toe
Pooh-Bah
Reged: 10/09/02
Posts: 1428
Loc: MidWest USA
|
|
Talking to some of my computer friends, I'm pretty sure it's hardcore spyware/adware program. No idea how I got it. Download and update all your anti-virus software, do regular scan and lock up your computer like fort knox unless you want to experience this:
: White screen after login to EVERY web-based e-mail account you have.
Random hotlinks appearing about 5 or 6 times per sentence, whether it's in posts on a forum, stuff you're reading on a website, or even a word in the middle of a word. For (a bad) example: femailman. The word "mail" would be a hotlink, the rest of the word would be left alone.
The problem is, you don't know what's a real link or not. This is one thing that causes major problems when you go to try and download updates to your anti-virus software.
The Virus Blocks Access to Anti-Virus Software Downloads You get the What Screen again. It will let you try, it will even let you click on initiate a download, but then the progress window goes blank. Mcafee-won't come up at all. pandasoftware.com is the only site I was able to even view.
This virus is after Internet Explorer, big time!. I have had viruses and this is the absolute worst I have EVER seen. Update your security, people, because YOU CANNOT GET RID OF IT!
(Surprise, surprise. The virus didn't give me any problems whatsoever about downloading Mozilla.)
--------------------
"It's the end of the World as We Know it. . ."
-REM "and I'm seeking asylum in Canada"-toe
|
moonshade
Old Hand
Reged: 12/01/02
Posts: 458
Loc: searching for my lost shaker o...
|
|
Sounds like a browser hijacker. They r becoming very widespread, lately. There's a program called " Hijack This", u can run , and it will show all running processes.
There's a good forum where u can post this log , and the members will tell u what entries need to be deleted.
The anti-virus and anti adware prgrams are not successful in catching alot of these hijacks.
Pm me if u want links. But if u have Mozilla browser now, it's a mute point.
--------------------
*** insert profound statement here ***
|
Stardog
Member
Reged: 08/28/04
Posts: 195
Loc: Where it all Begins
|
|
My roommate got this exact thing during the July 4th weekend. He used some of the tools Moonshade recommended, including Hijack This and that webpage (eh, can't remember the name), and eventually got through it after an entire weekend fighting it by running all his anti-virus programs and Hijack This 4 or more times to catch everything.
My question is, does the new SP2 Windows update improve security against this?
|
AngelWolf13
Enthusiast
Reged: 07/07/04
Posts: 289
Loc: w/ my '91 CE-24 in SoCal....
|
|
thanks for the info, toe. good grief! what can be next????
moonshade, be prepared for a pm.
cheers, c.(angel)
--------------------
"Some mornings, it's just not worth chewing through the leather straps."
Emo Philips.
|
AngelWolf13
Enthusiast
Reged: 07/07/04
Posts: 289
Loc: w/ my '91 CE-24 in SoCal....
|
|
Quote:
Sounds like a browser hijacker. They r becoming very widespread, lately. There's a program called " Hijack This", u can run , and it will show all running processes.
There's a good forum where u can post this log , and the members will tell u what entries need to be deleted.
The anti-virus and anti adware prgrams are not successful in catching alot of these hijacks.
moonshade,
i just checked this out. i downloaded it and it pointed out all the parasites, but it will not remove them for free. got some pop-up ads from the site.
the program i use is called ad-aware 6.0 (lavasoft sweden). it gathers up all the tracking cookies and hijack attempts and everything else and is able to get rid of them. it is free for personal use. my dad told me about this and he was a systems analyst before he retired and he is the second most computer savvy person i know. he always had a computer terminal in the house, which connected by phone to the mainframe computer way back in the 70's, way before pcs. the most computer savvy person i know is my younger brother who is cto and vp of his corporation and i believe he uses this too. ad-aware got rid of the program i downloaded, but i figure it's just jealous of the competition. i'll look for a link for the download and post it as soon as i find it.
i hope that everyone who got this nasty virus is able to remedy it soon. good luck!
cheers, c.(angel)
--------------------
"Some mornings, it's just not worth chewing through the leather straps."
Emo Philips.
|
moonshade
Old Hand
Reged: 12/01/02
Posts: 458
Loc: searching for my lost shaker o...
|
|
My advice-
Download Spybot ( free- spyware and adware detection and removal) Run it. It will get rid of alot of the browser hijackers. Spybot
Run it.
Next- Download Lavasoft Adware ( free version) Lavasoft Adware
Run it.
You should have at least 2 spyware removal programs, because one will inevitably catch something the other doesn't.
