Forums > Help! > Adware and Spyware

Login/Join to Participate
Page:
ado-pGOLD Member
Pirate Ninja
3,882 posts
Location: Galway/Ireland


Posted:
I got one or the other or both.

Its a work computer but we dont really have an I.T. dept. as such. So when i got this thing i ran all the the spyware removers and adware removers and virus scanners i could find but im still getting some stupid pop ups from gambling sites and other annoying crap.

Can anyone recommend some freeware that might do the job?

Love is the law.


SymBRONZE Member
Geek-enviro-hippy priest
1,858 posts
Location: Diss, Norfolk, United Kingdom


Posted:
Also: https://www.lavasoftusa.com/software/adaware/

Make sure you install XP SP2 from: https://www.microsoft.com/windowsxp/sp2/default.mspx

and get firefox to help prevent you getting more when you're browsing: https://www.mozilla.org/products/firefox/

There's too many home fires burning and not enough trees


onewheeldaveGOLD Member
Carpal \'Tunnel
3,252 posts
Location: sheffield, United Kingdom


Posted:
Be very wary of using much of the spy-adware removal programs you'll see on the net- most of it is a scam which deliberately gives 'false positives' (tells you you're infected, when you aren't) in an attempt to get you to buy the 'pro' version; a few will actually infect you with spy/adware.



https://www.spywarewarrior.com/rogue_anti-spyware.htm



(list of dodgy spy-adware software)



Stick to using the ones that are well respected by the sections of the community that are knowledgable about these issues-



spybot S&D

Ad-Aware



are the big two- check the spelling of anything you download, as dodgy companies are putting up software called stuff with similar names and passing it off as the real thing.



Find a good online forum and check out their FAQs on what to do when infected, and how to prevent it happening again.



If, after that, you're still infected, there's a very powerful program called 'HijackThis' which gives you a list of everything that could be malware, and the option to delete it.



However, this program is not one that a beginner can use unassisted- if you delete everything it picks up you will trash your system, as some of those things are files important for the running of your system.



Instead, you post a copy of the 'HijackThis' log on their forum, and wait for someone to tell you what to do (and make sure you read the beginners FAQ before posting,and do all the stuff it instructs you to, otherwise you'll get ignored)



Here's a page of links to advice on security etc-



https://www.firewallguide.com/spyware.htm



Give yourself a couple of hours on-line browsing, following the links on the page, and the ones posted by others here, and you'll build up a picture of what mal-ware is, and ways to remove it- bookmark any pages that you find especially good.



For prevention, I also recommend getting an understanding of your browsers 'security settings'- most spy/ad/malware gets on your system via things like 'ActiveX controls' which your can disable in the security settings.



Good luck.

"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!


UCOFSILVER Member
15,417 posts
Location: South Wales


Posted:
How much do we kick ass?
biggrin

lots...

ado-pGOLD Member
Pirate Ninja
3,882 posts
Location: Galway/Ireland


Posted:
Thanks guys

I ran spybot s&d and it found a lot of stuff, if i rerun it though alot of the things it found are showing up again, even after it confirmed fixing it. Namely

CoolWWWSearch

AbetterInternet

Mediaplex


and one or two others

Theres a very very old version (years and years) of mcafee on this and its pretty useless so i uninstalled it. downloaded AVG, from what i can see though i have at least four or five trojans present that AVG isnt picking up. One of which records entries into forms and sents them to its home server!!! Forget about internet banking for a while eh.

Microsofts spyware remover found a few things but its a very annoying piece of software. Why does a program thats supposed to help you stop getting pop ups have such big damn pop up warnings!!!

Spyware doctor found 139 entries that were suspect but this isnt much good as i cant do anything with it unless i buy it....

Downloading Adaware now.


Grrrr

Dave, I can really understand your hardcore stance towards internet security now, ive never had a virus or spyware on any or my personal computers but like yourself and the others I take care of my machine. Who ever had this one in work before me musty have done nothing but go to porn sites and gamble.

Love is the law.


SymBRONZE Member
Geek-enviro-hippy priest
1,858 posts
Location: Diss, Norfolk, United Kingdom


Posted:
You can do something else with the internet? like what...?

confused

ActiveX controls in themselfs arn't bad at all - but it will open up more options for spyware. You really should get firefox - if you can't install things then get 'portable Firefox' https://johnhaller.com/jh/mozilla/portable_firefox/
and run it from a folder on your hard drive. That will keep you very safe.

There's too many home fires burning and not enough trees


ado-pGOLD Member
Pirate Ninja
3,882 posts
Location: Galway/Ireland


Posted:
buying firetoys and juggling props of course biggrin

yup

im using firefox now, the problem is all the stuff that was on the pc when i got it,

i seem to have gotten it down to one registry entry now. CoolWWWSearch keeps reseting the search page for IE. I cant avoid using IE either as I have to use Outlook web access for company email and it wont display correctly on firefox.

