Aces High Bulletin Board
General Forums => The O' Club => Topic started by: cav58d on June 11, 2006, 01:32:29 PM
-
Okay guys I have encountered a major problem that needs some help....Over night my computer has become infected with spyware worse than I have ever seen...There have been no new downloads, no new websites visited...except one site I go to does have a java chat which I have used, but otherwise nothing new....I run AD-Aware SE and it will kill about 91 files, and I think everything is fine, but then 2 mins later my screen freezes because spyware popups...When I try to bring up windows task manager, it turns all gray and locks up....what other info do you need to know to help me troubleshoot this
-
Okay just finished a scan and some of the files that came up were adaware.admess, alexa, dailytoolbar, COOLWEBSEARCH, TRANSPONDER, VX2 and all with TAC ratings of 10.....What can A guy like me with basic computer knowledge go after this point where his anti spyware that is up 2 date wont kill this chit
-
Go here (http://forum.tweakxp.com/forum/Forum29-1.aspx). Follow the directions in this thread (http://forum.tweakxp.com/forum/Topic4303-29-1.aspx). It's going to take awhile, but I'm sure they'll fix it.
If you're interested in such things, here is the thread (http://forum.tweakxp.com/forum/Topic187191-29-1.aspx) from my problem back in January.
-
Yea, run spybot and adware everytime you log off. Run hijack this and find the BS. Fix one thing at a time and it may be wise to create a restore point before hand. Spyware is atrocious and it is to the point where you cant go to any site without picking up 1 or 2 tracking cookies. It is atrocious that this kind of crap is legal. I picked up a avenue A tracking cookie going to the link sandman provided.
-
Download windows defender from MS, it's free. Turn off system restore. Reboot into safe mode, run a full scan with defender. Reboot and repeat until the scan comes up clean the first time after rebooting.
-
Trust me... if you have a bad spyware/malware problem, there is no single program that will clean it up.
-
This Crap is such BS....I dont understand how this can be legal...I dont see how their spyware does any good for their company, because as soon as I get a spyware popup, i vow to NEVER use that company.....ever!
Thanks for the help everyone...I've got to go to my cousins baseball game, and when I get home I will give it a shot....ill reply with results
-
just do a restore from say 1 week ago and that will prolly take care of it
worked for me
-
BTW, "tracking cookies" have nothing to do with you getting infected with spyware.
If the infection is bad, you're probably going to have to nuke it from orbit, it's the only way to be sure.
Oh, and drop the IE habit on your new OS install and use Firefox exclusively.
-
I use spyware blaster; it prevents spyware from loading in the first place it's not a scanner & a combination of AdAware & Spybot S&D scanners. Plus I have a program called Advanced System Optimizer that has a spyware scanner that I use & my AV solution (Nod32 - the best there is) also hits some spyware.
It shouldn't be too much for you to handle, but each persons knowledge about this problem is different. If it is too much for you to handle try "hi-jack this".
I didn't look in the links Sandman provided but I assume that is what he linked you too. The only problem with hi-jack this IMHO is; #1 - your letting a complete stranger into your P/C & trusting them to tell you what's o.k. & what's not & #2 - you need as much knowledge to follow their instructions & not screw up your P/C as you would to nuke the stuff yourself.
I would just use a combination of free spyware scanners & blocker programs. I have never gotten hit with anything permanent & I have gone to the sites intentionally to help a friend of mine clean his P/C
By the way.....CWshredder is the only program I know of that will destroy Coolweb (it's a free D/L too) Spybot will find it, but not remove it. I believe you can still get CWshredder from Major Geeks.
-
Originally posted by Sandman
Trust me... if you have a bad spyware/malware problem, there is no single program that will clean it up.
There also is no single program that will stop all of it from infecting you. I spend a lot of time cleaning syware/malware from PCs. Windows Defender is the best general purpose cleaner I've seen so far. While it won't remove everything it is very good at finding everything. If the first full scan after a reboot says you're clean, then you probably are.
Sometimes it's quicker to just wipe the drive and reinstall everything.
-
Originally posted by lukster
There also is no single program that will stop all of it from infecting you. I spend a lot of time cleaning syware/malware from PCs. Windows Defender is the best general purpose cleaner I've seen so far. While it won't remove everything it is very good at finding everything. If the first full scan after a reboot says you're clean, then you probably are.
Sometimes it's quicker to just wipe the drive and reinstall everything.
I used Windows Defender Beta & it is on par with AdAware & Spybot S&D. If one were to add it into the combination of free blocker & scanner programs it would not hurt, it does what it is supposed to do.
