A word about spyware, hijacks, trojans, worms & dialers

[bongo3]

Hi there,

i spent the last hour to remove a fuckin dialer.
Normally hijackthis, cws, ad aware and pestpatrol
get rid of that stuff.
Anyone having problems removing that stuff?

i put together some free software links and some hints
to remove unwanted software such as
spyware, worms, trojans, dialers & hijacks
you are redirected to other websites?

http://www.tgpbb.com/aboutspyware/index.html

the tools are free and there is no affiliate link
bye
Bongo

[nanda]

Next time I get attacked with that crap, I'll keep ur link in mind. A few months ago I had to redo my hard drive b/c those stupid pop up crap...I didn't even know what it was, I tried everything and just had to redo....THANKS!

[gunner]

nice page bongo, that crap is a pain to get rid of and your links will surely help.

hit me up on ICQ or email, I have a question about your TGP
"gunner AT spread4u DOT com"

Most of the time it comes from sites that have free porn, and are sites that are not well known. if i want to take it easy for 30 mins or so, i will only surf the hun and thumbzilla even then I i turn off cookies and set my broswer to high security.

If i am looking for webmaster info i only stick to places that i feel that are safe. But even then i can come unstuck like what happened to me when i reviewed a site that was posted on xnations a week or so ago. I dont like to do it, but if i find anything different with my settings, i wil just reformat the box and with the aid of norton ghost, i can be back within 40 minutes, i back up everytime i have done my work and this is placed onto a cd rw. and i will not click on links that have some java script to hide the url. I will search goofle for the url and see if this is a ture url. It might take 2 minutes to do this process, but i know that i am
not going to have to waist 40 minutes to reformat.

I write the urls onto a pad before i click and if that site does some shit, i take it to a higher level, eg, i will write a letter to abuse@ the hosting company of that domain, to the domain register company, trace a email address and write to their isp.

Some might think I go too far, but i bet alot of people are not getting that same shit happen to them. I will never know, ie can block domians so i will never go there ever again.

[sweet7]

Quote:

Originally posted by bongo3
Hi there,

i spent the last hour to remove a fuckin dialer.
Normally hijackthis, cws, ad aware and pestpatrol
get rid of that stuff.
Anyone having problems removing that stuff?

i put together some free software links and some hints
to remove unwanted software such as
spyware, worms, trojans, dialers & hijacks
you are redirected to other websites?

http://www.tgpbb.com/aboutspyware/index.html

the tools are free and there is no affiliate link
bye
Bongo

Gonna check that out later I'm having a browser hijack problem with IE. Thanks bongo3

[sweet7]

hey bongo3 how did you remove your browser hijack?

mine keeps redirecting to nkvd.us/1525/. I have tried hijackthis before today and it doesn't seem to do the trick.

[Gruntled]

Try SpyBot: S&D About halfway down the page.

It has options to protect against browser hijacks, etc, and removes all known spybots, hijackers, and adware.

[SKULL]

Thanx a lot for this.. bookmarked...

[sweet7]

What do you mean when you say "half way down the page" ?

I've just ran spybot s&d and it finds the problem but it doesn't seem to be getting to the root of it.

[Don Soporno]

Quote:

Originally posted by Gruntled
Try SpyBot: S&D About halfway down the page.

It has options to protect against browser hijacks, etc, and removes all known spybots, hijackers, and adware.

S7D didnt work for me either, the problem kept comming back. I finally used a combo of 3 or 4 different programs and got mostly everyhting back to normal. Hot me up on ICQ sweet, I may have a program you can use to fix it.

[Gruntled]

Oh. If you follow the link I gave, halfway down the page is the download link.


If it finds the problem,and the file is locked, it will ask permission to run at startup. grant this permission and reboot. It has always worked for me.

What's the name of the offending program, by the way?

[Mister X]

Here's a useful tip for those of you that have trouble removing this shit. A lot of these programs are running in memory and they use filenames such as services.exe or winlogon.exe. You can not delete the file while the program is running and you won't be able to use taskmanager to stop the program because it will rather stupidly insist that the file is a system resource that can't be stopped. You will know when you have one of these when you see the program twice in taskmanager, once as SYSTEM and once as whatever your login name is. Only the SYSTEM one is legit. Using programs such as hijackthis will not work because these programs check every few seconds and will reinsert themselves into the registry. To get rid of them you need to do one of 2 things. Either use a program like RegRun which will start before windows starts and give you an opportunity to remove this crap or reboot in safe mode and use hijackthis or a similar program to clean the registry and delete the file.

And another tip is to throw ad-aware in the trash. Or at least limit it's use to looking for basic spyware. It is updated far too slowly and is totally ineffective against most scumware and trojans.

[sweet7]

Quote:

Originally posted by Gruntled
Oh. If you follow the link I gave, halfway down the page is the download link.


If it finds the problem,and the file is locked, it will ask permission to run at startup. grant this permission and reboot. It has always worked for me.

What's the name of the offending program, by the way?

I really don't know all I know is that it redirects my IE to nkvd.us

[[tuka]]

Quote:

Originally posted by sweet7
I really don't know all I know is that it redirects my IE to nkvd.us

Well, you could start by using something else to download removal soft (NN, Mozilla)

can also try to remove manually from the regedit (can make a search for nkvd.us), chances are it will be in HKLM... might want to clean your msconfig first though

[sweet7]

I'm using Firebird at the moment it rocks except I haven't figured out how to get wmv files to load properly yet.

I'm going to try that registry search

[Mister X]

You might want to try getting media player classic for the wmvs. Not sure about firebird but it works great with mozilla 1.7. You can also get it to open your quicktime and real player shit which is a big plus. Just do a google search for "media player classic".

If the problem is with embedded wmv's I don't know if it will work or not. Firebird isn't quite up to snuff in that area yet I think.

[Gruntled]

I use Firefox on all my machines (there was a snafu over the name, so they changed the name with the last update). On Linux, MPlayer handles the wmv files, and there is a plugin for the browser. On windows, I've been using Winamp5 for wmv's.