Spyware 201

Harry Hooper · Sep 16, 2009

QUOTE (Blacken @ Sep 16 2009, 05:02 PM) index.php?act=findpost&pid=2571086
First post updated with some crap. Anything I missed?

Good stuff, just a few thoughts:

1) CCleaner has been a very useful tool for me in several instances. However, it's probably near the HijackThis zone of being too dangerous for most folks here to try to use.

2) A 3-user license for Kaspersky Internet Security (anti-virus & anti-malware) can be had for under $30. I think that's cheap.

3) Agree with the advice to not reboot a suspect PC until getting some help. However, I would recommend disconnecting the PC from the internet ASAP.

Alcohol&Overcalls · Sep 16, 2009

I've dealt with a couple of infections lately, for myself and others - some thoughts:

-HijackThis! is incredible (as is ComboFix), but yeah, definitely not something to run on your own. A link to bleepingcomputer's forums might be useful - they're great when you have a little bit of time and patience to deal with the problem, and/or you're not willing to reformat (and you're willing to put up with the awkwardly douchey 'help desk' format).

-Kaspersky's online scanner is insanely useful, barring malware redirects (there are some ugly impostor sites, too) - here's a link to it.

-One of the surest early signs of infection (often Vundo, in my experience) is that Malwarebytes/SpyBot won't update - we had a woman go about 3 months just thinking the MBAM site was 'down' before realizing she had a pretty gross infection.

-If you're a moderate-end user who doesn't mind a little extra work while browsing, NoScript's FF plugin has been great for me. Pretty intuitive interface, and combined with AdBlock, it's made my life way easier (and likely markedly safer).

FelixMantilla · Sep 16, 2009

QUOTE (Harry Hooper @ Sep 16 2009, 05:40 PM) index.php?act=findpost&pid=2571122
2) A 3-user license for Kaspersky Internet Security (anti-virus & anti-malware) can be had for under $30. I think that's cheap.
Lots of deals on ebay for Kapersky Internet Security. I have always bought my Trend Micro on ebay too.

Harry Hooper · Sep 17, 2009

QUOTE (Blacken @ Sep 16 2009, 06:10 PM) index.php?act=findpost&pid=2571161
Does it have other functionality besides its much-vaunted rape-your-registry feature? If so, it might be something to consider.

I wrestled with this one a bit, but a lot of folks don't have a second PC to get help from, so I omitted it.

Rape your registry is what it's all about. Anyone who can't backup and restore a registry shouldn't go near CCleaner. I haven't used it in over a year, however. I think I was using it to blast a Vundo fragment last time.

I see your point about folks not having a second PC, so leave it as is.

ctsoxfan5 · Sep 19, 2009

My wife's computer (5 year old Dell laptop) is running very slowly. I put Avast on her computer about a year ago and it's not finding any viruses. Based on quickly reading this thread, I downloaded Malwarebytes onto her laptop today and ran that - it found no problems.

Any other suggestions? I don't have enough computer knowledge to get into HijackThis/CC Cleaner, etc.

Harry Hooper · Sep 20, 2009

QUOTE (ctsoxfan5 @ Sep 19 2009, 04:51 PM) index.php?act=findpost&pid=2576871
My wife's computer (5 year old Dell laptop) is running very slowly. I put Avast on her computer about a year ago and it's not finding any viruses. Based on quickly reading this thread, I downloaded Malwarebytes onto her laptop today and ran that - it found no problems.

Any other suggestions? I don't have enough computer knowledge to get into HijackThis/CC Cleaner, etc.

This PC is running XP? How much empty hard drive space do you have? Go to Control Panel --> Administrative Tools --> Computer Management --> Disk Management. Most likely you have a single C: partition, so check the %free column which shows you how much unused space on C:. If your disk is close to full, it can drag down performance.

Next, you can do a disk defragmentation (option right above "Disk Management" in the left-side window of "Computer Management".

The Defrag won't hurt and might help, but most likely after five years of use, it's time to do a fresh install of XP.

ctsoxfan5 · Sep 23, 2009

QUOTE (Harry Hooper @ Sep 20 2009, 08:37 PM) index.php?act=findpost&pid=2580582
This PC is running XP? How much empty hard drive space do you have? Go to Control Panel --> Administrative Tools --> Computer Management --> Disk Management. Most likely you have a single C: partition, so check the %free column which shows you how much unused space on C:. If your disk is close to full, it can drag down performance.

