 sj |
||
|
||
Tech: Unwanted 'Spyware Remover' (& cat)
|
|
|
|||||||
|
Tech: Unwanted 'Spyware Remover' (& cat) |
Share Thread
|
||||||
|
Subject: RE: Tech: Unwanted 'Spyware Remover' (& cat) From: Joe Offer Date: 06 Mar 08 - 01:00 PM Hmmm. Jack Reacher? (also here) Well, I guess that's OK, but I'm 12 years older than Jack, and getting a little crochety. I never have problems like this with my own computer, so sometimes it's hard for me to figure out how somebody else got a computer so Profoundly Screwed Up. This particular computer is used by a number of people, but particularly by the wonderful woman we jokingly call Madame Executive Director (more often, I call her Sister Mary OCD). I told her that this stuff was most likely installed by somebody who clicked on the wrong thing, and she said she never does that - and then proceeded to click away wildly at things she didn't want on her screen. Her method of dealing with popups is to click madly all over until they disappear. Aaaaargh! Obsessive-compulsive people should not be allowed to use computers. Such things should be left to us calm, methodical types. Good thing I like her. -Joe- |
|
Subject: RE: Tech: Unwanted 'Spyware Remover' (& cat) From: JohnInKansas Date: 06 Mar 08 - 07:27 PM Joe - madly clicking away may be OC, but "calm, methodical" suggests AR. Never thought to accuse you of that. Basic AntiVirus simply isn't sufficient for a computer that gets "public" use. You need a "full suite" system that integrates AntiVirus, AntiSpyware, Popup blocking, and the newest - FRAUD MONITORING. It can be done by "patchwork" assembling of free/low-cost systems; but an "integrated" setup - protection suite - from one of the major sellers is probably cleaner. Even if you have a "full suite," features to protect against newer and most popular forms of threats may not be included or added by updates. So far as I can find, Norton didn't add their Fraud Monitoring prior to Internet Security 2007. It may have been in an earlier version of Norton 360, but I haven't looked. Most of the major suppliers do now have complete suites that, for current versions would be appropriate. Full protection features are almost never included in "free" versions. This may not be a problem for an individual user who observes good browsing practices, and/or who is willing to search out separate "special purpose" additional programs; but is NOT sufficient for a communal-use machine. (note: opinion) In fairness to your "nice lady" a possible way for the kinds of junk seen is for a "rogue" site to simply search for open connections, which often can be found on machines that are connected, whether or not the computer is even being used. A Norton (or other) Security Scan will tell whether an individual computer is properly "cloaked" - with NO PORTS VISIBLE from the outside. Win2K cannot be cloaked as it's based on a "server technology" that requires at least one port to be open and visible, but WinXP and later should be invisible to anyone attempting to find the machine from the outside. If you've run into something that's seemingly impossible to remove, there are several websited that offer "expert help." The routine is described at the rather dated 'cat thread: Spybot Thread You generally: 1. Update and run your AV program. 2. Update and run AdAwareSE 3. Update and run Spybot S&D 4. Reboot 5. Update (if necessary) and run HiJack This, and save/export the HiJack This result. 6. Post the HiJack This result at one of the help sites. 7. Wait for the reply, and then read and follow exactly what they recommend. The post at the thread link gives two sites that can be trusted (IMO) and both are still active, althought the site name for the Tom Coyote has been changed due to an "acquisition" by a reputable (probably) other outfit. This isn't an "instant fix" but is the most reliable and comprhensive way to attack a really puzzling problem. Do be sure to read and follow all the instructions if you really want them to help. Since different sites may prefer different versions of the listed programs, and some sites may also have added or replaced one with a different "analysis" program, you should get the links to download (and update) the programs needed from the site you pick. John |
|
Subject: RE: Tech: Unwanted 'Spyware Remover' (& cat) From: Big Al Whittle Date: 07 Mar 08 - 02:33 AM Its got into my computer. Its very subtle. I was googling myself for reviews etc) and I saw some new mentions of my album. One was with someone of the same surname. Aboard it jumped and I can't get rid of it. Anybody with a definitive idea of how to get shut of it? Its a brandnew computer with newly installed MacAfee. I have run the scan but it doesn't seem to have any purchase on it. |
|