Love is the law.


UCOFSILVER Member
15,417 posts
Location: South Wales


Posted:
"Outlook web access for company email and it wont display correctly on firefox."

So do I... but Firefox works perfectly confused

What could be the reason for that?

ImbalanceGOLD Member
not different, just not the same
263 posts
Location: Charlotte, NC, USA


Posted:
even though you are all fixed up, heres a couple things you can install and run also

free online scan housecall

GREAT program that is free for 2 weeks, i use it for initial cleaning EWido Suite

a great cleaning and program thats easy to use and has FULL UNDO if you screw something up Easy Cleaner

a great program for inspecting you start up programs and removing those annoying spoywares that keep rewriting to your startup etc. has analyzation capability which really helps startup inspector

and of course i also recommend spybot and ad-aware. good programs.

also, the windows spyware tool does a descent job overall, but IS super annoying and i can't stand it. so i got rid of it.

and finally FIREWALL FIREWALL FIREWALL FIREWALL. if you don't have one, get one, windows firewall is a laugh. I usually reccomend zone alarm since its pretty easy to use and deal with. one thing tho, when you install it and get it ready to go, you may notice that the internet seems not to work, not so, just open zonealarm, click the firewall settings, and click "zones" put the first (top) slider on MEDIUM and not HIGH and everything will work and you will be protected.

enjoy

I once learned every move that there was,
Every style, Every technique.
Then I woke up, and forgot it all,
So now I struggle to dream.


SymBRONZE Member
Geek-enviro-hippy priest
1,858 posts
Location: Diss, Norfolk, United Kingdom


Posted:
A firewall isn't really that amazing. They can only stop packets from (and to) ports and IP's. Most spyware comes over port 80 along with most of the other web traffic. A firewall wont stop anything unless it's trying to access the wrong port.

I use a hardware firewall at home with port forwarding inside the NAT, really, if you use good software then you wont have a problem.

You can also change your HOSTS file to stop adverts etc by resolvig the URL to a local IP. You could do this for known spyware sources, but I don't know of a list.

There's too many home fires burning and not enough trees


FearpigSILVER Member
member - tee hee "member"
279 posts
Location: Bethnal Green, London, England (UK)


Posted:
The best way I have found to clean your pc is ...

get antivirus up and running,
then a decent spyware sweeper.
Delete your cookies, temp internet files and history.
update them both and run full scans
Then download and run HijackThis

its a very small program that will create a log file showing you every thing in your registry. You can then either remove all the dodgy stuff (using HijackThis) or post the log on a hijack site and the friendly people there will sort it out for you. However if you don't understand the log file, don't fix things you think might be dodgy... you can seriously damage your PC.

I really recommend hijackThis, the only thing better is to format your PC and build it again!!!

"Whats wrong with the cat?" - Mrs Schrödinger


onewheeldaveGOLD Member
Carpal \'Tunnel
3,252 posts
Location: sheffield, United Kingdom


Posted:
Written by: ado-p


I ran spybot s&d and it found a lot of stuff, if i rerun it though alot of the things it found are showing up again, even after it confirmed fixing it. Namely

CoolWWWSearch

AbetterInternet

Mediaplex




CoolWWWSearch is notoriously bad- here's a page detailing one individuals battles against with his self-written software 'CWS Shredder' which has required hundreds of updates to keep up with new versions of CWS-

https://www.spywareinfo.com/~merijn/cwschronicles.html

(this is well worth a read for anyone who doesn't realise just how devious the makers of malware are- it covers CWS from its earliest appearance and gives details on each new update its gone through).


Written by: ado-p


Dave, I can really understand your hardcore stance towards internet security now, ive never had a virus or spyware on any or my personal computers but like yourself and the others I take care of my machine. Who ever had this one in work before me musty have done nothing but go to porn sites and gamble.





I'm glad you understand- you sound like someone who's fairly knowledgeable about computers; imagine what this kind of malware does to someone who's more naive.

But, bear in mind that, contrary to popular opinion, it's not necessary to visit porn or gambling sites to get totally infested with malware (though obviously, those who do use such sites need to be very up-to-date with their security).

Much of this malware is designed to redirect you to a host of dodgy sites, which then install other malware, which in turn sends you to more dodgy sites, etc, etc.

A lot of this malware is designed to change the users IE 'homepage' (often to a porn site) and place entries in the registry and start-up menus, so, if they get deleted, they basically reincarnate the next time the pc is powered up.

This chain of events can be started by any web page that carries the requisite ActiveX control, and that page could well not be a porn or gambling site.

