My wife recently used my PC to check some stuff out. Ended up on many wacked out sites. She'll follow links she hears about on the radio, then goes off on tangents to here and there. Anyway, she landed on some site that autoloaded some nasty stuff. Basically, it hijacked my searching abilities. If I did some searching on Yahoo/Google, I would get at least a page of 'inserted' links at the top. All of which are paying customers of the nasty site. So, I had to scroll down to find true search results, and normally had to page through. Come to find out, it would remove some good links as well. . . Also, while browsing, I'd get popup ads. While on DTMan forums, I was getting popups. Words in the text would become hyperlinks to advertisor's sites. Words such as car, job, movies, etc would be links to other sites. Ads were inserted in the middle of a site. I went to techtv.com and found ads inserted next to The Screansavers links, etc. Just horrible stuff. So I downloaded some stuff that Gordon recommended. Spybot S&D and Spywareblaster. Ran both of them. They got rid of the 10+ windows that would popup when I did a search (which I forgot to mention above). But I still had the mucked up search results, mystery links, and inserted ads to deal with. Updated the above apps, ran them multiple times, rebooted and let it run first, etc, etc, etc. Would NOT go away. Did searches for 'targetword.com remove' and came up with all kinds of sites talking about how great it was. Forum threads with people recommending it to each other, etc. One link on how to get rid of it by deleting files I didn't have. I remembered reading about something called Ad Aware on Tech TV's site. Did a search for that. Got TONS of links to spyware removal apps, and some popups telling you where to get software to get rid of those damn annoying popups. That was actually a REALLY popular popup. Anyway, couldn't find Ad Aware links anywhere. Went to Tech TV's site, but they've just merged with G4, and their site is a little jacked up it seems. Couldn't find it. Went to Google and started some searches. Came up with a couple different links. One was to a forum thread where someone was asking how to get rid of this damn thing. There was a link to Ad Aware in there. It was http://www.lavasoft.de. I went there and downloaded it. Download.com wouldn't give it to me, but the 'Major Geeks' link worked and it downloaded. Updated it, and ran it. It found 89 'things'. Geez. Told it to get rid of all of them. It couldn't get rid of one of them, and asked if it could try on the next reboot. I said "sure". And then rebooted. It loaded early, and did a scan. Found 2 things. Told it to get rid of them. It did. Loaded IE and did a search. BINGO!!! The fucker's gone. Clean searches, no popups, no links on car, job, etc, and no ads inserted into the middle of pages. Was about to reload my whole system. . .
So, in Summary. Ad Aware OWNZ the spywarez, and kicks the shit out of Spybot S&D and spywareblaster.
Oh ya. . . when I went to Yahoo and did the search on Ad Aware again. . . http://www.lavasoft.de was the first link listed.
Anti-Spy-ware-stuff
-
mbilderback
- Posts: 1282
- Joined: Mon May 24, 2004 9:50 am
- Location: Memphis
- Contact:
Most of our repair business has been virus and malware removal.
For removing malware (spyware, adware, etc.) I use Ad-Aware and Spybot Search & Destroy.
Ad-Aware used to be my favorite (though I use both), but Spybot updates more often, so I like them a little better now.
I don't know if they still do it, but the Microsoft website used to recommend these two programs (and only them) for malware removal.
I had a computer in yesterday that would get hijacked to one of two websites (one on Angelfire, one in some other country). Ad-Aware and Spybot Search & Destroy removed a lot of stuff, but they couldn't find what was making the browser jump to the websites. The website ran a javascript that installed some cab file. If I tried to leave the page I got a bogus Windows warning (It wasn't capitalized correctly and had a poor conjunction) which prevented me from leaving. I had to end-task to get out each time. I deleted a registry entry (concerning dial-up networking) that linked to one of the websites, but that didn't fix it.
By the end of the day Angelfire had close the website due to a policy violation, but I'd still get forwarded to the other.
What ended up fixing it was running all the XP updates, then getting that new Norton Antivirus update. It was some Nichi virus variant using a security exploit.
For removing malware (spyware, adware, etc.) I use Ad-Aware and Spybot Search & Destroy.
Ad-Aware used to be my favorite (though I use both), but Spybot updates more often, so I like them a little better now.
I don't know if they still do it, but the Microsoft website used to recommend these two programs (and only them) for malware removal.
I had a computer in yesterday that would get hijacked to one of two websites (one on Angelfire, one in some other country). Ad-Aware and Spybot Search & Destroy removed a lot of stuff, but they couldn't find what was making the browser jump to the websites. The website ran a javascript that installed some cab file. If I tried to leave the page I got a bogus Windows warning (It wasn't capitalized correctly and had a poor conjunction) which prevented me from leaving. I had to end-task to get out each time. I deleted a registry entry (concerning dial-up networking) that linked to one of the websites, but that didn't fix it.
By the end of the day Angelfire had close the website due to a policy violation, but I'd still get forwarded to the other.
What ended up fixing it was running all the XP updates, then getting that new Norton Antivirus update. It was some Nichi virus variant using a security exploit.
-
71-1085092892
-
DictionaryDave
- Posts: 487
- Joined: Fri May 21, 2004 12:37 pm
-
thibodeaux
- Posts: 8056
- Joined: Thu May 20, 2004 7:32 pm
-
71-1085092892
Welp, at the time, the version of CWS I had outran the program that would clean it. At every reboot CWS was reinstalling itself, and I spent a day trying to figure out why, and never succeeded.thibodeaux wrote:Gordon, there's actually an anti-CWS program out there somewhere, I think.
It was wait for a fix, or reload.
It had been a year since my last reload, anyway.
But here's a question for discussion:
Have we reached a tipping point at spyware where it will kill the home PC industry? I've had 2 non-technical relatives within the last month that got infested, and didn't have the knowledge to scratch/reload. Once your dial-up connection gets hijacked, you can't hit Windows Update to patch the holes, and all they can do at that point is pay some local computer shop $75 to reload their systems. That doesn't make for a good home computing experience for non-techies.
Then they shouldn't be wandering through the dark allies of the Internet if they can't handle what they catch. 
People need to realize that the Internet is untamed and wild. It's not that hard to find what you need on mainstream sites. No, you can't view your porn or get the key code to run that software illegaly, and you might miss out on the latest flash e-card that's being talked about. . . but you won't have to spend $75 to get the crap you pick up taken care of. If you are hitting links to vote for naked grannies and to see autopsy photos of the latest dead celeb. . . then you need to be prepared to get innoculated aftwards.
So, althought spyware is unscrupulous, underhanded, wrong, etc. People should not be so naive. I don't walk through Detroit allies, and I don't go to random websites with obscure stuff. If I do either, I do it knowing I many not come back as healthy as I went in.
Edited By Cakedaddy on 1086632699
People need to realize that the Internet is untamed and wild. It's not that hard to find what you need on mainstream sites. No, you can't view your porn or get the key code to run that software illegaly, and you might miss out on the latest flash e-card that's being talked about. . . but you won't have to spend $75 to get the crap you pick up taken care of. If you are hitting links to vote for naked grannies and to see autopsy photos of the latest dead celeb. . . then you need to be prepared to get innoculated aftwards.So, althought spyware is unscrupulous, underhanded, wrong, etc. People should not be so naive. I don't walk through Detroit allies, and I don't go to random websites with obscure stuff. If I do either, I do it knowing I many not come back as healthy as I went in.
Edited By Cakedaddy on 1086632699