Spyware - does anything work?

[Guest]

A while ago I got infested with pop ups which none of the spware trackers
(even in safe mode) could kill. In the end I put a second disk on - reloaded
and they wnet. Now they are back once again - I am not sure what sort they
are but they seem to try and keep track of sites being used - and some that
are not.


This particular pop up malware has also installed files and folders in my
favouties that I cannot get rid of (it did this before) - you cannot see
these files in the Favourites folder and it won't let you delete them from
the favourites drop down menu.

One thing seems for sure though a version of IE is always running - even if
I am not surfing the net - and if I try to remove it from processes under
Windows task Manager it just comes back. Could this be the issue - how can I
get rid of this and the unwanted favourites wihtout a complete clean and
re-load? I had contact with MS a few months back where on another issue the
consultant said I could stop lauch programs running through using the run
command and I think something like MSservices - it certainly seemd a powerful
tool but cannot now access it - could this help - can anyone tell me what the
correct command for this is?

Final point re software protection and removal :One of the spyware co's
tells me they think it is a hijacker program - but cannot pin point it. They
have a much praised program as do people like Adaware - but if they cannot
find and delete these things why should I spend money on them? The free
versions seem to just find and delete stuff that you can do yourself through
clearing temp internet files, cookies and decent virus software. Adaware and
others , like SpyDoctor and Advanced Spyware removal, tempt you by saying
they have found further infections that the 'full' paid for version can only
delete - but can they prove it? I had Spydoctor full version on trial and it
couldn't do it.

 

[Guest]

Hi Eddie,
Please do the following and let us Know:
Your Browser Hijacked by this evil websites, try to Scan for Malware/Grayware
and for Viruses.
Do you have Anti-Virus installed with Firewall in place to protect you from
all the Internet troubles, which in fact you brought to yourself (set as
homepage what the joy!).
For Anti-Spware go here:
http://www.download.com ; (for Spybot SD)
http://www.lavasoftusa.com ; (for Lavasoft SE personal use)
http://www.pandasoftware.com/products/activescan.htm
http://www.sophos.com/virusinfo/analyses/trojswizzoraw.html
http://www.nasstec.co.uk/tools.html
http://www.avast.com/eng/vps_history.html
Then Go to the Registry and look for the Key:

HKEK_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\InternetSettings\P3P
and look for any Reference for the Linkarama.net and Delete it.

HKEK_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\InternetSettings\MapZone.
Delete all reference to the scum there.

HKEK_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\InternetSettings\Zone
[1] Delete any IP or reference created by the website there 62.83.12.182 i.e
[2] Del // // /// // //
//
[3] Del // // // //
// /
etc.
The Same apply in:
HKEY_CURRENT_USER\Software\Microsoft\Windows\InternetSettings\Zone

HKEY_USER\Microsoft\Software\Windows\InternetSettings\Zone
Say you have
S-1-5-11-5776-90-4-bla-bla\Software\Microsoft\Windows\InternetSettings\Zone

Also Check this Key are set like this:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes
They should read
"ftp"="ftp://"
"gopher"="gopher://"
"home"="http://"
"mosaic"="http://"
"www"="http://"

Hope this this Helps
Please let us know
nass

 

[Leythos]

Then Go to the Registry and look for the Key:

As the OP doesn't sound technical, you should not provide them with
registry keys to delete, they could really screw up their system if they
do it wrong.

It would be better to point them to a proper tool to do the work for
them, something online from a reputable location.

For malware, the following does work, and is free:

Always remember - only download files from Trusted Sites.

The following links will take you to vendors sites for Spy Ware / Ad
ware removal tools and also for Antivirus tools. After you install any
of these applications and update them, run them in SAFE MODE to allow
them to properly clean your system.

First, make sure that your Java is updated to the latest version:
http://www.java.com/en/download/index.jsp

These sites are for downloading Anti-Malware and Anti-Spyware tools, in
order that I would use them myself:

Dave Lipman's tools:
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Secured2K's AntiPauper (download link/info at)
http://forums.mcafeehelp.com/viewtopic.php?t=65072

 

[Guest]

The Registry of the OP already Screwed up with SpyWare Blocking him form
doing any thing.
I Agree with you I should point out to him Editing the Registry could screw
up things.
The Steps Provided easy to do and implement, hence the OP said Installed
another Disk????
Please try to look and read the thread before you launch a lecture and
lesson to me!.
And if you saying Trusted sites, well if you don't trust SOPHOS then Read
your Post please!!!.

