PDA

View Full Version : Helpful info concerning trojans/spyware/IE hijacks


Alucard
01-18-2004, 10:03 AM
Recently I got an annoying thing where if I loaded up my Internet Explorer window it would INSTANTLY take me to some dumb search engine called Hugesearch.com. I'm assuming my sister put it here since she's visiting me and I let her use my computer a few times, considering I've never had one of these in the decade I've had my computer. Anyway! I found a VERY COOL site that helps you get rid of crap like this.

http://www.computercops.us/forums.html

In this forum they help you with everything. My specific problem was in the "Sypware Hijack Related" section. The other good one would be "Virus Worm related" section. The other tell tale factor is the amount of posts in both of these sections.

Another helpful bit of info is to use a program called CWShredder, or Cool Web Shredder. Very excellent program. Then after that if your problem is still there just use a program called 'hijackthis' and use the log it makes to paste onto the forum there. They have info and just by reading threads it should give you the right idea. Very good place!

Nindalf
01-18-2004, 11:30 AM
That's a coincidence. My IE suddenly started to take me to some stupid search engines when I opened IE, now it takes me to wazzupnet.com. I'm just too lazy to do anything about it.

Alucard
01-18-2004, 02:02 PM
As long as stuff like that happens, your internet link wont be as fast as it should be. Its best to get rid of them straight away.

spider-prime
01-18-2004, 02:05 PM
yeah my old computer used to do that alot, I couldn't do anything to get rid of them, so I just reformatted, the blaster bitch came back and I couldn't get rid of that for a while DOH! but everything is cleared up now hehe

Pilotwings
01-18-2004, 02:06 PM
the internet search hi-jacker hasn't plauge me for over a month since i deleted the folder where all files were hidden.:sweat:

Alucard
01-18-2004, 02:42 PM
Some of them dont have folders. They're the annoying ones.

link84
01-18-2004, 06:28 PM
get Avant

NEO-GEO
01-18-2004, 09:29 PM
Just don't use IE.

Get Mozilla Firebird.

www.mozilla.org

Alucard
01-18-2004, 09:58 PM
Some sites ONLY work properly with IE.

Vegetto
01-19-2004, 02:16 AM
theres also a program called ADAWARE, its a helpful program too, I have to scan nightly with it and I delete like 25 threatenning programs a night with it

mackensie
01-19-2004, 08:30 AM
Originally posted by Alucard
Some sites ONLY work properly with IE.
maybe a year ago that was more true. but now-a-days all my bank/credit card stuff all now works with mozilla. the only thing that doesn't work is extremely poorly done embedded windows media pages (as the vast majority of them do work).

Alucard
01-19-2004, 11:38 AM
Well thats good for you. But not everyone uses other forms of browsing. I've got 3 installed myself and now and then IE is useful. some only use IE and can't be stuffed using another type. So this is pretty much for them.

mackensie
01-19-2004, 02:14 PM
now and then yep :)
heck even my mom and dad can switch between browsers if their mozilla (which is better than IE in 99% of cases) screws up.

Alucard
01-19-2004, 02:32 PM
IE is pretty shocking in that area, yeah.

aneep
01-19-2004, 09:59 PM
go to www.spywareinfo.com click online spyware detector or something, it will scan your comp for spyware and then prompt you to restart

removes many spyware/adware (not all i think, but most), but the best way if u have time is using hijackthis log and remove the spyware yourself

-aneep-

Bad1
01-19-2004, 11:31 PM
I don't like those sites that say they will scan your pc then fix your problems. There is just no way to be sure what else they do while performing the scan. That is why use Adaware, I can make it so it only gets access while I'm doing an update. I use Spybot-Search and Destroy aswell, for that same reason. The 2 of them together keep things pretty clean. Then, every now and then you do a virus scan. PC health, it isn't that hard.:)

Cobi*
01-20-2004, 03:54 AM
I use Ad-aware, Spybot and a little common sense (I also reconfigured my IE so it doesn't just accept the **** that some sites tell my computer to download).

The only time I've had real issues with my computer were the time I had 2 firewalls running on my PC and networking issues. I'm relatively confident that my computer is clean of viruses and spyware.

