|
Author
|
Topic: shitload of problems!
|
|
|
|
|
Cacophonous
Sarge
Member # 19
Member Rated:
|
posted 07-23-2004 09:17 AM
    
And a generic one I just finished last night. This one was only dial-up but had:No antivirus software
No anti-ad program
XP had no updates (no SP1 or anything) It only had 8 instances of a worm. But tons of other junk. The browser hijack took the longest to correct since I needed to patch out windows, etc. -------------------- ...
Posts: 5571 | From: Yes | Registered: Jun 1999 | IP: Logged
|
|
|
|
|
|
AcidWarp
Sarge
Member # 997
Member Rated:
|
posted 07-23-2004 11:02 AM
I didn't personally see it, but at work apparently one came into the shop that had 30,000 infected files, that weren't email. The virus had just kept replicating. I think the average amount of spyware that I see is around 700-800 objects per scan. We use Ad-Aware and Spybot for that. Coupled with Hijack This and several other utilities.Oh, and as for dustbunnies, nothing, and I mean NOTHING beats the ones with spider webs, complete with eaten bugs, and the spider itself. Cac, that browser hijack sounds suspiciously like CoolWebSearch. Might be a good idea to go back and re-check the machine in a day or two. It's a NASTY peice of spyware that some AV vendors now consider a trojan. It's a bitch to get rid of. I've had to do a few manual removals, and it's not easy. -------------------- “I have noticed even people who claim everything is predestined, and that we can do nothing to change it, look before they cross the road.” “Intelligence is the ability to adapt to change.” --Dr. Stephen Hawking.
Posts: 4363 | From: Waterloo, Ontario | Registered: Nov 1999 | IP: Logged
|
|
Cyborg6
Sarge
Member # 1382
|
posted 07-23-2004 12:14 PM
When building a person a computer go:AVG Virus (Free Updates)
Zone Alarm (Firewall) Then leave and say "You are now on your own, don't call me for support" Do I sound bitter?
Posts: 2869 | From: | Registered: Dec 1999 | IP: Logged
|
|
|
|
|
|
|
|
|
|
Cyrus
Sarge
Member # 344
Rate Member
|
posted 07-24-2004 12:56 AM
When I had a whole lot of junk on my computer after using Internet Explorer, I had to use several programs to fully clean my computer.Some that come to mind are: CWSShredder
Stinger
Ad-Aware
AVG
Norton Trial Version
SpyBot - Search & Destroy
Zone Alarm This is why I now use FireFox  -------------------- Shiny.
Posts: 205 | From: Winnipeg, Manitoba, Canada | Registered: Jul 1999 | IP: Logged
|
|
|
|
|
|
AcidWarp
Sarge
Member # 997
Member Rated:
|
posted 07-24-2004 11:09 AM
www.grisoft.com there's a free version, it's very popular right now.I don't have a high opinion of AVG. I've seen it mess up, break, and even miss things. I'll stick with Norton. I use Norton AV 2004, and while admittedly it's suppose to be buggy I haven't had a problem yet *knocks on wood* and it's got a smaller memory footprint than 2003 did. Recently I've seen a anti-virus scanner called Nod32 that seemed pretty nice. It's VERY fast at scanning, and doesn't appear to miss anything. Haven't had much of a chance to use it though. Oh, Cac, there's a couple of really neat utils for removing spyware. There's AboutBlaster and BHODemon, they seem to work pretty well. Autoruns is another good one too. Home Search is a variant of CWS iirc. But try those, they wipe out Browser Helper Objects etc. You have to treat CWS like a virus. Do all of your scans etc in safe mode with no networking support. Oh, and about CWShredder. Just so you guys know, it is no longer being updated. The guy who was putting it out just can't keep up to the rate of changes that CoolWebSearch goes through. It's still a good idea to run it, because the computer could be infected with more than one variant, and CWS might help. [ 07-24-2004: Message edited by: AcidWarp ] [ 07-24-2004: Message edited by: AcidWarp ] -------------------- “I have noticed even people who claim everything is predestined, and that we can do nothing to change it, look before they cross the road.” “Intelligence is the ability to adapt to change.” --Dr. Stephen Hawking.
