PC Help?

[INDY GS]

Heres the deal I was out on vacation for the last week and a half, and had a neighbor kid watching our cats. I come back to having a bunch of spyware crap on my PC, and IE goes to this default page no matter what I try to do.

I have run adaware, and spy bot, and they say they have removed all of the malware, etc, but it all comes back.

here are the items that keep coming back.

DSO Exploit

Allcybersearch

Webdialer

I have done several searches and still no finite answer except for a bunch of reg edit stuff, that I am sketched to do.

HELP

[Free Range Lobster]

what operating system?

look for spyware in add/remove programs and uninstall them.
that will help somewhat.

[Viva]

You can change the default page from within IE. How you go about it depends on which flavor of wiNdows you're using.

I hope that your cats are okay.

[bossass]

Get a Mac. Then you won't have to worry about when your neighbor kid is keeping an eye on the pussies.

[INDY GS]

I've already dealt with the neighbors parents, they have agreed to pay any damages that may result, but I declined, as long as she apologized. She "says" it was from IM, but I'm guessing not.

Anyway,

Win XP

and I have tried changing the default homepage, it reverts back everytime.....

hackers hackers

[Free Range Lobster]

ms antispyware

http://www.microsoft.com/downloads/d...displaylang=en

Everything else officially sucks in comparison.

Run that and report back.

First thing before you run a scan

go to file and update
make sure everything is latest, although im sure the version you download from MS has the latest definitions... but check anyhow

[StormDay]

Try another anti-spyware program. I have been using PestPatrol. I think it has a 30-day evaluation download

http://store.ca.com/dr/sat3/ec_MAIN....ACHE_ID=182827


Noticed you didn’t mention anti-virus software or a software firewall.

Get anti-virus software that handles worms. Or better a Internet Security package that includes a software firewall. I use Norton’s. It is pretty user friendly.
http://www.symantec.com/index.htm

Note: there are good free anti-virus and software firewalls out there. But, I’m mentioning what I use.

If you have a regular 56K modem, disconnect it until you PC is cleaned up. (Hopefully, you have DSL or Cable). That web dialer may be making international calls.

Your running Win XP so make sure the SMTP service is stopped and disabled. I think this is the default. Your computer may be by a spam to sent emails. If you ISP see traffic heavy email traffic from your computer it may de-activate your account/access.

On the homepage issue, it looks like something from a web site install a IE toolbar. I have Norton’s pickup a toolbar install during a system scan.

Good Luck…

Also, make sure to follow likwid advice and get everything on the system up to date.

[Huckasaurass]

Adaware SE Pro..buy it...WAY better than Microcraps free tool, although that does work, but I have found it remove IMPORTANT parts of like net drivers and winsocks depending on which "bug" youve gotten infected with.

My first suggestion is booting into "safe mode" this is accomplished by hitting the F8 key while the machine is booting. Choose safe mode. Run a virus scan in safe mode, as well as any anti spyware tools you have obtained. Delete all the temp internet files. C:\documents and settings\"username"\local settings\temporary internet files.

After that download and INSTALL MOZILLA FIREFOX 1.0.1 http://www.mozilla.org This browser is way better than IE and won't allow the arbitraty code run that IE lets run...i.e. ActiveX controls....

See where that brings you.Even if you can't remove all the "bugs" the Firefox browser will let you surf without all the lag and pop ups..

Matt

[INDY GS]

I think I am getting this little bstard cornered. I have installed all kinds of new protection, etc, and finally getting things to be cleaned or quarantined. I will report back in a few to see if things are better.

Thanks.

[LaramieSkiBum]

x 2 for mozilla/firefox...download it use it, and be done with nasties.

Also keep your PC updated, sounds like your OS probably has not been kept up to date.

In Internet Exploder goto Tools-Windows Update and update the shit out of it until you can't update anymore.

[Huckasaurass]

x 2 for mozilla/firefox...download it use it, and be done with nasties.

Also keep your PC updated, sounds like your OS probably has not been kept up to date.

In Internet Exploder goto Tools-Windows Update and update the shit out of it until you can't update anymore.

I'd agree again too....I forgot about the updates...SERRVICE PACK 2 for XP and use the FIREWALL WITH NO EXCEPTIONS.....if you leave that machine on with a broadband connection you might as well just set MS Auto updates to run in the middle of the night that way you'll always have at least the "important" patches.

Matt

P.S. this is my job...

[INDY GS]

I have always tried to keep things up to date, and have never had any real problems, with the exception of a few minor ones. I have installed SP2 on this machine (laptop) and wasn't too fond of of it so I hadn't updated the desktop yet. Looks like I am paying the price for that one.

I am currently in safe mode running a full system scan, hopefully this will take care of it.

Thanks for the advice. I am switching to Mozilla forever now.

I will update as soon as I am done.

INDY

[Huckasaurass]

Thanks for the advice. I am switching to Mozilla forever now.



INDY

Glad to hear that....the more the merrier.