Alucard
01-20-2004, 04:12 AM
Use hijackthis and post the log on that forum and see what you find. :D

Cobi*
01-20-2004, 04:19 AM
^ u talkin' to me Alucard?

Alucard
01-20-2004, 09:15 AM
Yeah. But its also directed to anyone reading it. You may not find spyware stuff that you know of either. Like my logitech camera software actually has some little thing installed also that they told me to delete. Same as Creative, they have crap in their sound drivers. Worth putting yuor log up there and seeing whats running on your system.

Alucard
03-06-2004, 09:47 AM
hmm.. I decided to make this one sticky since alot of people generally have computer issues. It definately will come in handy.

Twelve
03-08-2004, 05:06 AM
Thanx Alucard. You're an all-star.


12

Zod
03-13-2004, 11:17 AM
www.cexx.org is another cool site with helpful people when it comes to getting rid of scumware.

It's always good to have multiple links to these kinds of sites, because they've been hacked by scumware and shut down before.

SpaceManSpiff
03-20-2004, 02:19 AM
Heres some good Info. If any of you are ever building a computer, the first thing you MUST do when you put on your operating system and first connect to the internet, is d/l and install windows updates. Do this before you install any drivers or any programs. When I build my computer a while ago, I got that damn blaster virus with the whole RPC thing within minutes of connecting to the net. Now that doesnt mean I opened IE, just that my DSL modem was connected to my computer. At first I thought it was a freak chance of bad luck. But I just built a comptuer for a friend, and within literally 5 minutes I got the RPC shutdown in 60 sec. message. So I guess this virus and others are forever floating on the net. Its just ridiculous that every computer is vulnerable the first second it connects to the net.

And now I hear there is a version of the blaster virus that doesnt respond the the patch, or previous removal utilites.:annoyed:

DarkCloud
09-08-2004, 07:02 PM
The best spyware and adware searcher and destroyer is Spybot: Search and Destroy (http://www.safer-networking.org/en/index.html). It is the best, and it's free.

As for the Homepage related problem. This is typically do to something you installed on your computer. Don't breeze threw installations. Most of the time, after a couple of "Next" clicks, there will be a page telling you "do you want to set your Homepage to "www.whatever.com"? This is already checked for you, you have to uncheck it. But since you breezed threw the installation wizard, you didn't. Theres also a very widespread and gay program out there called "Gator". It is an adware program, but does the job as a spyware. This comes along with a lot of "Freeware" and "Shareware". And in the installation of the program you downloaded it asks you "Do you accept these terms and agreements?? But you didn't look so you?re fucked. "Gator" is one of the most stubborn programs to get rid of. Improbable for you to get it out 100% of your system, without reformatting.

Now, downloading programs isn't the only way people can mess around with your Favorites and Homepage. If you roam around the internet, especially porn, hack, patch, and/or keygen related websites, you will find tons of "Security Warnings". Never "say" yes to these, unless it something you know needs to be installed, such as "QuickTime", "Macromedia", or "Microsoft". After you "say" yes they can practically do whatever they wish.

To fix the Homepage related problem is very easy.

1. In IE go to the "Tools" menu on the top.

2. From the menu choose ?Internet Options..."

3. In the "General" tab change your homepage link to something you would like. (Such as this forum if you live here, Google, or your e-mail account homepage.)

You can also "Use Blank" if you have dial-up. This will save you the time of waiting for the first page you load up so then you can type an address. Very simple. Everyone should know this but for those who don't... You?re Welcome?

suronosuke
09-08-2004, 07:29 PM
And for the lazy people..

AD_KILLER SOFTWARE

spybot homepage http://www.safer-networking.org/en/index.html
adaware homepage http://www.lavasoftusa.com/software/adaware/

ANTI_VIRUS

antivir homepage http://www.free-av.com/
Avast homepage http://www.avast.com/[url]

WEB BROWSER

Mozilla firefox homepage [url]http://www.mozilla.org/products/firefox/
opera homepage http://www.opera.com/

FIREWALL

sygage personal firewall homepage http://www.sygate.com/

damn something is wrong it aint saving the changes i`v been making

Sinful Sam
10-27-2004, 07:51 PM
Am I the only one getting way too many pop ups and trojan horses recently. I?m just browsing this site and I get a crap load. My popup blocker isn?t working well.

