Topic: Stupid Spyware  (Read 5213 times)

0 Members and 2 Guests are viewing this topic.

Offline Clark Kent

  • Captain
  • *
  • Posts: 6071
  • Gender: Male
Stupid Spyware
« on: July 02, 2004, 11:45:55 pm »
I was having majotr problems today, so i decided to run a spyware protection program, and came up with several files.  i keep blocking them, but they keep coming back each time I restart, and i don't know how to get rid of the stupid things.  Anyone have some advice?
CK

But tell me, can you heal what father's done?
Or fix this hole in a mother's son?
Can you heal the broken worlds within?
Can you strip away so we may start again?
Tell me, can you heal what father's done?
Or cut this rope and let us run?
Just when all seems fine, and I'm pain free, you jab another pin,
Jab another pin in me
-Metallica

Offline kmelew

  • "From the Place of the Hops-Growers"
  • Lt. Commander
  • *
  • Posts: 1343
  • Gender: Male
Re: Stupid Spyware
« Reply #1 on: July 02, 2004, 11:47:59 pm »
If you know what the executables are you can always try to kill them in the registry.  Be very careful!
"I'm Kmelew, and I approve this post."

Offline likkerpig

  • Commander
  • *
  • Posts: 2614
  • Gender: Male
Re: Stupid Spyware
« Reply #2 on: July 02, 2004, 11:51:13 pm »
I've found my Norton picks up some spyware that Adware and Spybot S&D missed. Even Norton couldn't get rid of it automatically, I had to manually delete files following the directions from the Norton site.
Also do you have the latest upgrades for your spyware detection program?
A couple of ideas anyway.
"Atheism is a religion like not collecting stamps is a hobby."



Offline Clark Kent

  • Captain
  • *
  • Posts: 6071
  • Gender: Male
Re: Stupid Spyware
« Reply #3 on: July 02, 2004, 11:51:56 pm »
If you know what the executables are you can always try to kill them in the registry.  Be very careful!

sadly, i don't know how to use the registry.
CK

But tell me, can you heal what father's done?
Or fix this hole in a mother's son?
Can you heal the broken worlds within?
Can you strip away so we may start again?
Tell me, can you heal what father's done?
Or cut this rope and let us run?
Just when all seems fine, and I'm pain free, you jab another pin,
Jab another pin in me
-Metallica

Offline Clark Kent

  • Captain
  • *
  • Posts: 6071
  • Gender: Male
Re: Stupid Spyware
« Reply #4 on: July 02, 2004, 11:55:52 pm »
DOn't have norton for the PC, I'm using a progam I DLed from AOL- their program, FYI.  i think it's up to date, but considering some of the spyware it's picked  up is for stealing my data and sending it around i don't want to put that puter online right now.
CK

But tell me, can you heal what father's done?
Or fix this hole in a mother's son?
Can you heal the broken worlds within?
Can you strip away so we may start again?
Tell me, can you heal what father's done?
Or cut this rope and let us run?
Just when all seems fine, and I'm pain free, you jab another pin,
Jab another pin in me
-Metallica

Offline kmelew

  • "From the Place of the Hops-Growers"
  • Lt. Commander
  • *
  • Posts: 1343
  • Gender: Male
Re: Stupid Spyware
« Reply #5 on: July 03, 2004, 12:02:59 am »
If you know what the executables are you can always try to kill them in the registry.  Be very careful!

sadly, i don't know how to use the registry.

If you can get the names of the spyware executables run Start-->Run-->Regedit and do a search for the executable.  When you find it, simply delete it.  Keep on searching until the whole registry is complete, as the executable name may appear in more than one key.  A word of caution--if you accidently delete an incorrect key, you can really mess up your system, so to be safe make a backup or at least a system recovery disk.  I'm pretty sure that Norton has the ability to make multiple backups of the registry (Windows automatically backs up the registry when you  exit, but if the registry has an error the error may be backed up as well).

I recently had to do this with an annoying app which kept setting my default homepage to some spyware search engine.

