So I go to my sister's house Tuesday afternoon to update her anti-spyware. She has a Dell Dimension.
I download the newest version of Adaware, the SE Personal thing, and commence running it on the system.
Just under 600 (thats SIX HUNDRED) hits later...I check what she had on the computer. Everything from Bonzi Buddy crap to other Malware Adaware listed as "10-High" rated problems.
One nice little bug redirected your browser every time you hit a 404 Error. Nice. Lots of others just embedded themselves in the Windows files and downloaded OTHER programs...
So I get rid of all but 3 of them (the program can do only so much) and run an updated Spybot, which nails five more, including something from something called hacker.ae or something like that. WONderful. Now to reboot the system.
The computer turns on, goes to the Welcome screen. I click on a user icon, and it loads the settings, saves the settings and goes back to the Welcome screen. The second user icon does the same. It won't let us get to the desktop.
A FIVE hour call to Dell later, and the discovery that one of my sister's two CD-ROM drives was malfunctioning (a manufacturer error that causes it to read a disk too fast - causing another hour delay) all she had left was a re-installed Windows XP and a single Trash can icon on the screen.
She hadn't run spyware for several months and never updated her anti-virus.
My ex-roommate's new roommates (he traded me in for two VERY attractive girls) down in Virginia didn't set up their computers until I came down to visit, they were so infected with spyware and other junk. It took AdAware, CWShredder, Spybot, and a whole bunch of "Add/Remove Programs" junk to get them up and running. I have them run AdAware like once or twice every two weeks, and I haven't gotten an emergency call from either one of them since I fixed it. My favorite is that they got spyware from a pop-up that redirected them to a website that said they had spyware and to install a program to get rid of it! Of course they did, because the pop-up looked like a Windows window (to the untrained eye). I can't believe how much crap is out there and how unsuspecting people are.
I have been using Ad-Aware for the past few years with moderate success (scanning about once a week). My IS manager just gave me a copy of Pest Patrol, which is a more active program than Ad-Aware.
Pest Patrol scans your CPU, rids it of all kinds of nasty little spyware and then actively blocks any new spyware from attaching itself to your machine. It actually found some things that Ad-Aware had missed (and I had updated Ad-Aware recently).
It has a little fly-swatter icon on the task bar and goes "BZZZT" like an electric bug zapper when it kill something. I am very pleased with the results so far.
Kinda wish those programs were a little better, if only to extract me from my current mess.
Got a computer I use a lot, and was googling for info on something (something exciting! like W2000 Terminal Server Licensing, I think), and somewhere along the lines, some adware installed itself on my computer. Kinda gave itself right away by adding eight new ad icons to my desktop and popping up many many IE windows.
(I'm pretty dedicated in trying to stay up with the Windows Update patches and running anti-adware programs, so I have no idea how this slipped thru.)
After stopping enough of the ad programs so I could actually operate the computer, I tracked down what had happened and figured out the main adware was something called TV Media. From what I've seen, it's a nasty thing; resets and redownloads the accompanying advertisements/IE toolbars/annoying horoscopes every time you reboot the computer, and loads its critical files in memory at startup, preventing you from deleting them unless you're in Safe Mode.
Which should've been fine...except, I've noticed this laptop is completely unresponsive in Safe Mode. I get as far as the Safe Mode explanation dialogue box, and neither my keyboard nor my mouse will respond. No idea why; don't think it's related, but it's helping out at any rate.
Since I can't actually get rid of the actual adware, I've tried to go around it; got around to installing Firefox on this computer since most of the problems are IE related (and they still somewhat come up), and tried to delete the re-added spy ware when I spot it. I'm guessing I'm going to have to just reformat and reinstall Windows at some point, but it's a risky idea for a computer who's drivers may or may not still exist elsewhere. Quite a pain.
cubsfan: I had the same problems as you, and it took forever to get rid of everything. I found a website that searches IE for IE parasites: http://www.doxdesk.com/parasite/ and from there I researched each one and how to get rid of it. I also used HijackThis, and manually deleted things off of that. Of course, if you delete the wrong thing, you're terminally screwed, but a reformat was next in the cards so I got rid of everything that looked suspicious.
