Posted 29 July 2007 - 03:11 PM
I've been warding off persistent attacks, from within my system-spies trying to send out information and from the outside-hacks trying to get in for as long as I have been using P2P, about three or four years.
Before P2P, I frequented warez sites with few problems. I was then using ZoneAlarm, Ad-Aware and AVG which were adequate for security. I added Protowall and noticed that ZoneAlarm was calling home more and more frequently, so I investigated and found out that ZoneAlarm had just been sold to another company and was identified as a spyware contributor. I immediately dropped ZoneAlarm and depended on Protowall, Ad-Aware and AVG for security.
To this day, they have done a remarkable job, but recently I have made a few stupid mistakes that allowed outsiders to plant root-kit spyware on my machines. I have been able to suppress them by spending a lot of time adding blocks to URLs that send out information or try to hack into my systems. They are very good and I am still learning how to identify them before they do any harm. At least, my ISPs have not complained and my bank information is still private.
Each time Windows, Ad-Aware, AVG or any app like Acrobat downloads updates for more than a minute or so, the connection is hijacked and I have a few more URLs to block. I have been unable to locate where they are located on my systems and they are really a pain to deal with.
There are five people on my local network, mostly hooked up by wireless and I have five other machines that use a mix of wired (Cat5) and wireless, so there are ten or eleven machines that are suspect. At worst, I will have to reformat and reload each one before anyone is allowed back on the network.
I have been in the computer business for more than forty years, but LANs and the internet have opened up a real can of worms (literally) and I have only a 'knowledgable user' level of experience with security, self-taught at that.
HiJackThis!, the AVG RootKit Beta, Ad-Aware and a myriad of root-kit detectors have not pointed out anything obvious to me, but I have suspicions about a few modules and hope to find help from the experienced professionals who inhabit this site. I have lurked around a bit here and am very impressed at the level of patience and commitment excercised.
I will collect my scraps of information and attempt to make a comprehensive request for assistance after I search out all previous requests similar to those that are plaguing me. I know it takes time to respond to complex requests and hope to keep mine to a minimum so as not to tax the able and dedicated staff and contributors here.
I am fortunate to have found this site and hope to eventually assist others and contribute much-needed funds, if I do not have to resort to PayPal, since they seem to be more and more intrusive concerning my privacy with respect to revealing SSN, bank information and credit card data.
Has any other longtime Paypal member encountered their 'Annual Request for Information' with respect to their 'Privacy Statement'? It really bothers me, and I am currently ignoring them, and they are ignoring my letter of account termination. They don't owe me much, so I told them to shove it. I hope BleepingComputer accepts credit cards because PayPal and I are through doing business.
Sorry for the rant, just blame it on an oledawg's persnicketyness.
Finally, I look forward to being extremely grateful for the information and assistance I will receive here.