Then, download "Hijack This "( browser start up programs)
It will bring up a log file of what programs r starting up when you boot up.
Hijack This
Run the program. Copy the log file in its entirety.
Now, go to this spyware forum, and start a new post, and copy your log file, from Hijack This program, and ask nicely if they will look at it, and the members will tell u if there's something funny in there that shouldn't be...
ONLY TAKE ADVICE from ADMIN, MODS, or SENIOR members !
spyware Help Forum
Good Luck !!
( Spybot Search & Destroy will block alot of spyware, adware from being installed, in addition to u being able to run it, and having it detect, and remove,
Lavasoft free version will not block, but when u run it, it will detect, and remove )
Both programs are free, and have periodic updates .
Also, Mozilla browser is not immune to hijacks, and other adwares.
Spyware Blaster is good for blocking active X based downloads.
Seems like alot of , but these 3 spyware programs are very small, and do not take up alot of space on your computer.
|
AngelWolf13
Enthusiast
Reged: 07/07/04
Posts: 289
Loc: w/ my '91 CE-24 in SoCal....
|
|
cool, thanks! you beat me to the punch. lol, i was just about to post the link too.
--------------------
"Some mornings, it's just not worth chewing through the leather straps."
Emo Philips.
|
moonshade
Old Hand
Reged: 12/01/02
Posts: 458
Loc: searching for my lost shaker o...
|
|
StarDog- I don't know about Service Pack 2 protecting aginst any of these browser hijacks.
I have heard that it is very buggy, and personally, would wait a bit to download it, until Microsoft gets it right.
Even then, please don't ever count on the updates from Microsoft protecting u against spyware, adware, trojans, etc.
U need to use third party utilities .
--------------------
*** insert profound statement here ***
|
JoannefromPa
Member
Reged: 12/03/03
Posts: 127
|
|
My boyfriends business is computers and just in his opinion which I highly respect, SPYBLASTER is a very good download that all should have on there PC'S . He highly recommends this program it catches the problems before they can do any damage. I believe there is a link right above me here in these posts to check it out if not give me a yell and I'll post the link.
Hope everyone has a great pain free, mentally relaxed Holiday!! Jo
|
JoannefromPa
Member
Reged: 12/03/03
Posts: 127
|
|
Oh yes and the cool thing after reading all the posts here...I also ran Ad-aware for a long time and continue to run it. But before I added the Spyblaster program ,which runs in the background and uses very little memory and system resources, I used to get about 8-12 "new objects" after running a Ad-aware scan of my C: drive . Now with Spyblaster running I only get maybe 1 or 2 at the most of any what Ad-aware calls "new objects" to delete proving how good Spyblaster really works. And always remember with Ad-aware to clickon the "check for updates" button before running a scan to keep you up to date with there latest protection files. You will be happy with these two programs 
Joanne
|
kt68
Newbie
Reged: 07/21/04
Posts: 40
Loc: NC
|
|
Just a question... I downloaded (a long time ago) a program called SpyHunter. It actually added spyware and now some of it can't be deleted!!! So, will these program do that (add unwanted stuff)? I have Norton anti-virus and personal firewall, but they can't get rid of them either, no more have been added, but these are relentless. So, any help would be appreciated!!
--------------------
TTFN' Kim
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Once I Stopped to think... Sad part is I never started back!!!
|
dman22
Enthusiast
Reged: 05/01/04
Posts: 273
Loc: Everywhere
|
|
http://www.mozilla.org
No more problems with spy/malware - for now.
|
bhamdave
Threadhead
Reged: 01/11/02
Posts: 957
Loc: U.S.A.
|
|
Also you might want to try this one, works very well.
Spy Sweeper
http://www.webattack.com/features/spysweeper-803-440400.php
--------------------
AIDS
It's not YOUR problem (I hope that)
It's not MY problem (I know that)
But it is still OUR problem and WE know that!
|
toe
Pooh-Bah
Reged: 10/09/02
Posts: 1428
Loc: MidWest USA
|
|
Well, as I think I mentioned, I'm reporting her from Firefox now. 
However, I do have Adaware and Spyware Blaster on my computer ( for a couple of years already, actually). Zone Alarm I added a couple of months ago. SpyAssasin and Ad-Aware 6 I downloaded today. . . along with removing IE from my system.
One site that was suggested to me was www.pandasoftware.com , where there is a freescan that most of these anti Microsoft bugs forget to block. Unofruntaely, I don't think the scan itself is up to date, but there is are some program that you can do one-time trials offers on. It also won't prevent you from installing another browser, thank god. Just don't go to the microsoft site and attempt to d/l anything. You can't.