Originally posted by DJ FrostyFreeze Where could a person find such fine spyware killing programs as these?
Originally posted by thecubsfanKinda wish those programs were a little better, if only to extract me from my current mess.
Got a computer I use a lot, and was googling for info on something (something exciting! like W2000 Terminal Server Licensing, I think), and somewhere along the lines, some adware installed itself on my computer. Kinda gave itself right away by adding eight new ad icons to my desktop and popping up many many IE windows.
(I'm pretty dedicated in trying to stay up with the Windows Update patches and running anti-adware programs, so I have no idea how this slipped thru.)
After stopping enough of the ad programs so I could actually operate the computer, I tracked down what had happened and figured out the main adware was something called TV Media. From what I've seen, it's a nasty thing; resets and redownloads the accompanying advertisements/IE toolbars/annoying horoscopes every time you reboot the computer, and loads its critical files in memory at startup, preventing you from deleting them unless you're in Safe Mode.
Which should've been fine...except, I've noticed this laptop is completely unresponsive in Safe Mode. I get as far as the Safe Mode explanation dialogue box, and neither my keyboard nor my mouse will respond. No idea why; don't think it's related, but it's helping out at any rate.
Since I can't actually get rid of the actual adware, I've tried to go around it; got around to installing Firefox on this computer since most of the problems are IE related (and they still somewhat come up), and tried to delete the re-added spy ware when I spot it. I'm guessing I'm going to have to just reformat and reinstall Windows at some point, but it's a risky idea for a computer who's drivers may or may not still exist elsewhere. Quite a pain.
If the programs keep coming back after you reboot it means they've most likely put themselves in your registry. The folder you want (when using regedit) is Local_Machine\Software\Microsoft\Windows\CurrentVersion\Run that folder contains all the programs that run at startup. Some of the registry keys in there are very important so be absolutely sure you know what it is you're deleting before messing with it.
-Jag
If you need help messing around with your registry send me a PM.
The past few Summers I've been teaching an introductory HTML course at an academically-based Summer program.
Same thing that happened to Cubs happened to me; namely, I got some spyware from simple googling. Due to our limited permissions (we were using computers at the local college), I hadn't bothered installing Firefox.
So, one of the kids is up there giving a presentation, and, bam, there's the softcore porn pop-up.
If the programs keep coming back after you reboot it means they've most likely put themselves in your registry. The folder you want (when using regedit) is Local_Machine\Software\Microsoft\Windows\CurrentVersion\Run that folder contains all the programs that run at startup.
Yep, blew them out of there before, but when I reboot the computer (in hopes that since it's no longer running on load, I can delete the files), the program somehow manages to reinstall itself into registry.
I know the adware strain and have seen what I need to do: Go in safe mode, delete the stuff from the registry, reboot in safe mode, delete the files, and move on. Problem is, if I can't get my keyboard or mouse to work in safe mode, I can't really delete anything.
Have you tried putting an external PS2 keyboard or mouse on to see if that works in Safe Mode?
Yea. The touchpad on the laptop is annoying, so I've been using a PS2 mouse for a while. But trying safe mode with various combos (nothing plugged into the 1 PS2 port, keyboard plugged in, mouse plugged in) gets me the same results.
Do you have access to a docking station for the laptop?
Yea, didn't think about that. Need to dig it out, but that might do it.
Originally posted by The GoonHas anyone ever gone and taken a look at their parents' computers? Man, those tend to be a mess.
I went over to San Diego to set up a friend's mom's computer. (I've met her a number of times, & she's really fun & cool, especially for 70!) I get there 4 days after her daughter had gotten the thing plugged in & had tried to "show mom" how to do stuff. The first thing I had to do was spend an afternoon cleaning up several very nasty bits of adware & other garbage. The second thing I did was hide all IE/Outlook icons/links from her login, & liberally sprinkle Mozilla icons everywhere. We had dinner & I told her all about Mozilla being soooo much better than IE -- she loved the name & thinks the icon is so cute! She thinks (knows) she's super-cool to have a spiffy toy that none of her other friends have. :-) Having gotten her totally indoctrinated from the get-go, she's had virtually no problems -- certainly no crisis-level problems. It's a pretty easy sell, if you can get to them early enough!