Next, you can do a disk defragmentation (option right above "Disk Management" in the left-side window of "Computer Management".

The Defrag won't hurt and might help, but most likely after five years of use, it's time to do a fresh install of XP.

Thanks for the help and suggestions.

Blacken - it's slow compared to how it ran 6 months ago.

HH - The % free is 84% (about 2 years ago, the hard drive died, and I had it replaced with one that was probably larger than what initially came with it).

Coincidentally, on my laptop (which is running fine despite also being 5 years old), the adapter just died. Seems like rather than buying a new adapter for $50-$100, it may just be time for a new laptop. At least we'll have one new one. Long story short, I'll be posting in this forum asking for advice on what to buy.

Grunherz54 · Oct 18, 2009

I just made the switch to Microsoft Security Essentials and I like it so far. Uninstalled AVG. I do still have Spybot and Malwarebytes in reserve.

A question about firewalls - Are their any compelling reasons why I should use a free firewall like Comodo or is the firewall that comes with Windows SP3 sufficient? I use a desktop at home connected via ethernet cable.

PaulinMyrBch · Oct 21, 2009

Got a small problem. Got one of those fake security pop up infections, so I attempted to run a scan from a thumbdrive, when that wouldn't work I shut it down and was going to restart.

I unplugged the thumb drive between the shutdown and restart and now Windows won't reboot, it hangs on the Mup.sys file on the startup. I've googled the mup.sys problem and why the boot hangs and it looks like I need to reinstall XP.

Can't find the discs that came with the purchase. Any advice.

El Tiante · Oct 21, 2009

mr guido · Oct 24, 2009

Interesting... what are the odds that I would get my first-ever malware infection ("Anti Virus Pro") just the day after Microsoft released their new flagship OS? Hmmmmmmmmmmmmmmm.

Dalton Jones · Oct 24, 2009

I'm in deep shit. I think, I know, I fell for one of those fake security pop-ups, and now I can't get Mozilla or IE to open up. I think my computer is filled with viruses -- I let Norton expire, then renewed the other day after about a month of no protection, and I couldn't even download it completely. Then I did, but this new fake security thing came along and I clicked ok when I should have just closed the thing. Now I'm fucked. And I know next to nothing about computers. I googled Geeks and they cost something like $150 for the first hour and $25.00 every fifteen minutes after. Is there someplace I can take it cheaper? Is there any other solution? And even if I think I've got all the porn off my hard drive, anybody with half a brain will be able to find it, right? I live in the Boston area? Any place I can schlep it to that'll be cheaper than the Geeks?

mr guido · Oct 25, 2009

Sounds like you have the same thing that I had. "Anti Virus Pro"? All those notifications you're getting are fake & only intended to scare you into paying for their "product". The malwarebytes software mentioned above actually did a great job of cleaning it off my computer... at first it seemed like there had been some permanent damage done to the OS, but now it appears that I managed to actually get everything fixed. So before you take your machine anywhere, try this link that was posted above: http://www.bleepingcomputer.com/forums/lof...hp/t249005.html

Dalton Jones · Oct 25, 2009

thanks, guido. i'll give it a shot.

Dalton Jones · Oct 25, 2009

thanks, guido. i'll give it a shot.

mr_smith02 · Oct 27, 2009

My Lenovo laptop has started to go to www.m.yahoo.com everytime I try to go to Yahoo. I ran Avast which found 23 infected files, sent those to the Chest, deleted them from the chest, re-booted and the same thing happened when I tried to get to Yahoo. I have a second laptop and opened Yahoo on it and the www.yahoo.com site looks different than the www.m.yahoo.com site.

What's going on? Any advice?

loshjott · Oct 27, 2009

QUOTE (Dalton Jones @ Oct 24 2009, 10:48 PM) index.php?act=findpost&pid=2646445
I'm in deep shit. I think, I know, I fell for one of those fake security pop-ups, and now I can't get Mozilla or IE to open up. I think my computer is filled with viruses -- I let Norton expire, then renewed the other day after about a month of no protection, and I couldn't even download it completely. Then I did, but this new fake security thing came along and I clicked ok when I should have just closed the thing. Now I'm fucked. And I know next to nothing about computers. I googled Geeks and they cost something like $150 for the first hour and $25.00 every fifteen minutes after. Is there someplace I can take it cheaper? Is there any other solution? And even if I think I've got all the porn off my hard drive, anybody with half a brain will be able to find it, right? I live in the Boston area? Any place I can schlep it to that'll be cheaper than the Geeks?

