCustomBuilt.com[2] >> >> >> ----- Original Message ----- >> From: "LarryB" >> >> Thanks for the input Hugh. >> You are probably right in that I clicked on something that >> triggered >> this whole mess. Time pushing is often the culprit and slowing >> down >> would be the cure. >> I have done the "immunize" in Spybot on all 3 of my computers >> so that's >> done. I have also installed Comodo Firewall Pro on just one so >> we'll see >> how that works. It appears to be easier to understand vs Sygate >> so far. >> >> >> LarryB >> Have a great day >> >> >> Hugh Vandervoort wrote: >>> No firewall or router can protect you from packets you allow. >>> You were >>> enticed, somehow, to click on something malicious, and no >>> firewall can >>> protect from that. The only protection is to be more careful, >>> and that's >>> not always easy as these guys are very clever (Click here to >>> Feed the >>> Homeless!) >>> I have found home firewalls to be a source of far more >>> irritation than >>> protection. While they have come a long way, they are still a >>> source of >>> confusion and irritation to many, and not worth it for the >>> average user. >>> If you haven't used Spybot's "Immunize" feature yet, I >>> encourage you to >>> do so. >>> Links: ------ [1] http://www.orpheuscomputing.com/ [2] http://www.computerscustombuilt.com/ ========================= The list's FAQ's can be seen by sending an email to PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line. To unsubscribe, subscribe, set Digest or Vacation to on or off, go to //www.freelists.org/list/pcworks . You can also send an email to PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your member list settings can be found at //www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have access to numerous other email options. The list archives are located at //www.freelists.org/archives/pcworks/ . All email posted to the list will be placed there in the event anyone needs to look for previous posts. -zxdjhu-