I might have spywere...

crystalclear
12-11-2004, 10:18 PM
If you wanna keep your PC clean and safe get AVG(virus scanner, freeware and better then the commercial ones), Adaware and Spybot Search and Destroy.
update all of them every time updates are available and also update windows.
also you should defrag your computer very often, which will make your computer run alot more faster.

Hallucinus
03-24-2005, 05:51 PM
i use a mac
have fun with your worms, trojans and viruses :spinface:

ovejon
04-16-2005, 03:41 PM
i use a mac
have fun with your worms, trojans and viruses :spinface:

If Mac's ever become as dominant as pc is right now, you will also get worms, trojans and viruses.

[M]egaman Ver.6
05-01-2005, 02:56 AM
IE is just like cutting a hole in your pants in jail and lubbing up every morning, you're just asking to get it up the rear thanks to ActiveX. FireFox is much safer, make all the excuses you want but it's just a much better alternative to Internet Exploiter.

Gotta love that Firefox, while I will admit sometimes FF runs into problems I could care less if that means less chances of getting spyware that just rapes your comp.

justin_credible
06-10-2005, 04:00 PM
I agree with the IE bashing, it just sucks. No amount of spyware removing programs and so called fixes can change that. I still got viruses etc... Mozilla is the way to go. It is like a popup blocking spam busting virus scanning browser itself so you don't have to waste time running stupid programs to fix your problem that don't even help.

BashingU
06-29-2005, 04:34 PM
yup I use FireFox...no craziness goings on...Hopefully it will stay that way...Thats why I used to love screensavers...so many great tips for everything, and I am not the most savvy PC person...

LordDeimos
08-08-2005, 05:08 PM
Too little too late, had to recently reformat...oh well, now to fill it again w/spyware and crap...

MarionetteKazuk
08-08-2005, 05:55 PM
I agree with the IE bashing, it just sucks. No amount of spyware removing programs and so called fixes can change that. I still got viruses etc... Mozilla is the way to go. It is like a popup blocking spam busting virus scanning browser itself so you don't have to waste time running stupid programs to fix your problem that don't even help.

IE just plain sucks. It has that "built-in" popup block, which somehow lets every damn popup still get through it's paper thin protection. If you want another good browser too, slimbrowser is good, especially with popups.

welshfreak
08-18-2005, 01:24 PM
Got hit a few days back, geeks to go forums were useful. :cool guy:

MarionetteKazuk
10-09-2005, 10:59 PM
UGH! I was online and then a popup ad somehow go through, I close it and a few seconds later my antivir personal edition warned me about a script trying to run and asked if I wanted to delte it, block it, etc. I click block (or deny access) and a few minutes later my firefox screwed up and I closed it. When I reopened it was asking me about which profile to use. It was weird because it never asked me that before and when I clicked on default it said I couldn't use that because it was already in use. *all of this happened yesterday btw*, and now every so often images don't show at websites. It's not just specific websites this happens at but sometimes they'll show and sometimes they won't. I scanned for spyware last night and it found 8. I cleaned them out and then right after i did two virus scans with 2 different programs (not at the same time though, that would be stupid). They found nothing. But the problem is still going on. I'm going to do one more spyware scan and maybe another antivirus, if that doesn't work then i'll just format. I having to format. It's just the thought of it.

Vegetto
10-10-2005, 12:59 AM
that happend to me one time, firefox screwing up then I close it, then I try to open it again and it asks what user wants to use it and then if you selcect yourself it wont let you

I restarted my PC and it seemed to work.

ive reformatted my PC since then though so its squeaky clean....well it was

MarionetteKazuk
10-10-2005, 01:06 AM
that happend to me one time, firefox screwing up then I close it, then I try to open it again and it asks what user wants to use it and then if you selcect yourself it wont let you

I restarted my PC and it seemed to work.