The Avast boot-time scan has worked wonders for me the few times I've had major problems like you are describing. If you have Avast, or if your machine is functional enough to download and install it, run the boot-time scan. Or try booting up in safe mode and opening Firefox that way. You may be able to download and install Avast in safe mode, then run the boot-time scan and reboot in regular mode.

SoxScout · Oct 27, 2009

QUOTE
My Lenovo laptop has started to go to www.m.yahoo.com everytime I try to go to Yahoo. I ran Avast which found 23 infected files, sent those to the Chest, deleted them from the chest, re-booted and the same thing happened when I tried to get to Yahoo. I have a second laptop and opened Yahoo on it and the www.yahoo.com site looks different than the www.m.yahoo.com site.
It sounds like something switched the settings to the mobile yahoo site made for phones... I think deleting cookies and history is the place to start.

I use http://www.ccleaner.com/

pedros hairstylist · Oct 27, 2009

Really dumb question: I can't remember why, but I have Zone Alarm (the free one) on my computer. I also have Avast, so can I get rid of ZA?

I dumped AVG and Malware today when I loaded up Avast...am hoping this helps the drag my computer is experiencing...it's like a 2-4 second delay on everything.

Bucknahs Bum Ankle · Oct 28, 2009

Get rid of ZA and use Window Firewall (turn it on in the control panel). ZA is known to cause all sorts of problems.

Foulkey Reese · Oct 28, 2009

QUOTE (pedros hairstylist @ Oct 27 2009, 02:52 PM) index.php?act=findpost&pid=2651336
Really dumb question: I can't remember why, but I have Zone Alarm (the free one) on my computer. I also have Avast, so can I get rid of ZA?

I dumped AVG and Malware today when I loaded up Avast...am hoping this helps the drag my computer is experiencing...it's like a 2-4 second delay on everything.

You should also download and run CC cleaner.

I would get Malwarebytes back too and run it once a week or so. It's not real time protection like Avast, but it will do a better job of zapping anything that sneaks through. It's worth having.

TomRicardo · Oct 29, 2009

QUOTE (mr_smith02 @ Oct 27 2009, 01:45 PM) index.php?act=findpost&pid=2651238
My Lenovo laptop has started to go to www.m.yahoo.com everytime I try to go to Yahoo. I ran Avast which found 23 infected files, sent those to the Chest, deleted them from the chest, re-booted and the same thing happened when I tried to get to Yahoo. I have a second laptop and opened Yahoo on it and the www.yahoo.com site looks different than the www.m.yahoo.com site.

What's going on? Any advice?

www.m.yahoo.com is not the mobile page but instead the new front page it is testing. There is nothing wrong with going to the page.

Remain calm all is well. You can always click on ABOUT YAHOO at the bottom of the page and select Go Back to Classic Yahoo to avoid this.

behindthepen · Nov 1, 2009

is it possible that my yahoo mail account was compromised via skype? I think one of my kids may have clicked on some skype spam, and then suddenly I can't get into my yahoo mail account, and it acts like the password changed. AFter a password reset, I see that someone has charged stuff on a skype account

Infield Infidel · Nov 7, 2009

I've been getting weird re-directs when I use Google. I'll enter a search, and get a normal list of results. When I click on a benign result, like wikipedia or a university website, it goes to some bogus search engine. They always have the same format. I'm thinking I may have clicked on some malware or something

I've run malwarebites, avast, windows defender, and none of them get rid of it. I've also cleared cookies and tried a system restore, no dice. Sometimes the re-directs repeat, so I have some of them blocked with WOT, which shoots me to the intended page, but it only works with the re-directs that repeat. There's always new ones.

Any help would be greatly appreciated

wibi · Nov 11, 2009

Sounds like the javascript issue I picked up from an Adobe file a few months back.

Does the redirect issue happen on Yahoo and Ask ?

glennhoffmania · Nov 20, 2009

I'll try posting this here also. If your virus scan tells you that you have a trojan but it's quarantined, should you leave it alone or delete it?

Barbara · Nov 21, 2009

Blacken - would you update your original post? Is Avast! still the way to go? Now that I have some time between 7 & 10PM every night, need to do some computer cleaning.