Mccaffee, of course, won't show up at all.
As a matter of fact, I need to go to mcaffee and squeeze whatever I can out of it, now that I've got Mozilla. . I may have deleted IE, but that surely doesn't mean the bug isn't waiting in th wings somewhere to to attack. . .whatever.
Worse still is that my IP (SBC DSL) keeps booting me at the mosst most innopportune times.
--------------------
"It's the end of the World as We Know it. . ."
-REM "and I'm seeking asylum in Canada"-toe
|
Therion
Member
Reged: 06/14/04
Posts: 147
|
|
I finally bought a Macintosh. WOW! No crashes. No virus problems. No eternal dealing with patches and updates. The system is based on UNIX. How refreshing!
Bye bye PCs. Forever!
|
kikigrll
Newbie
Reged: 08/27/04
Posts: 36
|
|
Hi and greetings to all. I'm new to DB but an old user of previous pharmacy-boards. I have recently developed re-occurances of my chronic neck and shoulder pain conditions due to several serious accidents involving a broken neck along with less serious injuries.
I look forward to a positive experience, with the kind help of the members, to help me obtain my much needed Medications
I have been out of the 'loop' for quite sometime.
For USA users of spyware programs, lavasoftusa.com found and removed the intrusions that other anti-spyware was unable to find, locate or remove.
As for anti-virus, go straight to symantec.com (Norton) and run their detection program straight from their site. It uses the most current anti-virus detection program available, regardless of which version (old or new) installed on your HD. Be sure to disable system restore on your computer since the virus scan is unable to scan the system-restore files, which is where most of the virus and spyware plant themselves into.
Hope this helps!
Take care,
KIKI
|
cosmo123
Stranger
Reged: 08/16/04
Posts: 1
Loc: York County, PA
|
|
Dear JoannefromPa,
Sounds like you are on the right track, especially since your boyfriend is assisting you. These adware and spyware programs are getting ridicules. My Son is a computer technician and keeps my PC updated against such intrusions, not to mention pop ups and virus infection. We are currently running Norton anti virus protection, Spybot and Ad-Aware. Make sure you have a firewall either at your computer or IP server. We still run these utilities on a regular bases to catch intrusions, But the hackers always trying to stay one step ahead. What a waste of time and a royal pain in the a$$. Hope this helps.
Your friend, Steve
|
dman22
Enthusiast
Reged: 05/01/04
Posts: 273
Loc: Everywhere
|
|
Hehe. I always liked the Mac's OS error when it says "It's not my fault!" - Lol. Also, SuSE Linux Pro is pretty sweet as well. It installs flawlessly and I love it. 
|
dman22
Enthusiast
Reged: 05/01/04
Posts: 273
Loc: Everywhere
|
|
You can always take a look at Linux. The only reason Microsoft has so many problems is because they hold the monopoly on operating systems. It's easy to target because so many people use it, same goes for IE.
Peace
D-
|
toe
Pooh-Bah
Reged: 10/09/02
Posts: 1428
Loc: MidWest USA
|
|
Not that I ever turn my computer off, but if I do there is one way to get around this. As soon as it boots up, you do the ctrl+alt+delete thingg and there will be a program running, which I think is called "ss". My dad was just in town, reying to beat some sense into my computer, and he discovered this. He could find no way to remove the virus from my computer, which is really something to say about a man who recently retired from a government agency hlding (as one of his positions) the "computer go-to guy".
Obviously, I can't utilize any of the more common sites from Firefox. Microshait prohibits it, tho a couple of places allows Navigator access. Even if I were to reinstall IE ( a second time) I'm wary to do so. It would require rebooting my computer. I might not be able to shut down the worm. As I've already mentioned, the virus blocks access to almost every free anti-virus site out there.
I can't emphasize the title of my post enough- Don't catch it. It's been a week now. I've given up.
I have a 3 yr. old (toddler) PC that I hope to get online within the next week, and this tapeworm can go ahead and eat itself alive inside the 4-year-old (preschool) laptop I'm using now. Without a CD-ROM drive, that's the only thing I can do. (My A drive and D drive used to switch in and out, until the switch broke).
Please send your good karma towards the computer that I hope to be coming to you from in the near future.
BTW, I think this virus is called "bagel"-something.
--------------------
"It's the end of the World as We Know it. . ."