-
I installed and subscribe to Spy Doctor. A few years ago I would not have used this software. However, it has been vastly improved and runs both effectively and seamlessly in the background. I only shut it down to play Aces High. Since it's a real-time defense program, absolutely nothing gets on my machine. Combined with a good anti-virus, downloaded grief is not an issue whatsoever. You can forget about hijacks when running Spy Doctor.
By the way, Spy Doctor updates the database DAILY, not weekly like most anti-spyware products. Worth every penny of the $30 annual subscription.
PCTools (http://www.pctools.com)
My regards,
Widewing
-
Find a program called LSPfix. It'll let you get rid of some unwanted .dll's. Don't use it unless you know what you're doing.
Security Task Manager is a pretty handy tool.
HiJack This should be on every computer.
Oh, and don't be shy about going through your registry key-by-key. You'll find all kinds of useless old crap, not only malware.
J_A_B
-
Meh Windows Defender doesn't get rated that well in antispyware. Theres stuff out there that 'browser agnostic' now. So it doesn't matter if you run IE or Firefox or Mozilla you'll pick stuff up.
I use a combo of McAfee Managed AV with Antispyware and gateway AV/Antispyware on my firewall (yup its a Sonicwall). McAfee's not #1 in antispyware (iiirc BitDefender ranks #1) but its in top the top 5 - any of that freeware scanning stuff ranks extremely low.
-
Ditto on Spyware Doctor. I'm almost computer illiterate, but I stumbled on this. I'm impressed. There are updates just about daily. I haven't had spyware since.
-
Originally posted by Vulcan
Meh Windows Defender doesn't get rated that well in antispyware. Theres stuff out there that 'browser agnostic' now. So it doesn't matter if you run IE or Firefox or Mozilla you'll pick stuff up.
I use a combo of McAfee Managed AV with Antispyware and gateway AV/Antispyware on my firewall (yup its a Sonicwall). McAfee's not #1 in antispyware (iiirc BitDefender ranks #1) but its in top the top 5 - any of that freeware scanning stuff ranks extremely low.
McAfee sucks imo. I used to sell it 'til several years ago they started releasing updates that caused PC booting problems or false positives that wreaked havoc. That and I see a lot of virus infected computers running the McAfee Security Center. Nothing is perfect in this regard though, no argument there.
-
Defender, Spybot and others came up empty
Tried the demo version of that PC Tools one. Said I had 146 items...yet...wanted money to do more.
Pass.
-
Originally posted by Chairboy
BTW, "tracking cookies" have nothing to do with you getting infected with spyware.
If the infection is bad, you're probably going to have to nuke it from orbit, it's the only way to be sure.
Oh, and drop the IE habit on your new OS install and use Firefox exclusively.
Word on Firefox and nuke and pave... look into slipstreaming, you can create an XP install CD with all your drivers and updates that will all install the 1st time, no fuss. Slipstreaming can make a nuke & pave a lot less painless than trying to piece together a broken Windows.
Heres a decent slipstream info page:
http://www.winsupersite.com/showcase/windowsxp_sp2_slipstream.asp
If youre on broadband, putting yourself behind a hardware firewall, like a router, can help too.
-
Get a 20" iMac. :eek:
-
Originally posted by Vulcan
Theres stuff out there that 'browser agnostic' now. So it doesn't matter if you run IE or Firefox or Mozilla you'll pick stuff up.
Give an example, please.
Running IE, there are plenty of ways that spyware can get into your system without you doing anything but visiting a website.
-
I'd like to see an example of an infection passively introduced through an up-to-date, scripting-disabled Firefox browser. Not saying there isn't, just like to know what they are.
-
Hell, even with scripting enabled. IE has ActiveX, a feature that has bought pools and boats for CEOs of many security companies. Firefox has... just javascript, whos greatest offense has been to make some popup advertisements 'buzz' their window to get your attention. Hardly the 'hive of scum and villainy' that IE+ActiveX embodies.
-
If your problem is really that bad.....consider wiping your hard drive and starting over. I had huge issues at one point as well, was just easier and faster to wipe the drive and reinstall windows.
I had someone helping me out at the time as well. (Thanks again Silat)
-
Simple solution....It's been said, use firefox & not IE. I use Kaspersky Anti-virus, it's been the best. It even will catch a program trying to copy hidden programs somewhere else (i.e., spyware), also blocks registry changes unless you let it.
Edit: P.S. with these two programs, I've never had to use anything else, like ad-aware or whatever anti spyware blocking prgram anyone uses.