Thanks.

octoberaroma · Nov 24, 2009

I've been using Mozilla Firefox as my web browzer for over 2 years and have never had a problem till now.
It won't even open. Has anyone had the same experience? I've checked the settings to make sure Mozilla was
my preference but still can't open it. Any advice is appreciated.

glennhoffmania · Nov 26, 2009

Can anyone suggest what anti-spyware to use to get rid of a quarantined trojan?

ReggieSmith · Dec 5, 2009

I've used this site to analyze HijackThis scans

hjt.networktechs.com

you cut/paste your scan output to this site and they analyze it and make recommendations. Maybe someone else can comment on the quality of the analysis, but I've used it without any problems.

ReggieSmith · Dec 5, 2009

QUOTE (octoberaroma @ Nov 24 2009, 01:33 PM) index.php?act=findpost&pid=2698671
I've been using Mozilla Firefox as my web browzer for over 2 years and have never had a problem till now.
It won't even open. Has anyone had the same experience? I've checked the settings to make sure Mozilla was
my preference but still can't open it. Any advice is appreciated.

there is one plugin that all firefox users should have (IMOP) and that is FEBE. FEBE allows you to back-up your profile so that if at some point your pc shits the bed or you're having problems with your firefox profile, you can get back to a previous backed-up version. Check out the comments by others at the above link. Because you can save profiles, you can take the contents of your work profile and open it up at home (all your bookmarks and saved passwords included) or at work open your home profile.

Barbara · Dec 21, 2009

Getting a new desktop so no old crap to worry about. Which commerical security software should I get? What about Spybot, Adaware and all those freebies as a backup? I have only been somewhat as careful as I should be in the past.

Talon · Dec 24, 2009

Hey it looks like my roommates computer got messed up last night (I can't control+alt+delete, had my background hijacked, get the odd popup and explorer.exe crashes from time to time). Downloaded SuperAntiSpyware at recommendation of a couple and ran it in safe mode, got rid of a ton of stuff but the above stuff still happens. The popups say something about viruses and to download something. I know there is no actual virus on the computer, rather it's just pesky malware/spyware that won't go the fuck away.

I am running Malwarebytes right now and I did a CC. Also ran HijackThis and have a log if anybody wants to look at it.

Saints Rest · Jan 1, 2010

SOunds similar to what my wife's laptop is currently experiencing. She is running Vista. And when she had Gmail and ADobe open, the machine bogs down to glacial speeds (I mean, she can barely move the mouse); Ctrl/Alt/Del won't do anything; and she gets some weird window about her logon (sic) failing.

Any thoughts?

ctsoxfan5 · Jan 3, 2010

I have a new laptop, and am trying to determine what programs I should download to protect it. On my old laptop, I used Avast and Malwarebytes' Anti-Malware. The new laptop came with a free trial of McAfee, which I didn't want, but will use as long as it's free. Any suggestions as to what else I need? What are the best current options? Do you guys still recommend Malwarebytes? Thanks.

Saints Rest · Jan 4, 2010

We ran MalWAreBytes on my wife's laptop. It found and got rid of one infection.

Then we installed and ran MS Security Essentials with no problems.

The weird freezing issue continues. It seems like it happens while she is composing emails in GMail. Any thoughts?

Chemistry Schmemistry · Jan 6, 2010

Quick question.

I bought a desktop this summer from Dell. It came with McAfee Security Center installed. Only it's a special version with a Dell branding.

Initially, I set it to download updates automatically. However, the fucker occasionally (maybe once a month) downloads something that requires a reboot. And as I'm on my computer a lot, and sometimes can't take the time to reboot, this is a problem. When it wants to reboot, it pops up a box about once an hour reminding you.

So I turned off automatic updates. Now, every five days, it gets into a state where it pops up two types of boxes - one every two hours that disappears after ten seconds (annoying) and one that pops up every six hours that goes on top of the z-order and won't go away on its own (very annoying).

Then, once every week or so, it pops up an ad telling me to call Dell and renew my subscription, which expires next summer. This occurs whether I'm updated or not.

So, fuck Dell, I want to uninstall this McAfee crap (who knows how annoying it will get when it's expired).

What's the latest recommended security software? I used to use ZoneAlarm. Never have had a virus, but I'm pretty careful (I don't download warez or use bittorrent, never click email with attachments, the old basics). Is the firewall in Vista enough on its own?

kneemoe · Jan 7, 2010

QUOTE (Chemistry Schmemistry @ Jan 6 2010, 11:29 PM) index.php?act=findpost&pid=2757485
Quick question.

