morning all,
my friend has just bought a computer, 2.5ghz,80mb h/d, and 512megs mem, running windows xp. the last week he says he has started getting "ads" popping-up on his desktop.
being slightly unfamiliar with xp, i suggested that he download zonealarm,spy-bot, and ad-aware etc, which he says he has done. however, when he tries to install zonealarm he gets the error message "this is not a valid windows installation". i believe that there is a feature on xp that allows you to "turn back" the registry to an earlier time, so if i was to reset it to the day of purchase, would this cure his problems?
any help greatly appreciated, thanks.
billy.
|
What form do the ads take? Are they in the form of Messenger Service boxes or are they small web pages, similar to the pop ads you get on certain web sites?
I've seen both on the same unpatched XP machine. If they're Messenger Service boxes, the advertisers are exploiting a feature called the Windows Messenger Service (not to be confused with Windows or MSN Messenger). This is intended as a quick and easy way of sending messages to users on a network but spammers have discovered a loophole that enables them to send messages to anyone on the internet with a vulnerable PC. A firewall, even if it's only the built-in XP one, should prevent them. It's also a good idea to disable the Messenger Service itself. See makeashorterlink.com/?G23525244 for information on this.
If the ads take the form of web pop-ups and aren't associated with the web pages your friend is visiting, the browser has probably been infected with some form of hijacker. AdAware or Sybot Search and Destroy (www.safer-networking.org - beware of similarly named imitations) should take care of that. They're free so you may as well have both. Using a browser other than Internet Explorer would also help, partly because these hijackers target IE, but also because most other browsers now have built in pop-up blockers. My preference is for Mozilla Firefox.
I'm afraid I don't know the reason for the ZoneAlarm problem. I used it for several years without problems. I'm now using Kerio Personal Firewall. Like ZoneAlarm, it has a free version that's good enough for the average user but it's not quite as easy to set up.
Yes, Windows XP does enable you to roll back the system to an earlier date, provided that System Restore is enabled. By default you'll find this under Programs - Accessories - System Tools. It can be a useful way of rescuing you from problems but bear in mind that it'll have the effect of removing any programs installed since the date of your chosen restore point.
|
thanks welliesorter,
the machine is only a fortnight old, and according to him, he has not installed anything on it yet,it's only been used on the net. i haven't seen the machine yet, so at this point i have no idea what form the "ads" are taking, or how he has his firewall set up etc (apparently it came with the "norton" suite installed, firewall, a/v,and utilities). i'm supposed to be going around on monday to see if i can help him out at all, so until then i wont have much more info,but thanks for the feelers. i think i will disable the messenger service anyway,cos i can't see him needing it. as it is in factory condition as far as installations go, i cant see it causing any probs as far as rolling the registry back. do you think that zonealarm is a better firewall than norton, if so should i disable norton or remove it prior to setting the zonealarm up for him.
many thanks,
billy.
|
If the machine is only a fortnight old, and hasn't had anything new installed, then I'd definitely try System Restore, provided that there's a suitable restore point available. Once that's done I'd go to the Windows Update site and install all the updates, especially those marked as 'critical'. If this has never been done before, you'll be shocked at the number of updates available.
I'm afraid I have no experience of the Norton firewall but would probably leave it in place, rather than bothering with the free alternative, if I found it pre-installed on a new PC. Just make sure that Norton and the built in XP firewall are enabled.
The advice on updates also applies to the Norton software. You need to run the Live Update feature regularly. This is especially important with virus definitions.
One pitfall to watch out for is that the version of Norton Antivirus supplied with new PCs only qualifies for three months of free updates. Although the software nags you to buy a subscription, many don't bother. I've known several people to get something nasty because their copy of Norton hasn't been updated after the initial three months.
If your friend is too tight to pay for the continued subscription (I was last time mine expired) there are freebie AV programs, of which AVG is the best known.
|
manythanks,welliesorter, advice noted and taken.
i will see whats happening on monday, and may well be picking your brains again!!
thankyou for now,
billy.
|
Don't panic too much, if its a new machine it may well just be the stuff encouraging you to take one ISP or another, this virus checker or another, and all the other stuff which is loaded on a machine when you buy it.