-
iirc coolweb is the hardest one to get rid of in that bunch & CWshredder will get it.
Really, adaware & spybot s&d with spyware blaster will keep you clean; & they're all free. Spyware doctor may rock too but I never tried it.
Beware of the free online scanners of pay products, they lie to get you thinking they are doing something.
For instance; I downloaded a free trial of PC-Cillian once, the danged thing was telling me it stopped several viruses everyday! I'm sorry, but there aren't that many viruses going around that I'm going to be attacked 20 or 30 times a day. I got NOD32 & it has only had to block one in 6 months...from a link someone provided in these forums too b.t.w. lol
-
I haven't installed any spyware protection on my laptop since I replaced the hard drive 5 months ago. Firefox only, plenty of browsing.
No spyware.
I'm paranoid, I know where spyware lives, and it hasn't moved in. Basic safe habits and being behind a router seem to be pretty darn effective. It's not for everyone, but it works for me.
-
Okay...Now I am starting to get worried...I have completed 9 out of the 10 steps from the tweekxp, hijack this thread...Used spybot, AAW, CWshredder ect....only step left is the MS service pack, and I still have the same spyware popping up....
******WARNING...PLEASE DO NOT CLICK ANY OF THESE LINKS UNLESS YOU KNOW WHAT YOU ARE DOING....THESE LINKS ARE THE ADDRESS's OF PAGES THAT KEEP POPPING UP, AND THE MESSAGES I AM GETTING...I DONT WANT TO BE RESPONSIBLE FOR INFECTING ANYONES COMPUTER SO PLEASE BE AWARE THIS IS ONLY BEING POSTED TO PROVIDE INFORMATION FOR ANYONE WHO FEELS THEY MAY BE ABLE TO HELP*******
http://forum.tweakxp.com/forum/shwmessage.aspx?ForumID=28&MessageID=134799&TopicPage=1&RateVal=5
"warning! Virus infection (dailytoolbar.dll)
Danger: possible virus or spyware infection - dailytoolbar.dll!
C:/Windows/System32/dailytoolbar.dell
:::::::: http://antispywarebox.com/ ::::::::::::: # 2
#3 popup
***Alert! you are receiving spam!
System scan is highly recommended by windows security center (doesnt look like anything MS Windows XP would officially pop up...)
-
Forget to mention but worth noting that once this popups begin when I open "Task Manager", the "processes" that are open get a greay color and are blocked or unable to be messed with
-
Seriously Cav, I would just wipe the drive and start over. Sounds like you have some serious spyware issues. Alot less headaches to just start over and make sure you are protected this time. Thats just me though. :)
-
Originally posted by Chairboy
Hell, even with scripting enabled. IE has ActiveX, a feature that has bought pools and boats for CEOs of many security companies. Firefox has... just javascript, whos greatest offense has been to make some popup advertisements 'buzz' their window to get your attention. Hardly the 'hive of scum and villainy' that IE+ActiveX embodies.
Apparently there are some java nasties floating around right now. But you're right to an extent, certainly not a webfull of activex nasties. Still as firefox's profile rises it is being targeted more, just look at the flaws being found in firefox (on cert.org etc). People are having a crack at it.
The other problem is that sometimes you need IE, I use plenty of websites which must have IE (activex plugins etc). So you're back into the old mac style debate, is a user with no hardened antispyware using firefox better off than a user with IE and hardened antispyware given that user may one day have to use IE?
As has been said, browsing habits also play a big roll. BUT I would warn that more and more corporate websites are being targeted to plant spyware hooks Just look at zone-h.org to see the numbers of exploited servers every day.
Maybe I sound paranoid, but I often help some of our larger clients manage their firewall solutions and I see the activity logs of some medium-big sites, and 90% of users are browsing safely. Its the 10% that flicks the paranoid switch - and usually they don't even know it.
-
wow...well....IT WORKED! haha! I installed the service pack, and have had zero popups or task manager issues for about 2 hours now! Thank God because wiping out my drives was not an option....I have all of my windows XP cd's, but none of my wireless router software, nor any of my video card software....pheew...
I just labeled Internet explorer "DO NOT fluff'n USE" and downloaded mozilla....
thanks for all the help guys I really appreciate it....
I am going with Spybot Search and Destroy as my new antispyare because the lavasoft ad aware SE was not able to prevent this problem.....
thanks again
a big
cav
-
Originally posted by cav58d
This Crap is such BS....I dont understand how this can be legal...I dont see how their spyware does any good for their company, because as soon as I get a spyware popup, i vow to NEVER use that company.....ever!