I bought a desktop this summer from Dell. It came with McAfee Security Center installed. Only it's a special version with a Dell branding.

Initially, I set it to download updates automatically. However, the fucker occasionally (maybe once a month) downloads something that requires a reboot. And as I'm on my computer a lot, and sometimes can't take the time to reboot, this is a problem. When it wants to reboot, it pops up a box about once an hour reminding you.

So I turned off automatic updates. Now, every five days, it gets into a state where it pops up two types of boxes - one every two hours that disappears after ten seconds (annoying) and one that pops up every six hours that goes on top of the z-order and won't go away on its own (very annoying).

Then, once every week or so, it pops up an ad telling me to call Dell and renew my subscription, which expires next summer. This occurs whether I'm updated or not.

So, fuck Dell, I want to uninstall this McAfee crap (who knows how annoying it will get when it's expired).

What's the latest recommended security software? I used to use ZoneAlarm. Never have had a virus, but I'm pretty careful (I don't download warez or use bittorrent, never click email with attachments, the old basics). Is the firewall in Vista enough on its own?

No, the built -in firewall isn't enough generally speaking. You seem like the cautious type, given your practices, but I would still suggest installing AVG9 or MSFT security essentials to have some real-time protection.
Firewalls will block ports and make sure certain apps can access the net, but most virii these days come directly through your web browsing - and you've already OK'd your browser for port 80 so it won't be much help there.

Chemistry Schmemistry · Jan 8, 2010

QUOTE (kneemoe @ Jan 7 2010, 07:24 AM) index.php?act=findpost&pid=2757643
No, the built -in firewall isn't enough generally speaking. You seem like the cautious type, given your practices, but I would still suggest installing AVG9 or MSFT security essentials to have some real-time protection.
Firewalls will block ports and make sure certain apps can access the net, but most virii these days come directly through your web browsing - and you've already OK'd your browser for port 80 so it won't be much help there.

Thanks for the advice. Why isn't MS Security Essentials part of the operating system, like the firewall? I like the idea of sticking entirely with Microsoft here, as it lets me run updates when I want to run them without annoying me constantly.

loshjott · Jan 8, 2010

I have a weird thing going on that may be Spyware or Virus related. The only way I can get my XP machine to boot up is in VGA mode (or safe mode). If I try to boot normally, the monitor goes dark midway through the process. VGA mode seems to be identical to normal except the screen resolution; I can't get anything higher than 1024 x 768. I've run SpyBot, Malaware, Avast (including boot scan). I tried re-installing the monitor drivers. Nothing works.

Any ideas?

rbeaud · Jan 9, 2010

Great thread, we just bought the HP bundle from Best Buy so I'm updated our new bevy of computers. Heck even the vintage machine so the youngest can run it and I won't worry about whether it dies or not. A few questions that I hope are inline with the thread.

1 - I was on a roll and downloaded both Malawarebytes and Defender; is that counterproductive?
2 - We have three kids under 11. Each machine has a password protected admin account and Parental Controls are enabled (to the best of my understanding). Anything else I should do to keep them safe (free, buy)?
3 - Already broke one rule, the bundle did not come with disks. If I understand correctly, each machine has a D drive for recovery purposes though that doesn't seem to be what is advocated in this thread. What is the recommendation? All but the netbook have burners, is imaging (not that I'm clear on that one) an option?
4 - Once Mozilla is installed, I've seen recommendations to set the proxy server to 0.0.0.0 so that IE cannot communicate w/ the internet?

Spyware 201

Well-Known Member

Member

Robespierre in a Cape

reincarnated mr hate

Well-Known Member

Robespierre in a Cape

Member

Robespierre in a Cape

Well-Known Member

Member

Robespierre in a Cape

Well-Known Member

Don't touch his dog food

Member

Robespierre in a Cape

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Member

Member

Well-Known Member

Allison?

Member

foulkiavelli

rusty cohlebone

Well-Known Member

teaching korea american

Robespierre in a Cape

Member

meat puppet

Member

Member

meat puppet

Well-Known Member

Well-Known Member

Robespierre in a Cape

Member

Robespierre in a Cape

sosh's adolfo gonzalez

Well-Known Member

Member

Well-Known Member

has been programmed to get funky/cry human tears

Member

has been programmed to get funky/cry human tears

Member

Member

Robespierre in a Cape