The good thing about all this, is that checking out good security community forums will give you excellent advice about ways to combat all this, and, despite the fact that the initial hijacking can be stressful, doing that research will lead to feeling quite empowered, and it's pretty interesting following what's going on in the world of malware and defenses against it.

There's some useful little programs out there that, when running, will warn you if any programs try to change your registry settings, or attempt to add themselves to your start-up list; another loads thousands of known malware carrying web pages addresses into your 'restricted zones' (your security settings for the restricted zone should most defintily be set to 'high) thus stopping them using ActiveX/javascript to initiate malware attacks on your system.

"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!


UCOFSILVER Member
15,417 posts
Location: South Wales


Posted:
"it's not necessary to visit porn or gambling sites"

Maybe, but it is the most fun way....

ado-pGOLD Member
Pirate Ninja
3,882 posts
Location: Galway/Ireland


Posted:
Thanks Dave

CWS Shredder is exactly the piece of kit i was looking for. It did the job nicely.

I seem to be having a problem with sp[ybot search and destroy though, the warning windows that pop up are all messed up, as in the graphics are askew and i cant read what it says or even allow or block it, I can click on the x but then it automaticly blocks whatever it was trying to show me. Interestingly it block something from the google toolbar today which i thought was strange seen as how i uninstalled it yesterday...

Im gonna download it again and reinstall, after that i think i'll run hijack this and see what it comes up with just in case

Ok just downloaded it and it wont update> Says bad checksum beside the updateable files. Sh*te - OK Downloaded it manually, so sign of CSW but it did find DoubleClick. That was bloody quick.

*cross fingers, elbows and toes*

UCOF, ive no idea why firefox wont display outlook webmail correctly. It wont show me the folder list or preview pane for some reason. And the colors arent as nice smile

Thanks everyone!

Love is the law.


SymBRONZE Member
Geek-enviro-hippy priest
1,858 posts
Location: Diss, Norfolk, United Kingdom


Posted:
OWA used many of the proprietary technologies that make IE so susceptible to spyware. Not wanting to start a MS vs everyone fight here, but if they just supported standards and didn't make something up everytime they wanted to do something I'm sure most of these things wouldn't happen.

Anyway. How old is the OWA? I'm sure the 2003 verson has a 'pro' and 'basic' option or something like that, maybe thats why UCOF can get it fine; the pro one only works on IE and the basic is for everyone else.

There's too many home fires burning and not enough trees


onewheeldaveGOLD Member
Carpal \'Tunnel
3,252 posts
Location: sheffield, United Kingdom


Posted:

Written by: ado-p


I seem to be having a problem with sp[ybot search and destroy though, the warning windows that pop up are all messed up, as in the graphics are askew and i cant read what it says or even allow or block it, I can click on the x but then it automaticly blocks whatever it was trying to show me.





I recall something very similar happening to me- the dialogue box had graphics messed up to the extent that I couldn't actually click on 'yes/no' and had to manually close the box (which seemed to cause it to 'block').

However, the bit of Spybot that blocks these things is a program called 'TeaTimer' which loads at startup and runs in the background.

If you open up Spybot and click on 'immunise' (right hand menu) you'll see an option 'Enable permanent blocking of bad addresses.........' which should be checked: there's a drop-down menu, and one of the options is 'block all bad pages silently'.

If you select that, blocking is automatic so you don't get a dialogue box appearing.

-----------------

Another thing to mention with all this virus/spy/adware checking stuff running in the background is that, when you're installing new programs, or burning cd's, it's considered a good idea to disable them all, as they can interfere with the process (this is assuming that you trust the program you're installing).

Obviously, if you do so, it's very important to start them all up again before going on the net.

And, given that it's so easy to forget this, and end up going on the net with a totally undefended system, some kind of way of guaranteeing you remember is good- I use the admittedly low-tech method of affixing a small box over the end of my dial-up cable, so I can't plug it in without realising.

"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!


UCOFSILVER Member
15,417 posts
Location: South Wales


Posted:
like sleep surfing you mean?
wink

polaritySILVER Member
veteran
1,228 posts
Location: on the wrong planet, United Kingdom


Posted:
I think you have to turn on TeaTimer, as it's not considered user friendly to keep asking if things should be blocked or not, when you might not understand what it is you're blocking. Unfortunately without it a lot of spyware gets through to things like the IE startup page.

Some software firewalls can help a lot if they have a few extra features. I'm running Kerio Personal Firewall, and it monitors all the executable files, to make sure they don't get changed, and stops any executable from starting other programs. It also allows you to specify which programs can access the internet or your local network, so spyware can't go and install any other programs like trojans. The only problem is you need to have a good idea of what all the programs on your computer are for so you know what should and shouldn't have access to the internet. I've completely blocked internet explorer from accessing the internet, as it's also run as part of a lot of other microsoft programs, so you can't stop it getting spyware just by not using it. .wma .wmv and .asf files can contain code to open a copy of internet explorer, so it's best to stick to video and audio formats that can't contain spyware (or DRM crap).