Subject: RE: Tech: Unwanted 'Spyware Remover' (& cat) From: Joe Offer Date: 07 Mar 08 - 02:56 AM Hi, Al - well, I htink I have it licked, although I had to make the 1-hour drive to Sacramento three times this week to do it. I'd suggest Spybot Search and Destroy. McAfee doesn't seem to detect adware - I guess maybe they think it's proper capitalism and lave it alone. As shown above, John in Kansas suggests also scanning with AdAware. -Joe- |
|
Subject: RE: Tech: Unwanted 'Spyware Remover' (& cat) From: JohnInKansas Date: 07 Mar 08 - 03:04 AM weelittle - See post immediately above (06 Mar 08 - 07:27 PM) if you reach desperation stage. The "protection" that comes with new computers usually is basic AntiVirus only, and the crud people are seeing here is not a virus, so the free-trial stuff seldom helps much with it. (It does help the the few hundred other things you might have without it.) If you don't reboot often, a System Restore may be able to pick up a backup prior to when you got the sickness. If you restart daily, all of the backups in System Restore may be infected, and you'll need to turn off Sys Restore to DELETE them. If you do find one old enough to clear things, after starting with the restored version you need to IMMEDIATELY turn off System restore to get rid of other infected ones, then turn it back on if you want. (You'll probably want to leave it off until you're sure you've cleaned things up.) If you can't find an old enough backup, you can make a manual backup to be safe - that Sys Restore won't put back - using Regedit before or after you turn off Sys Restore to get rid of infected ones that reinstall themselves; but your manual backup will probably contain the infection so it's only for last-resort use. Get as accurate a record of the program name and any files that are identified in the popups as you can. (Alt-PrtScn and paste into Word if nothing else is handy, if you can. Some popups close if you try to copy them that way.) Search the 'net to see if anyone has worked the crud you have already. Check Start and Startup folders for strange stuff, especially with filenames resembling what's in the messages. If you're confident about getting in there, search the Registry (Regedit again) for any words, word fragments, or filenames from the popups. Assuming you're WinXP SP2 or later, visit Microsoft update (microsoft.com and search for "update" and/or "security") and make sure you're getting the Microsoft Malware Remover program. It's not really too thorough, but gets what's currently a problem for most people. (If three 'catters have it, at least 100,000 less cautious people probably do have the same thing.) Other than that, without hands-on with your computer, there's not much to suggest short of going to one of the HiJack This sites and asking them for help. That probably will take a couple of days - or more - by itself. John |
|
Subject: RE: Tech: Unwanted 'Spyware Remover' (& cat) From: JohnInKansas Date: 07 Mar 08 - 03:15 AM Minor point. You can't delete a file that's open, and neither can Spybot or Ad-Aware. Either program can be run from Safe Mode, making it much less likely that a piece of crud will be running; but you may need to visit the sites to find details/recommendations on how to run them from command line for best results. John |
|
Subject: RE: Tech: Unwanted 'Spyware Remover' (& cat) From: Stilly River Sage Date: 07 Mar 08 - 08:49 AM There is a kind of ass-backward way to get rid of some of this stuff. Download the newest versions of Spybot and any of those other programs you plan to use and put them on a thumb drive or someplace out of harms way. Clean up the disk (system cleanup and defrag) just because you should sometimes, then take the computer off of the internet connection. Then you're going to go through Add/Delete programs and get rid of anything that doesn't belong in there. Uninstall spybot and dump your cookies. Check IE and dump any permissions. You can see where this is going--you're now going to install spybot from your thumb drive and reconnect the internet and let it update itself. You're going to run the scan, then you're going to start every program that is there and give it permission to load and run. You might even have to help people with regular programs or sites they run. You need to be sure to deny access to the programs you don't want to load. Use IE and Spybot to do the blocking. Tedious, but it does work. Either that or try system restore. SRS |
|
Subject: RE: Tech: Unwanted 'Spyware Remover' (& cat) From: Big Al Whittle Date: 07 Mar 08 - 09:47 AM A friend (who knows about these things) came and did Murphy's procedure for me and tried installing powerzone and updating my MacAfee. The thing is quietened down, but it jumped out when my wife went to the Heanor Local History Site. As you say, it lurks! A treacherous foe! |
| Share Thread: |