Topic: Spyware Question--Spyblocs any good?  (Read 2181 times)

0 Members and 2 Guests are viewing this topic.

Offline Dvoongar

  • Lt. Junior Grade
  • *
  • Posts: 22
  • Gender: Male
Spyware Question--Spyblocs any good?
« on: September 15, 2004, 08:37:00 pm »
Got me a new popup generator. :-\ Spybot S&D and Adaware don't seem to help.

While online, every 5 min. or so a new IE opens up going to "http://www.ad-w-a-r-e.com/cgi-bin/PopupV2?ID={2EF84EC1-070B-11D9-94A0-000D8779E2FB}&AD=Revenue" DON'T go there. The window never shows anything from there, but gets redirected to random adware crapmongers.

So anyhow, I searched forums, and others have it, but the only suggested remedy I found so far is ebloc's spybloc program. Anyone know if it's any good? I haven't installed it yet, as you can't trust anything these days. Can anyone give it a thumbs-up or '-down?

Strange thing about this problem is it doesn't appear as a "running task" at any time, although the IE browser it opens does.
I might if I was awake

Offline Gambler

  • Lt. Commander
  • *
  • Posts: 2120
  • Gender: Male
  • Don't bet on it
Re: Spyware Question--Spyblocs any good?
« Reply #1 on: September 15, 2004, 09:49:00 pm »
The actual company is revenue.net / popupsponsor.com.  Unfortunately I can't find any way to get rid of their crap.  If you do google search for revenue.net you can find some boards that might be able to help.
I'm a Man
But I can change
If I have to
I guess


WWJKD - What Would Jim Kirk Do

I thank God I grew up in an age when a kid could still play with things that could put his eye out.


Offline Dvoongar

  • Lt. Junior Grade
  • *
  • Posts: 22
  • Gender: Male
Re: Spyware Question--Spyblocs any good?
« Reply #2 on: September 15, 2004, 10:19:07 pm »
Thanks Gambler. The thing slowed down a lot, and I thought it had stopped, but it just started back up again. >:(

Actually one kinda respects a job well done. So far this is the most clever malware I've had on my machine. Still I don't understand why anyone with an ounce of brains would want to make enemies... Apparently losers come in all IQ's.
I might if I was awake

Offline Gambler

  • Lt. Commander
  • *
  • Posts: 2120
  • Gender: Male
  • Don't bet on it
Re: Spyware Question--Spyblocs any good?
« Reply #3 on: September 15, 2004, 10:25:51 pm »
Agreed Dvoongar.  It's like the spammers who fill our mailboxes and then expect  us to buy their crap.
I'm a Man
But I can change
If I have to
I guess


WWJKD - What Would Jim Kirk Do

I thank God I grew up in an age when a kid could still play with things that could put his eye out.


Offline Bonk

  • Commodore
  • *
  • Posts: 13298
  • You don't have to live like a refugee.
Re: Spyware Question--Spyblocs any good?
« Reply #4 on: September 16, 2004, 06:15:49 am »
Sounds like a trojan. Identify ALL your running processes (under ALL users). The one that is unidentifiable will be your trojan. Look in HKLM\Software\Microsoft\Windows\Run* to remove the entry that starts it on boot. Then remove all registry entries that reference that  executable. Something has to be starting IE... if you cannot identify a trojan, then perhaps a scheduled task got slipped in somehow?

I had a similar problem recently that behaved exactly the same way - popping up a browser every so often directing it to mediatickets spyware sites signed by Thawte (i.e.: trust them not...) it was a trojan unidentified by norton or mcafee: wgrd.exe.

Offline Death_Merchant

  • Commander
  • *
  • Posts: 3639
  • Gender: Male
Re: Spyware Question--Spyblocs any good?
« Reply #5 on: September 16, 2004, 10:20:16 am »
If I were you PC guys, I'd switch from IE to Firefox. Firefox has a pop-up blocker and far fewer vulnerabilities than IE.
Firefox is now at 1.0PR.