-REM "and I'm seeking asylum in Canada"-toe
|
kt68
Newbie
Reged: 07/21/04
Posts: 40
Loc: NC
|
|
Just had to re-do my whole system.... got the "Backdoor" virus!! It's a type of trogan. I even have ALL the Norton stuff (firewall and virus protection) ARGHHHHHH!!!! So, watch out, it came through AIM (instant messenger) My kids have to have it ( or so they think ) But anyway - if you get it; it is a hard thing to get rid of.... so keep your stuff updated. Good luck to all!!!
BTW.... doesn't seem to affect..Macintosh!!!
--------------------
TTFN' Kim
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Once I Stopped to think... Sad part is I never started back!!!
|
moonshade
Old Hand
Reged: 12/01/02
Posts: 458
Loc: searching for my lost shaker o...
|
|
I think the Bagel/Beagle worms are mass mailing worms.( not adware/spyware) U may have opened an email, and an attachment , to get it. They also get in through an open port.
There are quite a few variations of this worm.
U will prob have to find out exactly what bagle worm version it is, if your dad can tell you. Then find a site that instructs how to manually go in and fix it yourself, step by step.
( since it's disconnecting u from internet, and blocking your anti-virus access)
Also, if this is the virus/worm u have, keep in mind your computer may be mailing out people in your address book, and possibly infecting them, if they open attachments.
Might want to warn your email buddies about this possibility.
I am generalizing here, because I do not know what exactly is infecting your computer. i do know that the bagel/beagle viruses that constantly disconnect from internet, require manually entering instructions. Because u can't stay connected long enough to download any patches sometimes.
Or in your case, u can't even access the anti-virus programs.
If your dad knows the exact version of the worm, list it here, and we can try to help and find a patch for it.
Sorry, that's the only advice I can give at this time, without knowing exactly what is infecting your computer. And I'm strictly posting this from memory, when we had one of these many variations infect one of our work computers. Thankfully, it wasn't connected to the the other workstations.
----------------------
On another note-Back to the spyware problems- The increasing amount of spyware/adware is getting ridiculous. I downloaded yet another program, and it found more adware on my computer. ( I have 3 adware programs already installed--this makes 4 )
This program wouldn't remove it though, unless I bought the paid version. I spent 1/2 hour manually removing all the entries from my registry.
If anyone has ever spent any time just looking at your registry, it's like deciphering hieroglyphics with some of the entries. Sheesh.........
--------------------
*** insert profound statement here ***
|
toe
Pooh-Bah
Reged: 10/09/02
Posts: 1428
Loc: MidWest USA
|
|
(BEFORE YOU DO ANY OF THIS DOWN LOAD AND INSTALL ANOTHOR BROWSER THE EASIEST ONE WILL PROB. BE FIRFOX, FOUND AT www.MOZILLA.ORG OR LOOK FOR FREEDOWNLOADS OF THE POPULAR NETSCAPE NAVIGATOR)
Go to the the start menu , then "search" (I think it may have
been "find" on older models") .
Obviously choose "files and folders" and the bug is (ready?)
A PROGRAM!!!!!!!
(you saw that coming) called sp.exe So just search all files and folders on C: for sp.exe
Mine came up with three, one with just the program itself,
then a copy insode some temporary internet pathway that ends in a goofy name, like Sethbert, ans a third one in the same goofy folder. He told me to delete 'em all, and it's all be sweet since than.
Pretty simple
START-->SEARCH-->For files or folders-->
You'll get a new box with a bunch of options, unless this is the first imte you've used the search featrue, in which case it will walk around a bit and strut, flexing it's muscles like it's "preparing for first-time use" (yeah, right, we've all heard that one.)
Once it loads, you'll have some-what are they-frame thingies?-down the left, asking what you want to search for? In WindowsXP, it's the 3rd option from the top: "All files and folders. " Don't let them talk you out of of anything.
Shortly therafter, you are going to get a box to pop up asking what you wish to search for. Well, if you think you have what I had-if you've done ctrl+alt+delete and seen it's beady little eyes yourself, you search for sp.exe (don't use any asterisks-it will come up with exactly the stuff that's messing your puter. Delete it. Reassure your computer that, yes, you're sure you want to delete the adware and spyware from your computer. Empty your recycle bin.
When Aliens Attacks, the Apocalypse, or the Fuzz, Man: Call your local clergyman and tell him to mee tyou at you place , out place, and fast. It's an emergency. RUn upstairs and grab your computer- not the monitor, dork, just the motherbord and such, and bring it out back, where the others should already be standing around a 4'x3'x2' pit they've dug.