Ah for the days of WIN.INI and SYSTEM.INI with their RUN= and LOAD= commands!  ;D  ;D
"I'm Kmelew, and I approve this post."

Offline Gambler

  • Lt. Commander
  • *
  • Posts: 2120
  • Gender: Male
  • Don't bet on it
Re: Stupid Spyware
« Reply #6 on: July 03, 2004, 09:07:08 am »
About a month ago I downloaded SpywareGuard.  It's from http://www.wildersecurity.com.  It was highly recommended by Tech TV.  It stops spyware and homepage hijackers as well.

I'm a Man
But I can change
If I have to
I guess


WWJKD - What Would Jim Kirk Do

I thank God I grew up in an age when a kid could still play with things that could put his eye out.


Offline jualdeaux

  • The Quiet One
  • Global Moderator
  • Commander
  • *
  • Posts: 2758
Re: Stupid Spyware
« Reply #7 on: July 03, 2004, 10:38:24 am »
I have a cousin that is going to be VP of Investigative Services for Sony Pictures and he recomended SpyCop for these things.
http://spycop.com/products.htm

Actually, He recommended using it in conjunction with Adaware and Spybot.
« Last Edit: July 03, 2004, 10:42:10 am by jualdeaux »
Only in America .....do we use the word 'politics' to describe the process so well: 'Poli' in Latin meaning 'many' and 'tics' meaning 'bloodsucking creatures'.

Offline Bonk

  • Commodore
  • *
  • Posts: 13298
  • You don't have to live like a refugee.
Re: Stupid Spyware
« Reply #8 on: July 03, 2004, 03:58:06 pm »
http://www.cacl.ca  (re: your sig)

Offline Javora

  • America for Americans first.
  • Commander
  • *
  • Posts: 3002
  • Gender: Male
Re: Stupid Spyware
« Reply #9 on: July 03, 2004, 04:45:28 pm »
If you know what the executables are you can always try to kill them in the registry.  Be very careful!


sadly, i don't know how to use the registry.


First I would suggest downloading and running HijackThis.  Then I suggest going to The Tech Support Forum.  The people there can walk you through the removal process.  Hope this helps.

Offline Clark Kent

  • Captain
  • *
  • Posts: 6071
  • Gender: Male
Re: Stupid Spyware
« Reply #10 on: July 03, 2004, 05:39:43 pm »
Thanks all, I've managed to get them all but one, and can't quite track that one down.   >:(
I'll try DLing hijack this, see where it gets me.
CK

But tell me, can you heal what father's done?
Or fix this hole in a mother's son?
Can you heal the broken worlds within?
Can you strip away so we may start again?
Tell me, can you heal what father's done?
Or cut this rope and let us run?
Just when all seems fine, and I'm pain free, you jab another pin,
Jab another pin in me
-Metallica

Offline RogueJedi_XC

  • XenoCorp® Member
  • Lt. Junior Grade
  • *
  • Posts: 249
  • Gender: Male
  • Code ID-10-T
    • The Brain Fart
Re: Stupid Spyware
« Reply #11 on: July 03, 2004, 08:32:51 pm »
This sounds a lot like a hijacker we've been dealing with at work for the last month or so.
Does your homepage come up as "res://hultk.dll/index.html#96676"? The .dll file can have any random 5 character name.

If you have this, you are, in a nutshell, screwed. It is so deep into your system the only way to get rid of it is to format and re-install. Then never, ever again visit the webiste you got it from (i.e stay off the porn, son!  ;D ). Trust me on this, no matter how often you delete the files it will come back. Internet Explorer itself is the culprit this time out, and AFIK, no one has yet discovered a full-proof way to get rid of it.

Oh, yeah. Use Firefox, Mozilla, or Opera. Drop IE like a ton of bricks. It's one big security hole that you neither want nor need.
RogueJedi_XC
Xenocorp.net

Offline likkerpig

  • Commander
  • *
  • Posts: 2614
  • Gender: Male
Re: Stupid Spyware
« Reply #12 on: July 03, 2004, 08:45:20 pm »

 Then never, ever again visit the website you got it from (i.e stay off the porn, son!  ;D ).