Yeah, the MS updates tend to be a pain and SP2 wasnt that great...but like you're exeperiencing now....its a needed patch to say the least..

Matt

[StormDay]

Once you get Mozilla/Firefox installed make sure to close the following vulnerability.

Old Thread:
http://www.tetongravity.com/forums/s...hlight=Browser

Instructions:
Shmoo Group exploit: 0wn any domain, no defense exists
Pablos sez, "Shmoocon ended today. And just to prove The Shmoo Group wasn't sitting on their asses for the entire time while planning the con - A new exploit was demo'd by EricJ that left all jaws our on the floor. Want to own ANY domain? Want a trusted SSL cert for it? Check it out here. We 0wnz0rd PayPal, but left the rest for you. We have no idea how to fix this and neither do the browser developers. Official advisory here. Phishing attacks of doom coming soon." Link (Thanks, Pablos!)

Update: Chris Smith sez,

1) Goto your Firefox address bar. Enter about:config and press enter. Firefox will load the (large!) config page.


2) Scroll down to the line beginning network.enableIDN -- this is International Domain Name support, and it is causing the problem here. We want to turn this off -- for now. Ideally we want to support international domain names, but not with this problem.


3) Double-click the network.enableIDN label, and Firefox will show a dialog set to 'true'. Change it to 'false' (no quotes!), click Ok. You are done.


4) Go check out the shmoo demo again and notice it no longer works.

[Huckasaurass]

Once you get Mozilla/Firefox installed make sure to close the following vulnerability.

Old Thread:
http://www.tetongravity.com/forums/s...hlight=Browser

Instructions:
Shmoo Group exploit: 0wn any domain, no defense exists
Pablos sez, "Shmoocon ended today. And just to prove The Shmoo Group wasn't sitting on their asses for the entire time while planning the con - A new exploit was demo'd by EricJ that left all jaws our on the floor. Want to own ANY domain? Want a trusted SSL cert for it? Check it out here. We 0wnz0rd PayPal, but left the rest for you. We have no idea how to fix this and neither do the browser developers. Official advisory here. Phishing attacks of doom coming soon." Link (Thanks, Pablos!)

Update: Chris Smith sez,

1) Goto your Firefox address bar. Enter about:config and press enter. Firefox will load the (large!) config page.


2) Scroll down to the line beginning network.enableIDN -- this is International Domain Name support, and it is causing the problem here. We want to turn this off -- for now. Ideally we want to support international domain names, but not with this problem.


3) Double-click the network.enableIDN label, and Firefox will show a dialog set to 'true'. Change it to 'false' (no quotes!), click Ok. You are done.


4) Go check out the shmoo demo again and notice it no longer works.

I am pretty sure they plugged that hole with 1.0.1, which I think was only released today. I would download it and install.

I also think that the workaround listed above only works until you close firefox. Once you reopen it that needs to be done again. See here: http://forums.mozillazine.org/viewto...9f4a9689d713fc

Here is a link to the real fix.

http://forums.mozillazine.org/viewtopic.php?t=215178

Maybe you are having better luck with the fix you listed, but it seems others are not..

No matter what...its still better than IE...

Matt

[Free Range Lobster]

Adaware SE Pro..buy it...WAY better than Microcraps free tool, although that does work, but I have found it remove IMPORTANT parts of like net drivers and winsocks depending on which "bug" youve gotten infected with.

Uhm, Yeah, Microcrap? You're a fucking idiot.

A: The "important parts" it was removing were LSPs which in the initial run of the definitions it didn't fully remove as cleanly as it should be done. This was fixed long ago.

B: Microcrap (again)? Its Giant Antispyware, which most people pretty much put money on as being BETTER than Ad-Aware. It just hadn't gotten as much media coverage.

C: Its removal procedure is better than ANYTHING else out there in how it checks dependancies and memory linking to other software, nothing else does this, not even your wonderful Ad-Aware.

D: Lets talk about Ad-Aware for a moment, I bet you're a huge proponent of Ad-Watch, the biggest pile of shit blocker known to man. It blocks not only bad popups but the popups you get going to banking sites, web mail sites, logins for various websites, etc. The failure to have "intelligent" functionality makes it a huge waste of money and time.

Half my day is spent removing spyware and shit from client computers (the rest being network building) and I can honestly tell you I won't waste my time on Spybot and Ad-Aware ever again. The lack of intelligent realtime protection that either of those offer is just a huge fucking hole and the lack of ability to automate scans is a waste of time.

And as far as windows updates being a pain? Do yourself a favor, turn on automatic updates and STFU.

ps: Neither Ad-Aware or Spybot remove the latest VX2 variant, MS Antispyware did the day it appeared in the wild. owned.

[Huckasaurass]

Uhm, Yeah, Microcrap? You're a fucking idiot.

A: The "important parts" it was removing were LSPs which in the initial run of the definitions it didn't fully remove as cleanly as it should be done. This was fixed long ago.

B: Microcrap (again)? Its Giant Antispyware, which most people pretty much put money on as being BETTER than Ad-Aware. It just hadn't gotten as much media coverage.