If you press [CTRL]+[ALT]+[DEL] you get a list of programs that are running on the computer, and it's a good idea to get an idea of what should and shouldn't be running. If you do a google search on the filenames you can see if they could be spyware.

It also helps to stop using microsoft programs as far as possible, as they're all highly integrated with the operating system, and can be used to make changes to it. Use Miranda, GAIM or Trillian instead of MSN Messenger. Winamp or iTunes instead of Media Player, Thunderbird instead of Outlook, and definately Firefox / Opera / Netscape instead of IE.

You aren't thinking or really existing unless you're willing to risk even your own sanity in the judgment of your existence.

Green peppers, lime pickle and whole-grain mustard = best sandwich filling.


onewheeldaveGOLD Member
Carpal \'Tunnel
3,252 posts
Location: sheffield, United Kingdom


Posted:
Written by: polarity



If you press [CTRL]+[ALT]+[DEL] you get a list of programs that are running on the computer, and it's a good idea to get an idea of what should and shouldn't be running. If you do a google search on the filenames you can see if they could be spyware.





Excellent advice.

"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!


SkulduggeryGOLD Member
Pirate Pixie Crew Captain
8,428 posts
Location: Wales


Posted:
Hello everyone,

As it's my HoPpy Birthday and all I need an answer to a question.

My sisters computer has Winfixer2005 and spybot and adware aren't killing it. HELP! She is holding my birthday presents to ransom if I can't fix it biggrin

Ok so she isn't but now I said it she thinks its a good idea eek

Thank you all you people with your geeky loveliness in advance, because I know you won't let us down kiss

Feed me Chocolate!!! Feed me NOW!


Pink...?BRONZE Member
Mistress of Pink...Multicoloured
6,140 posts
Location: Over There, United Kingdom


Posted:
Have you tried spyware blaster?

Never pick up a duck in a dungeon...


SkulduggeryGOLD Member
Pirate Pixie Crew Captain
8,428 posts
Location: Wales


Posted:
yes we tried that and now we have porn pop ups as an added bonus biggrin

Feed me Chocolate!!! Feed me NOW!


{anthrax}BRONZE Member
Look I've changed my title!
209 posts
Location: England


Posted:
Delete windows... install linux biggrin

anthrax.... it infects, then spreads..... fast


SkulduggeryGOLD Member
Pirate Pixie Crew Captain
8,428 posts
Location: Wales


Posted:
Thank you so much for that helpful suggestion Anthrax but as this isn't my computer so I can't do that. Can I please have some ideas on how to get rid of Winfixer2005.

Feed me Chocolate!!! Feed me NOW!


UCOFSILVER Member
15,417 posts
Location: South Wales


Posted:
It appears that WinFixer Is a c***.



If you fancy learning stuff about computers Skully, click https://www.spywaredb.com/remove-winfixer/
and read the instructions.



Else, download this: https://www.spywaredb.com/ssf-snr-a-setup3601.exe



Or: https://www.spyware-removal-guideline.com/winfixer-removal



But really, you should click this one: https://en.wikipedia.org/wiki/WinFixer



biggrin

SkulduggeryGOLD Member
Pirate Pixie Crew Captain
8,428 posts
Location: Wales


Posted:
Thank you Jon hug

I'll work my way through those..... or make my sister ubblol

Feed me Chocolate!!! Feed me NOW!


UCOFSILVER Member
15,417 posts
Location: South Wales


Posted:
My name is no longer Jon.

It is Ruldoph Ranyerri Half-a-Thripney MacGuyver Taylor-Smith.

So there nana

SkulduggeryGOLD Member
Pirate Pixie Crew Captain
8,428 posts
Location: Wales


Posted:
OooooooooKAY! If that's what makes you happy I'll try to remember that. biggrin

Thank you Ruldoph Ranyerri Half-a-Thripney MacGuyver Taylor-Smith.

Feed me Chocolate!!! Feed me NOW!


UCOFSILVER Member
15,417 posts
Location: South Wales


Posted:
You are most welcome. smile

hug2

DaizBRONZE Member
Radioactive Member
106 posts
Location: Calgary, Alberta, Canada


Posted:
Get Norton SystemWorks, it realllyy helps.

I'm gonna cut you up so bad, you gonna wish I ain't cut you up so bad.


Page:

Similar Topics Server is too busy. Please try again later. No similar topics were found
      Show more..

HOP Newsletter

Sign up to get the latest on sales, new releases and more...