 :o  :o  :o  :o
Heretic!
Without porn, what's the point of computers? The internet? Life?
Yeesh, buy a Mac before you get this drastic!
"Atheism is a religion like not collecting stamps is a hobby."



Offline Darth Sidious

  • Lt.
  • *
  • Posts: 598
  • One Winged Angel
Re: Stupid Spyware
« Reply #13 on: July 03, 2004, 09:28:23 pm »
Then never, ever again visit the webiste you got it from (i.e stay off the porn, son!  ;D ).
Oh, yeah. Use Firefox, Mozilla, or Opera. Drop IE like a ton of bricks. It's one big security hole that you neither want nor need.

Or use a limited account using Moz/Opera/FIREBIRD for all your pr0n needs.

Offline Grim

  • Lt. Commander
  • *
  • Posts: 1004
  • Gender: Male
Re: Stupid Spyware
« Reply #14 on: July 03, 2004, 09:41:25 pm »
Internet Explorer has a major major flaw in it, i should know i was hit by a trojan last week, kept redirecting my page to about:blank and loads of popups, tried all sorts, hijack this, adaware, spybot etc and i couldnt remove it.

I sorted it out basically by restoring my pc to its previous factory state, essentially removing everything off it since i bought the machine. I then dumped IE and am using Firefox now.

Microsoft are in a rush to get the major flaw fixed, however most security companies, government related agencies etc have advised surfers to not use IE at all until the issues are sorted out.



"US Government warns against Internet Explorer: Internet Exploder will harm your machine
Inquirer.net ^ | Wednesday 30 June 2004 | Tamlin Magee

Posted on 06/30/2004 9:38:30 AM PDT by demlosers

THE US GOVERNMENT has sent out a warning out to internet users through its Computer Emergency Readiness Team (US-CERT), pleading users to stop using Microsoft's Internet Explorer.

Following a malware attack last week which targeted a known flaw in IE, like so many other attacks, the US-CERT recommended using alternative browsers thanks to their increased security. Microsoft is hurriedly trying to increase IE's security with the Windows XP Service Pack 2, but it's not fast enough for many.

In a vulnerability note released by US-CERT, it says "there are a number of significant vulnerabilities in technologies relating to the IE domain" and that "it is possible to reduce exposure to these vulnerabilities by using a different web browser." Well, they're right.

The latest "extremely critical" IE bug has still not been patched by Microsoft."



« Last Edit: July 03, 2004, 09:43:20 pm by Grim »

Offline Pestalence_XC

  • "The Terminator"
  • Commander
  • *
  • Posts: 2636
  • Gender: Male
  • "The Terminator" Pestalence_XC, Xenocorp
Re: Stupid Spyware
« Reply #15 on: July 04, 2004, 03:33:23 am »
Ok.. I wrote up a guide for people to follow on how to correctly configure Windows and Internet Explorer to help prevent Spyware and also provided the best utilities to use in removing spyware.. which happense to be Spybot Search and Destroy and Ad-Aware 6.. most other programs that remove spyware usually installs spyware with the program only so that they can remove them after install during the first run so that you will purchase it.. plus they sometimes block other spyware engines from finding spyware that it installs on your system...

One such example is SpyHunter.. it is loaded with over 12 different spyware programs and it blocks out definitions in Ad-Aware 6 as well ass sometimes completely killing Spybot S&D.

anyhow.. here is the page I created on proper setup of Internet Explorer for SP 1.. i will update the patge as soon as SP 2 is released publically from Microsoft.

http://www.nightsoft.net/effhq/IE.html

Please follow all the instructions.. it will take a couple of hours to go through all the steps.. and if you have questions when it comes to the Hijack This.. Please just send me an email of the hijack This log file and I will break down for you on what to keep and what to remove to ensure system integrety. the only thing I will not provide for support on Hijack this is for your system start up programs.. removing those components will prevent programs from launching with your system (icons next to system clock and sometimes spyware exe files).. I will do my best to point out the spyware files.. however I will not recommend removing any legitimate programs from system start up.. you will have to choose to do that on your own.. but removing as many programs from system start up as possible is most recommended.... I say this as it will free up system resources which can be applied to your actual applications... but that is your choice..

anyhow.. let me know and I will help.