Posts: 4363 | From: Waterloo, Ontario | Registered: Nov 1999 | IP: Logged
|
|
|
|
Cacophonous
Sarge
Member # 19
Member Rated:
|
posted 07-24-2004 03:07 PM
quote:
Originally posted by Cacophonous:
I'm suprised that AW is the only person who mentioned 'hijack this'. Great program...
Pay attention [josh]Flux[/josh] -------------------- ...
Posts: 5571 | From: Yes | Registered: Jun 1999 | IP: Logged
|
|
AcidWarp
Sarge
Member # 997
Member Rated:
|
posted 07-24-2004 03:13 PM
Yeah flux, pay attention  Autoruns goes further than HijackThis for startup items, and even further than msconfig does. Check it out. [edit]
Just thought of something Cac. If the VAIO machine is Win98/Me and CWS just keeps coming back, you can try using IEeradicator as well. It kinda breaks things in WinXP (like windows update) but you can use it to strip out IE and then reinstall it fresh from CD if you have it. If you don't have the full redistributal IE installer on hand, you can download it from MS. You absolutely NEED IE for windows update. So it's wise to put it back in. [ 07-24-2004: Message edited by: AcidWarp ] -------------------- “I have noticed even people who claim everything is predestined, and that we can do nothing to change it, look before they cross the road.” “Intelligence is the ability to adapt to change.” --Dr. Stephen Hawking.
Posts: 4363 | From: Waterloo, Ontario | Registered: Nov 1999 | IP: Logged
|
|
|
|
AcidWarp
Sarge
Member # 997
Member Rated:
|
posted 07-24-2004 03:32 PM
*bump*Edited my post. -------------------- “I have noticed even people who claim everything is predestined, and that we can do nothing to change it, look before they cross the road.” “Intelligence is the ability to adapt to change.” --Dr. Stephen Hawking.
Posts: 4363 | From: Waterloo, Ontario | Registered: Nov 1999 | IP: Logged
|
|
|
|
|
|
|
|
|
|
|
|
AcidWarp
Sarge
Member # 997
Member Rated:
|
posted 07-27-2004 02:12 PM
I've gotten rid of it, manually, on at least two different machines. It took patience though.Safe mode is the key. If there are multiple user accounts, you have to remove it in EACH account. It gets into the HKEY_Current_User section of the registry. Use Autoruns and Hijack this. Don't just remove BHOs and ActiveX stuff. Remove any HKLM..Run stuff you are even remotely suspicious of. Also CWS Hides in Windows\system32 as a bunch of .dat files that all have the same date, and are usually just random letters as the file name. When it doubt, google it. Adaware and Spybot DON'T delete those dat files, you have to do it manually. Hope some of that helps. As for the creators of CWS, shooting them is too kind, I propose bashing their fingers with a sledgehammer. -------------------- “I have noticed even people who claim everything is predestined, and that we can do nothing to change it, look before they cross the road.” “Intelligence is the ability to adapt to change.” --Dr. Stephen Hawking.
Posts: 4363 | From: Waterloo, Ontario | Registered: Nov 1999 | IP: Logged
|
|
|
|
|
|
|
|
AcidWarp
Sarge
Member # 997
Member Rated:
|
posted 07-29-2004 01:33 AM
Heh. . . it's a catch 22 snag Cac, there's another good utility. AboutBuster. Might help you. If, in the end, you can't get rid of it, back up the persons data, and format/reinstall. Sometimes it's the only way. -------------------- “I have noticed even people who claim everything is predestined, and that we can do nothing to change it, look before they cross the road.” “Intelligence is the ability to adapt to change.” --Dr. Stephen Hawking.
Posts: 4363 | From: Waterloo, Ontario | Registered: Nov 1999 | IP: Logged
|
|
|
|
UBBFriend: Email this page to someone!