It was too late . It was more than sp.exe. The crabbriest looks at you and hands you some sort of bludgeoning instrument, surely made of lead, for while you removed sp.exe from you computer tonight, Bob's Big Boy just threw down his giant hamburger (death toll not yet in) and stumbled over to Old Navy, demanding a change of shirt as "he claimed he knew #### well we sell outsize slothing ana -REEEEEEPPPPPPP!
I'm just kidding. Stufflike this only happens at the end b/c if we remembered all the the real warty frogs we'd kissed, the human face would die out.. That was just a silly story. We knoe EXACTLY how to get rid of the meanie. We knows it all always have, instinctively, we've just hesitantly to apply that to I put him in my recycle been a mail order SECOND TIME. THROW OUT THE TRASH. AND TURN IT ALL OFF ANd RESTART.
--------------------
"It's the end of the World as We Know it. . ."
-REM "and I'm seeking asylum in Canada"-toe
|
radiometer
Enthusiast
Reged: 12/09/03
Posts: 209
Loc: California
|
|
/me looks lovingly at my Mac and leaves thread...
|
moonshade
Old Hand
Reged: 12/01/02
Posts: 458
Loc: searching for my lost shaker o...
|
|
hahahaha-- I bet !
--------------------
*** insert profound statement here ***
|
michie
Stranger
Reged: 07/30/04
Posts: 21
|
|
HELLO Toe and ALL...Sorry for your pain. You have been alot of help to me, and I would like to ask a question, but first my saga... I have a new pc (July 2004) and I am a new user of computers as well! I had Norton and my PC got super "infected" right away. It did whatever it wanted to do...Shutting down, losing power, 1000's of pop-ups everywhere, an inability to turn off websites that just volunteered without me acessing them, questional email weirdos, etc; etc.
(I don't know the correct PC lingo yet...so stop LOL! And yes; I have been living under a rock for the last 100 years!)
Anyway...I am just learning to drive this machine, and since I am 'self taught' (LOL again) and have no idea what a search engine, browser, firewall, cookie, eclair, or anything else is; I consulted 'my new best buddies' at 'India On Line'... opp's, I mean AOL! They (AOL), advised me to get rid of Norton and install McAfee. Finally, after hours on the phone, AOL told me exactly what to do and I did it. Now, it seems that when I changed from Norton to McAfee I lost my windows messenger and can not re-sign-in no matter what I do. After hundreds of calls to Aol helpline I still cannot get my Windows XP signed in, and now the tech's actually hang-up on me as soon as they recognize my voice. (I fear I have become the ugly American). My pc is under warrantee but the conputer company says' the problem is with MicroSoft; and MicroSoft blames the pc company (because they factory-installed the WindowsXP), and, of course AOL blames both of them! No one will help me! The only way I am online tonight is by using an "administrative code" that AOL gave me to use "just one time" to see if my pc would work if I was able to (somehow?) get a new Windows XP Messenger installed. I tried the code and I am finally (temporarily) back on line after being stranded in PC Hell for weeks! Tonight I am happily & illegally using the code with abandon! The only good thing that has come out of all this is that McAfee discovered 8 viruses & 6 Spys!
So...Finally, HERE IS MY QUESTION: Do you think that we are being infected through the OP's or that DB might be unknowingly passing on these Spys or viruses??? Thank You for your time...and if any DB member has a solution and/or some advice for my situation I will be forever greatful if you would PM me...That is if you can do that on this side of the board? I am on VIP/DB board so maybe there???
Again...Thanks ... and may you all be Bug, Germ, Worm, Maggot,and SPY Free!!! Sincerely...Mic
|
dsmmcm
Board Addict
Reged: 11/08/03
Posts: 381
Loc: southwest US
|
|
There are many known sites that spin out spyware, and some of it can be vicious. Music distribution sites are notorious for this. I had a PC at work infected with exactly what you probably have. Even though I am very knowledgeable with PC's, I couldn't get rid of it, so I called in the pro's: IT support. They couldn't get rid of it either, so they reloaded windows. Many of these viruses are so sophisticated and complicated that they are very hard to get rid of. You might consider calling a local computer repair company and have them reload windows. Then, in addition to a virus protection program, run spybot and or Ad Aware regularly. And make sure you get your virus protection program to update it's definitions daily. Also, NEVER click on an attachment that is from an unknown source.
D.
|
Previous
Index
Next
Threaded
Edit 
Reply 
Quote 