Pestalence
"You still don't get it, do you?......That's what he does. That's all he does! You can't stop him! It can't be bargained with. It can't be reasoned with. It doesn't feel pity, or remorse, or fear. And it absolutely will not stop, ever, until you are dead!"

Member :
Xenocorp / Dynaverse.net Moderator & Beta Test Team
SFC 4 Project QA Coordinator
Taldren Beta Test Team
14 Degrees East Beta Test Team
Activision Visioneers SFC 3 Beta Test Team

Offline Clark Kent

  • Captain
  • *
  • Posts: 6071
  • Gender: Male
Re: Stupid Spyware
« Reply #16 on: July 04, 2004, 11:33:12 am »
This problem is getting worse.  More Spyware is showing up on my HD, and destroying my ability to use this machine on the internet.  I was considering- after a long time- of finally upgrading to Windows XP from ME which I have now.  I've put it off for this long because I've heard people complain that when their computer crashed MS would not allow them to reinstall their OS on their PC due to MS's wonderful policy regarding piracy.  The version of XP I got my hands on is a home version,a nd I've read these are the problem systems, where as XP pro is better if you have a crash and have to reinstall.
This does answer one question I had though:  should I just upgrade, or reformat and upgrade.  I guess the latter.
You're right that this came from a pron site- I was using a link to a page (not pron) and ended up getting redirected to a porn site which I could seem to get out of.
I guess I have one question:  when It comes to backing up, are there any types of files I can't trust to put on CD and relaod after reinstall?  I haven't acked up my favorites, and wanted to do that, along with the regular run of the mill files and game setting for various games so I could pick up where I left off after reformat.
CK

But tell me, can you heal what father's done?
Or fix this hole in a mother's son?
Can you heal the broken worlds within?
Can you strip away so we may start again?
Tell me, can you heal what father's done?
Or cut this rope and let us run?
Just when all seems fine, and I'm pain free, you jab another pin,
Jab another pin in me
-Metallica

Offline RogueJedi_XC

  • XenoCorp® Member
  • Lt. Junior Grade
  • *
  • Posts: 249
  • Gender: Male
  • Code ID-10-T
    • The Brain Fart
Re: Stupid Spyware
« Reply #17 on: July 04, 2004, 11:43:39 am »
I go to your web page and get the following: ??
RogueJedi_XC
Xenocorp.net

Offline Bonk

  • Commodore
  • *
  • Posts: 13298
  • You don't have to live like a refugee.
Re: Stupid Spyware
« Reply #18 on: July 04, 2004, 11:46:11 am »
I'm not sure where exactly nightsoft is, but the server is notoriously unreliable, I've observed approximately 50%(or less) uptime over the last two years.

Offline Clark Kent

  • Captain
  • *
  • Posts: 6071
  • Gender: Male
Re: Stupid Spyware
« Reply #19 on: July 04, 2004, 11:57:24 am »
Ok.. I wrote up a guide for people to follow on how to correctly configure Windows and Internet Explorer to help prevent Spyware and also provided the best utilities to use in removing spyware.....anyhow.. let me know and I will help.

Pestalence


Thanks alot pestalence.  I It being the fourth, i'm not too enthusiastic to do this today, so i'll see about it tomorrow.  Hopefully I'm literate enough in windows toi handle thison my own.
Thanks again pestalence, and everyone else whos' provided help.
CK

But tell me, can you heal what father's done?
Or fix this hole in a mother's son?
Can you heal the broken worlds within?
Can you strip away so we may start again?
Tell me, can you heal what father's done?
Or cut this rope and let us run?
Just when all seems fine, and I'm pain free, you jab another pin,
Jab another pin in me
-Metallica