Of course, I must say this in parting ;)
The real radical solution? Get a Mac
There are ZERO known Mac spyware apps or viruses (except MS Office macro viruses of course) in the wild.
Let me say that again: ZERO virus-spyware worries......
"In the beginning the Universe was created. This has made a lot of people very angry and is widely regarded as a bad move." - Douglas Adams (1952-2001)

Offline Bonk

  • Commodore
  • *
  • Posts: 13298
  • You don't have to live like a refugee.
Re: Spyware Question--Spyblocs any good?
« Reply #6 on: September 16, 2004, 10:51:16 am »
I don't know of any viruses that affect QNX(Photon/Neutrino).  I do know of viruses that affect FreeBSD (which the later Macs run on).

Offline Sirgod

  • Whooot Master Cattle Baron
  • Global Moderator
  • Vice Admiral
  • *
  • Posts: 27844
  • Gender: Male
Re: Spyware Question--Spyblocs any good?
« Reply #7 on: September 16, 2004, 01:44:03 pm »
If I were you PC guys, I'd switch from IE to Firefox. Firefox has a pop-up blocker and far fewer vulnerabilities than IE.
Firefox is now at 1.0PR.

Of course, I must say this in parting ;)
The real radical solution? Get a Mac
There are ZERO known Mac spyware apps or viruses (except MS Office macro viruses of course) in the wild.
Let me say that again: ZERO virus-spyware worries......

Well heck, I'm still using Version .93 .

Stephen
"You cannot exaggerate about the Marines. They are convinced to the point of arrogance, that they are the most ferocious fighters on earth - and the amusing thing about it is that they are."- Father Kevin Keaney, Chaplain, Korean War

Offline Death_Merchant

  • Commander
  • *
  • Posts: 3639
  • Gender: Male
Re: Spyware Question--Spyblocs any good?
« Reply #8 on: September 17, 2004, 10:12:42 am »
I do know of viruses that affect FreeBSD (which the later Macs run on).
There are no known viruses affecting MacOS X.

From the 9/16/2004 Wall St. Journal edition, on page B1 in the 'Personal Technology" column entitled: "How to protect yourself from vandals, viruses if you use Windows"
Opting out: The single most effective way to avoid viruses and spyware is to simply chuck Windows altogether and buy an Apple Macintosh. Apple's operating system, Mac OS X, is harder for the criminals to infect, and the Mac's market share is so small that hackers, virus writers and spies get little thrill, financial gain or publicity from attacking the platform.
  There has never been a successful virus written for Mac OS X, and there is almost no spyware that targets the Mac. Plus, the Mac is invulnerable to viruses and spyware written for Windows. Not only is it more secure, but the Mac operating system is more capable, more modern and more attractive than Windows XP, and just as stable.
"In the beginning the Universe was created. This has made a lot of people very angry and is widely regarded as a bad move." - Douglas Adams (1952-2001)

Offline Bonk

  • Commodore
  • *
  • Posts: 13298
  • You don't have to live like a refugee.
Re: Spyware Question--Spyblocs any good?
« Reply #9 on: September 17, 2004, 01:30:53 pm »
There has never been a successful virus written for Mac OS X, and there is almost no spyware that targets the Mac. Plus, the Mac is invulnerable to viruses and spyware written for Windows. Not only is it more secure, but the Mac operating system is more capable, more modern and more attractive than Windows XP, and just as stable.

Mac OS X = apple's latest windowing system on FreeBSD4.5.  I just don't buy it that it is not vulnerable to the same viruses that FreeBSD 4.5 is. I just cannot see how it isn't. Who wrote the article? Do they realize that viruses that can affect OS X may only be listed as FreeBSD viruses?

Myself, I prefer the unadulterated FreeBSD. (Though using QNX now...)

NOTE: all web-browsers are vulnerable to spyware, regardless of the platform, the user is the key.

I'd bet that viruses just don't show up on mac systems in general because the users are generally more knowledgeable. Windows systems are vulnerable because the user does not usually have the first clue.

Anyway, where's that dead horse smiley...? ;)

Offline Death_Merchant

  • Commander
  • *
  • Posts: 3639
  • Gender: Male
Re: Spyware Question--Spyblocs any good?
« Reply #10 on: September 17, 2004, 03:34:03 pm »
Anyway, where's that dead horse smiley...? ;)
Ya got that right ;)

If you have specifics on a FreeBSD virus that would also whack MacOS X, I'd love hear it. I'm always up for making sure I'm secure....