C: Its removal procedure is better than ANYTHING else out there in how it checks dependancies and memory linking to other software, nothing else does this, not even your wonderful Ad-Aware.

D: Lets talk about Ad-Aware for a moment, I bet you're a huge proponent of Ad-Watch, the biggest pile of shit blocker known to man. It blocks not only bad popups but the popups you get going to banking sites, web mail sites, logins for various websites, etc. The failure to have "intelligent" functionality makes it a huge waste of money and time.

Half my day is spent removing spyware and shit from client computers (the rest being network building) and I can honestly tell you I won't waste my time on Spybot and Ad-Aware ever again. The lack of intelligent realtime protection that either of those offer is just a huge fucking hole and the lack of ability to automate scans is a waste of time.

And as far as windows updates being a pain? Do yourself a favor, turn on automatic updates and STFU.

ps: Neither Ad-Aware or Spybot remove the latest VX2 variant, MS Antispyware did the day it appeared in the wild. owned.

Somones a "fucking idiot". Hey listen i'm not going to get into a flame war here, everyones got the tools they like..Wait until you run "GIANTS" removal tools and reboot the machine and find out it removed a dll or a winsock that TCP/IP depends on and the machine can't browse the internet or your intrAnet or anything. Cant UNLOAD TCP/IP. Then you'll think again. Also if you go back and look I do say, its not bad, but I THINK Ad Aware is better.

Now lets talk about AdAware. You mention it in the same breath with SpyBot. I'm not talking about the CRAP free downloads of the tool. I'm talking about going out and spending a dollar dude. Free tools don't always do it, nor do the pay ones, but usually the pay ones work slightly better.

Now I TOO DO THIS FOR A LIVING. I don't know how long you've been doing it, but i've been doing it for abolut 10 years, I think I kinda know what the hell i'm talking about. So go plug your microsoft crap, and i'll stick with the tools I use, and we'll both be happy. As soon as there is a viable alternative to the BILL GATES machine....i'm out...personally i'm already out, but I mean on a "business" level. ITS ON ITS WAY SOOOO GET READY...

I'm sure if you do a pool, most of the real internet users have already made one switch away from the MS MACHINE.....its called FIREFOX....oh yeah...and swing by the gate buildings someday.....see how many APACHE servers theyre running...

I HATE FUCKING TOOLS......

Sorry everyone else...

Matt

[Huckasaurass]

what operating system?

look for spyware in add/remove programs and uninstall them.
that will help somewhat.

Yeah thanks...how bout when they don't uninstall? Or ummmm come back when the machine reboots?

FUCKING TOOL!!!

Matt

[LaramieSkiBum]

Yeah thanks...how bout when they don't uninstall? Or ummmm come back when the machine reboots?

FUCKING TOOL!!!

Matt

the fact that both of you are even using a Micro$oft OS means your both tools.....fucking tools at that....we all are and are forced to be by the companies we work for

EDIT: I suppose we are talking in the sense of machines we have to use at work, so I restated it

[Free Range Lobster]

the fact that both of you are even using a Micro$oft OS means your both tools.....fucking tools at that....we all are and are forced to be by the companies we work for

EDIT: I suppose we are talking in the sense of machines we have to use at work, so I restated it

bash-2.05a$ uname -a
FreeBSD deadspot.com 4.10-STABLE FreeBSD 4.10-STABLE #3: Sun Sep 5 17:49:12 PDT 2004



Afraid Microsoft's anti-spyware will muck up your hard drive, causing the erasure of your digital photos, music collection and work files?

Don't worry, you've got a $5 rebate coming your way in this worst-case scenario--enough to buy a McDonald's Happy Meal, with change. That is, if you read and take advantage of Microsoft's legal promise.

Microsoft AntiSpyware Beta, the software giant's new downloadable tool for warding off spyware, adware and any other "potentially unwanted software," will reimburse direct damages up to $5, according to the program's end-user license agreement (EULA).



It also applies even if Microsoft knew or should have known about the possibility of the damages," says the agreement, in all capital letters.

Most people's eyes glaze over when it comes time to read a software license agreement and simply click "yes" to authorize a new program to install. There are undoubtedly necessary tidbits of knowledge contained in the lines of legalese, such as whether your privacy will be sacrificed in the name of annoying advertising. Still, most people skip to the end.

Proving the point that EULA's are widely ignored, PC Pitstop recently inserted a "special consideration" clause in its agreement that offered money to anyone who sent an e-mail to an address contained in the license. After 3,000 downloads and four months, one person finally took advantage of the offer and received a check in the mail for $1,000, according to the company's Web site.

Microsoft's generosity falls into a slightly different category. The company offered the $5 under its limited liability clause. "You can recover from Microsoft and its suppliers your direct damages up to U.S. $5." However, "you cannot recover any consequential damages, lost profits, special, indirect or incidental damages from Microsoft," according to the EULA.

Microsoft did not immediately respond to a request for comment.

So when's Lavasoft gonna do that?
Oh yeah they won't.