 

[Leythos]

The Registry of the OP already Screwed up with SpyWare Blocking him form
doing any thing.
I Agree with you I should point out to him Editing the Registry could screw
up things.
The Steps Provided easy to do and implement, hence the OP said Installed
another Disk????
Please try to look and read the thread before you launch a lecture and
lesson to me!.

I did look and read, and I fully comprehended what you wrote, if not, I
would not have replied with the statement I made.

And if you saying Trusted sites, well if you don't trust SOPHOS then Read
your Post please!!!.

I don't have any issues with SOPHOS, I have issues with people posting
snippets or copies of reg code and users that blindly trust them when
it's obvious that they would have no clue as to what they mean.

 

[Guest]

I did look and read, and I fully comprehended what you wrote, if not, I
would not have replied with the statement I made.

You are absolutly Wrrong you didn't have any idea about the Issue, you just
hummer in with your Java and critics.
What the Java Going to do with Spyware/Virus Situation, it will make it Hell
for the OP if he Run such a Utility and Installing Java in the same time.
You don't know that Java (Written code) is the Biggest threat and most
Viruses and Very *Badly written Utility* Love to play with the Bad side of
Java.

I don't have any issues with SOPHOS, I have issues with people posting
snippets or copies of reg code and users that blindly trust them when
it's obvious that they would have no clue as to what they mean.

Well all these *Snippets* they are exist in my previous Posts and even if
what the Problem if it will help others and help you to learn something, or
you born that Complete?.
Last and not least, this not the place to confront or make such
unprofessional behavior, and I hope you understand!!!!.

With respect to the OP Post

 

[Leythos]

You are absolutly Wrrong you didn't have any idea about the Issue, you just
hummer in with your Java and critics.
What the Java Going to do with Spyware/Virus Situation, it will make it Hell
for the OP if he Run such a Utility and Installing Java in the same time.
You don't know that Java (Written code) is the Biggest threat and most
Viruses and Very *Badly written Utility* Love to play with the Bad side of
Java.

[snip]

Well, there are many problems with older java versions on computers all
over the country, and I've yet to see one that didn't benefit from the
update.

The rest is simple, download the tools and run them, then do what else
is needed.

 

[Guest]

You are absolutly Wrrong you didn't have any idea about the Issue, you just
hummer in with your Java and critics.
What the Java Going to do with Spyware/Virus Situation, it will make it Hell
for the OP if he Run such a Utility and Installing Java in the same time.
You don't know that Java (Written code) is the Biggest threat and most
Viruses and Very *Badly written Utility* Love to play with the Bad side of
Java.

[snip]

Well, there are many problems with older java versions on computers all
over the country, and I've yet to see one that didn't benefit from the
update.

I do agree with you, but Java can be a Sowrd with two Pointed *Sharp-Edge*
blade, you always hear about Patches and Vulnerability in the Code.
In the same time I love Java because you can do things you can't do with C#
and C++, to make the Interface have the look and the feel.

The rest is simple, download the tools and run them, then do what else
is needed.

All Good when the OP is not in a massacre from the Spyware/Viruses, and
guess what his Computer slow and he want to download more than 40Megs (if I'm
right) on his HDD of Java, he need just the Tools and effective quick clean.

 

[Leythos]

You are absolutly Wrrong you didn't have any idea about the Issue, you just
hummer in with your Java and critics.
What the Java Going to do with Spyware/Virus Situation, it will make it Hell
for the OP if he Run such a Utility and Installing Java in the same time.
You don't know that Java (Written code) is the Biggest threat and most
Viruses and Very *Badly written Utility* Love to play with the Bad side of
Java.

[snip]

Well, there are many problems with older java versions on computers all
over the country, and I've yet to see one that didn't benefit from the
update.

I do agree with you, but Java can be a Sowrd with two Pointed *Sharp-Edge*
blade, you always hear about Patches and Vulnerability in the Code.
In the same time I love Java because you can do things you can't do with C#
and C++, to make the Interface have the look and the feel.

The rest is simple, download the tools and run them, then do what else
is needed.

All Good when the OP is not in a massacre from the Spyware/Viruses, and
guess what his Computer slow and he want to download more than 40Megs (if I'm
right) on his HDD of Java, he need just the Tools and effective quick clean.

And all most have to do is get safe mode with networking support to
download multi-av and then let it update, better to download it in
normal mode though. I actually install it on a clean computer, download
all the updates, burn the folder to CD, then copy/run it on compromised
computers.