Dunno about "all browser vulnerable to spyware" statement. Are not many specifically written to take advantage of IE and ActiveX loopholes?
Every PC tech guy I know swears by Firefox or Mozilla-based variants as a more secure alternative to IE.
"In the beginning the Universe was created. This has made a lot of people very angry and is widely regarded as a bad move." - Douglas Adams (1952-2001)

Offline E_Look

  • Grand High Scribe
  • Captain
  • *
  • Posts: 6446
Re: Spyware Question--Spyblocs any good?
« Reply #11 on: September 17, 2004, 03:55:30 pm »
Gents, my kids... you know, they go to these "kiddie" sites which really aren't in my opinion too much more than advertising traps with a few silly online games to hook 'em in... and got spyware or malware on their HD that Ad-Aware doesn't see and Spybot sees, but can't remove.  I believe they are two registry keys, but not sure.  I don't know if they were added or modified from good ones.

Recommendations?  I have never played with a Windows registry before, but am not afraid of trying if I have dependable information.

Offline Dvoongar

  • Lt. Junior Grade
  • *
  • Posts: 22
  • Gender: Male
Re: Spyware Question--Spyblocs any good?
« Reply #12 on: September 18, 2004, 09:22:36 pm »
No! DO NOT USE SPYBLOCS >:(
I might if I was awake

Offline Dvoongar

  • Lt. Junior Grade
  • *
  • Posts: 22
  • Gender: Male
Re: Spyware Question--Spyblocs any good?
« Reply #13 on: September 18, 2004, 09:25:30 pm »
D*** thing gets you spyware. It and "addestroyer" are kin of some sort, and trouble. My machine's been going dead quickly whenever I go online, so my posts must be short. Sorry...
I might if I was awake

Ravok

  • Guest
Re: Spyware Question--Spyblocs any good?
« Reply #14 on: September 18, 2004, 09:26:56 pm »
 You can't play games on a Macintosh can you?

 Mike the PC moron. ;D

Offline Dvoongar

  • Lt. Junior Grade
  • *
  • Posts: 22
  • Gender: Male
Re: Spyware Question--Spyblocs any good?
« Reply #15 on: September 18, 2004, 09:34:22 pm »
Both use same location in registry:
"HKEY-Users/Default/Software/VB and VBA Program Settings"
Spyblocs resets your homepage to "about:blank". It shows as a running process. Addestroyer never shows.

Both create their own little respective folder in C:program files.
I might if I was awake

Offline Dvoongar

  • Lt. Junior Grade
  • *
  • Posts: 22
  • Gender: Male
Re: Spyware Question--Spyblocs any good?
« Reply #16 on: September 18, 2004, 09:38:40 pm »
And if you tell spyblocs to uninstall itself, it pretends to do so, but really just goes nuts trying to change your homepage, and ensure that it runs automatically on startup.

I've deleted and disabled a bunch of junk, but still have problems. The battle rages on!
I might if I was awake

Offline Dvoongar

  • Lt. Junior Grade
  • *
  • Posts: 22
  • Gender: Male
Re: Spyware Question--Spyblocs any good?
« Reply #17 on: September 18, 2004, 09:47:20 pm »
Interestingly, I slowed the pop-ups considerably by deleting the IE program which the desktop shortcut points to (Windows won't let you unselect IE in the w98 setup menu). I swithced to (AOL)Netscape last night. Thought we were done with popups, but somehow IE still runs.

I clicked on the blue e in the toolbar thing, and it fired right up. I'm on it now as a matter of fact.

Would Spock be fascinated?
I might if I was awake

Offline E_Look

  • Grand High Scribe
  • Captain
  • *
  • Posts: 6446
Re: Spyware Question--Spyblocs any good?
« Reply #18 on: September 18, 2004, 11:47:30 pm »
Even he might be ANGRY!

Offline Core

  • The oracle of doom and suffering in sight of the perfect future
  • Lt. Junior Grade
  • *
  • Posts: 337
  • Gender: Male
  • the future of the federation is in it's diversity
    • Core Ships Gallery
Re: Spyware Question--Spyblocs any good?
« Reply #19 on: September 19, 2004, 12:37:05 am »
ok did any one think of instaling SP2 ?


And then their was a scream like no other in the universe

Core Ships Gallery - http://gallery80344.fotopic.net/