If it is that, it dries up pretty quickly.
|
|
|
|
>the machine is only a fortnight old, and according to him, he has not installed anything on it yet,it's only been used on the net
What do you mean only been used on the net? That's about the most dangerous thing you can do with a new machine, since new machines don't come with the patches installed. It is something of a scandal that this is so when Microsoft makes such a show of being concerned with security. Has he downloaded all the updates, service packs, patches, and sticking plasters to cover its gaping wounds? If not the machine will have been infected almost as soon as an Internet connection was established. It could take several hours of downloading even with broadband to patch it.
|
unfortunately chrisR, i wouldn't think he will have done,he'll just have plugged in and gone surfin,i'll try and put them on for him on monday, but as you say it may be too late,and several hours work may be needed. as i said earlier, i'm unfamiliar with xp, but i know where to come for good advice if we get stuck!! keep a watch on this thread mon-thursday next week :-)
thanks all,
billy.
|
You may find that the PC was supplied with a "factory image" on CD.
If you are in any doubt about the state of the system, you might be better to go back to that rather than try to use system restore. I'm no expert on Restore points but I think they are usually taken either manually or during certain software installs, so you may have no restore point to go back to anyway.
When setting up a friend's new computer a month or so back, I'd finished the XP install and connected to his broadband to download the M$ patches and virus updates. I was bombarded with virii each time. I'd get a couple of minutes activity complete (eg queue the M$ patches) then get rebooted. I ended up downloading the (many) patches virtually one by one, starting with teh one which cured Blaster last year.
|
|
|
|
"It could take several hours of downloading even with broadband to patch it."
Indeed - which is why even people who know to do it sometimes don't bother. It could take days using dial-up!
I've been using Windows 98 since it came out, and see no reason to 'upgrade'. 98 was scheduled for extinction (i.e. no more factory support) from last January, but M$ was so worried that users might switch to something else that would operate on existing hardware (like Linux) they have promised to support 98 until 2006.
I use Linux too, but it's not for everyone - yet.
|
|
|
|
|
|
|
When you say just bought do you mean new.or is it secondhand.before you say anymore would suggest looking at it first.I have doubts registry will do any good but if you do roll it.back it up.before doing so.not having read the other posts may be late here.on any installation of XP updates should be had as soon as connected to internet.including any virus updates.firewall.Messenger can be a prob as it isnt to do with M/S.and if updates arent obtained messages will get through.not so much a prob after.least I didnt find it to be.it is now disabled
|
|
|
|
I didnt read your first post.When you get a new Pc it is preinstalled with XP.but after up and running (ps not certain of some makes)you have to basicaly register either by phone or by internet.cant remember what its called.what happens or should with new pc XP takes system inventory and sends this to microsoft.in turn pc gets confirmation it is a genuine XP not a copied version.if this has not been done some software wont install as they search for this confirmation code.and it is always best to download the updates as soon as able.if not you can order the CD from microsoft.When I got my first pc with XP I had same problem.if you want an anti virus thats good/free try www.avast.com and install home edition it works very well.Using system restore wont cure the prob.But then I may be wrong
|
"www.avast.com"
Thanks for that! I've been using AVG, which I quite like, but it's useful to have an alternative.
Pleased to hear today that the writer of the Sasser virus has been caught. Perhaps if they put him to a firing squad, it might give the others pause for thought...
|
Pleased to hear today that the writer of the Sasser virus has been caught. Perhaps if they put him to a firing squad, it might give the others pause for thought...
I get the impression it gives them a buzz ie who can do the most damage.firing squad too good?
A usefull feature of avast it can be used as screensaver so it scans while your away from pc.not had that with others
|
|
|
|
I installed the Google toolbar which blocks the vast majority of ads, and to deal with messages I set my privacy level to block their cookies individually.
Am I being naive in thinking that it's this simple?
--
L'escargot by name, but not by nature.
|
It mostly is that simple. But don't forget that the large part what you are doing is stopping adverts.
Ideally you would also have a virus scanner, firewall and something to block the smarter advert software.
All pretty easy to install.
Personally I like Panda for Virus, Zone Alarm for firewall and Ad-Aware for the rest.
|
It mostly is that simple. But don't forget that the large part what you are doing is stopping adverts.
I suspect the original problem related not to legitimate ads but to either Messenger Service spam or one of the many Internet Explorere hijackers.
I know it's been mentioned here previously, but there are privacy concerns with the Google toolbar.
|
|
|
|
|