Thanks for the help everyone...I've got to go to my cousins baseball game, and when I get home I will give it a shot....ill reply with results
Disable ActiveX in the Security tab of the Internet Options (under the Internet domain, and reset the others to thier security defaults). While most will tell you to use FireFox, it does not solve all your potential ills, as the Internet Options apply to other programs as well. ActiveX is the primary delivery mechanism for Spyware/Malware and if you leave it enabled, you are also acknowledging it is ok to plant said software into your computer.
The primary reason FireFox is safer is due to no support for ActiveX.
At least, that has been the argument which has kept Congress at bay. Why? Because they are idiots.
I got rid of Adaware and all the other tools for clearing/blocking spyware and have not had an issue at all in the last 4 years. But I also disable Java and java script, then insert sites I trust in the Trusted domain.
EDIT: And Vulcan is quite right. There are corporations who run infexted servers and do not even know it. I have caught a couple of them and notified the webmasters about it.
-
Thanks Skuzz...I disabled active X and set everything else to defaults as a precaution, but I will not be opening IE Explorer ever again....
Would you guys recommend Spyboy Search and Destroy to be my main antispyware program or should I look into others
thanks again
cav
-
That's fine cav (until you want to make use of MS's update page). For the rest of you, you should disabled ActiveX in the "Internet Options", as anything that uses 'explorer.exe' (and there are quite a few programs which do) uses those security settings.
I've never had a problem with IE myself, but then I do not use the default settings for it either. Makes it easier than jumping back and forth between two browsers.
-
I've had to use IE _once_ in the last 6 months. The benefits farrrrrr outweigh the once or twice a year inconvenience of switching browsers. That one time was Windows Update on a system that hadn't been patched to the latest service pack, every other update is d/l'd automatically.
Even when I worked at Symantec, by late 2005 I rarely had to use IE even for the most wonky internal websites.
Skuzzy, times, they are a changin'. Firefox has been improving steadilly, can't say the same for IE.
-
I refuse cookies except when absolutely necessary at a trusted site. I also have active-x controls locked out (prompt) on my system. I use IE and have had clean scans using adaware, search and destroy and yahoo's own spyware checker for months.
I absolutely hate cookies and spyware. I decide what goes on my system and it's for my uses only, not for some hugahunk to spam me or track where I've gone.
I used firefox for Ogame and tried to browse with it. It's ok but not as good a presentation as IE IMO.
-
Originally posted by Chairboy
I've had to use IE _once_ in the last 6 months. The benefits farrrrrr outweigh the once or twice a year inconvenience of switching browsers. That one time was Windows Update on a system that hadn't been patched to the latest service pack, every other update is d/l'd automatically.
Even when I worked at Symantec, by late 2005 I rarely had to use IE even for the most wonky internal websites.
Skuzzy, times, they are a changin'. Firefox has been improving steadilly, can't say the same for IE.
I see no benefits to FireFox. I have it on my work system to test with, and really do not find it any better or worse than IE. Overall I find FireFox to be more irritating to keep updated.
I never allow the auto-updater to run. That's not really a good idea. And MS releases security updates once a month. There there are those dang corporate sites which only work with IE (clueless dolts).
Anyway, like I said, I see not benefit to switching and for me it would be a pain in the tush. All the years I have been on the net, I have never had a virus or spyware/malware issue. I test various programs so I can make decent recommendations to people, but other than that I never use spyware scanners/blockers, anti-virus programs, firewalls, or utilites along those lines.
-
Originally posted by cav58d
Thanks Skuzz...I disabled active X and set everything else to defaults as a precaution, but I will not be opening IE Explorer ever again....
Would you guys recommend Spyboy Search and Destroy to be my main antispyware program or should I look into others
thanks again
cav
i Use both spybot and ad aware, they both catch ones that the other does not, so use them both at the same timeor back to back and cover more bases. Firefox reduces the number of cookies, spyware etc., but anytime you venture out of the box, you are gonna get hammered. You need, antivirus and firewall running also. Im just about ready to pull the damm plug out of the wall so i can get back my damm computer, i cant do anything with it now except run antispyware antivirus and download the updates for them:furious
-
Spybot S&D & AdawareSE are just scanners...not spyware blocker programs. You can D/L the free version of Spyware Blaster for that, it is a blocking program & it updates fairly frequently. I use all three of these as my primary antispyware defense, I am behind multiple firewalls & have two or three more spyware scanners bundled with other progs. & I have never had a problem.
Oh, windows defender is also a blocker program & scanner, but I chose Spyware Blaster instead.
-
Since I have only a 35 IQ, I have always disabled ActiveX (except for MS as a trusted site for patches) just like Skuzzy has said. I'm not smart and clever enough to pay for, or download, or run multiple anti-spyware, anti-virus, anti-anti-spyvirus malware anti-anti ware on alternate Thursdays except for months with 31 days.
I've never had a problem. ;)
-
I have never understood why people would rather load up thier computer with all types of programs which effect the performance of the system, instead of attacking the source of the problem.
You can only put on so many bandaids before you look and move like a mummy.
By the way, there are currently 6 unaddressed security problems with FireFox.
-
Originally posted by Skuzzy
By the way, there are currently 6 unaddressed security problems with FireFox.
Can you name any security problems Firefox has had that have resulted in widespread data loss/spyware installs/breaches? Because if we can set aside a few hours, I can start listing 'em off for Internet Explorer.
Don't bring a knife to a gunfight, IE is really really double plus ungood from a security standpoint compared to Firefox.
-
And I was within my deepest thought upon the Mount of Grapevine when the Skuzzth transcended from the Mount carrying Tablets, and I was soak with tears, for it was Tylenol and he took both from his rightous hand and said upon the Masses...
"Ye with Puters and yet suffer from the Domains of Hell follow upon to me to the Proper Thread within what I provide you... verily, verily unto those of woe and seekth the desire to be thy free of his Virus... I will speakth my words once, twice and yet three times unto thine deaf ears, written before your blindeth eyes.
For upon the threads are writen, Ye that haveth thy Puter Maladys must first come forth to the sticky calleth "Thy Hintist and Tips"
For ye to cometh unto me must seekth thy thread calleth Thine "Intrardnet Connecteth Hints/Tipths" Seeketh hep and you may find it within the Shrine of the "Kickedth Plug"
For I may come as a bandwith at the darkest hour and cause you to seekth thy techeth help no longer.
For I am the Techeth, thy Geeketh and thy Skuzzeth...ahem
*dam hope I don't go to hell for this and if I do how's the bandwith there Skuzz?*
With All Forgiveness,
Mac
-
Originally posted by Skuzzy
By the way, there are currently 6 unaddressed security problems with FireFox.
with all due respect. And untill this very day IE had 21
Well. they Fixed 21 of em anyway
http://news.com.com/Microsoft+plugs+21+security+holes/2100-1002_3-6083424.html (http://news.com.com/Microsoft+plugs+21+security+holes/2100-1002_3-6083424.html)
-
oh, and stay AWAY from "About . com."
Far far far away
-
It may be edgy to kick Firefox, but I think the program is trying to be better than the spamware Internet explorer.
-
IMHO the Firefox debate is just another version of the the devil you know vs the devil you don't. The same community that loves to flame IE bugs remains vigilantly quiet about similar bugs in firefox.
I'm always sitting behind a Sonicwall with antispyware at the gateway, and run McAfee Managed AV/AS. No massive overheads and it works just nicely.
-
Mac, preach on brother Amen!!!
:rofl :rofl :rofl :aok
-
I can just hear Skuzzy saying...
"Aight, aight...I put on my Robe and Wizards hat..."
:D
Mac
How ya doing Mav?
-
Geez, dunt get so defensive. It was an "FYI". Nothing more. I could care less what browser anyone uses.
Just don't think FireFox is bullet-proof. It is software and no software is perfect.
Most people will never have a problem with any browser. I know I have not and have been around the Internet longer than most people. But I do a lot of things, right up front, to prevent problems instead of accepting the defaults (which pretty much will gaurantee problems).
-
...and THAT is great advice. 5 cents of prevention is worth a buck of cure. Good browsing habits are the key to avoiding infection.
-
Originally posted by Skuzzy
Geez, dunt get so defensive. It was an "FYI". Nothing more. I could care less what browser anyone uses.
Just don't think FireFox is bullet-proof. It is software and no software is perfect.
Most people will never have a problem with any browser. I know I have not and have been around the Internet longer than most people. But I do a lot of things, right up front, to prevent problems instead of accepting the defaults (which pretty much will gaurantee problems).
(http://www.steliart.com/images/kissing.gif)
:D
-
Originally posted by Skuzzy
Most people will never have a problem with any browser.
Most people without kids, maybe. I'd be willing to bet a beer that at least 75% of the computers used by people 18 yrs and younger are, or have been infected with spyware/malware. I work on computers/networks for a living and while I target only businesses I never refuse to work on my business customer's home computers. The vast majority of their problems are spyware/malware related.