ive reformatted my PC since then though so its squeaky clean....well it was

Yeah, I was eventually going to format some time soon anyways because my pc has been acting up lately, like stuff just seems to run slower than usual. Also seeing as my computer is crappy it can exceed a certain amout of ram (i think). Because one day while my sister was taking down her old pc to the basement I stole her ram cards (and hard drive :evilsmile ) and I took out one of the 64mb cards and put in the one from her comp with the biggest amount (i'm not sure how much) and when I would turn on my pc the system would just beep, it would be on but nothing would happen except a bunch of beeping. I really want to put linux on my pc (seeing as I have a copy) because there's less of a chance for me to get a virus with it, but the complication of installing programs with that is rediculous. People tell me " You just have to mount this and that." I don't want to MOUNT!!! *breaths heavily*


( ^ ______________________________________________^ )


but anyways I think I'll format tonight once the rest of my episodes of invader zim finish downloading and also my 1000s of genesis roms.

Btw I plan on copying that stuff (as long as the rest of my stuff n my sis') to disk, just so that you don't wonder why I'm wasting time dowloading something that I'm going to delete.

MarionetteKazuk
10-10-2005, 12:19 PM
Ok I did it.... i formatted. I had to save all my stuff (and my sister's) to disk. I let it format while I was sleeping so when I would get up it'll already be at the setup part, so it didn't seem as long. But now it's running good I have firefox installed once again and my mcafee is doing wonders still.

Alucard
10-10-2005, 12:57 PM
Change to pc-cillin!

MarionetteKazuk
10-10-2005, 09:57 PM
For some reason I'm still having the image problem. Again the problem is that sometimes images won't show on websites and I'll have to refresh many times before they do. Anyone knows what the problem could be. I already formated and I would've thought that would have fixed the problem but it didn't (although my computer itself is running a lot better).

SavedFromSin
10-10-2005, 10:05 PM
I have been having the same problem as you are for some time. I can not figure out what is causing these problems.

MarionetteKazuk
10-10-2005, 11:10 PM
I have been having the same problem as you are for some time. I can not figure out what is causing these problems.
It has to be a virus because when my antivir program alerted me and I closed firefox that's when the images started acting weird. But what I still can't figure out is how is it that I formated my pc and it's still doing the same thing. I will be sure to let you know if I find a solution.

MarionetteKazuk
10-12-2005, 05:21 PM
I just found out something very interesting. I had posted my work-in-progress banner on the banner contest thread and the image didn't show up. Well recently (really ever since I formated the other day) when I would try to log onto my gmail acocunt it wouldn't let me. So I disabled my privacy service and it let me, so I figured I try to do the same with the images. I did it and it worked. It must be some kind of screw up that I did when setting up my mcafee. So saved from sin I can't really help you out on solution after all unless you can have some kind of antivirus that's probably blocking images.

flowForth
01-20-2006, 02:06 PM
Speaking of privacy and spyware issues, I believe some of you may be interested in the following article with relation to Windows:

http://www.fuckmicrosoft.com/content/ms-hidden-files.shtml

(excuse the explecetive).

Ho-hum fiddly thumb.

Alucard
01-24-2006, 04:35 AM
http://tweak3d.net/articles/spyware06/

A very nice guide from a brilliant site on ways to get rid of spyware/viruses/etc. Good guide for people who arent too spiffy with PCs.

Ryan_Falco
08-31-2006, 07:55 AM
A better option with better protection would be the German Engineered SpyBot* Search and Destroy. It's free its the best free tool man trust me. I'm not advertising im just saying thats what I use and it found stuff on my buddys computer, 148 trojans and spywares he didnt know about! And it finds little spywares taht get on my comp, but I dnot get alot so lol ya.
http://www.safer-networking.org/ That's where u get it. It could make ur games go alot faster! Again im not advertising just giving advise lols.
Also, concider contacting your service provider and asking for a dynamic IP, one that constantly changes. Or, check if you already have one and go to start menu, RUN, type in COMMAND, and on the black DOS screen type ipconfig /all. That will show your IP and IP info. Type in ipconfig /release, wait 5 minutes, or 30 seconds whichever u can manage at the time, and then type in ipconfig /renew. You should now see information displaying your computer, showing a NEW IP address. This will stop hackers cold. And try getting both a Hardware and a Software Firewall. Hardwares you have to payfor but there are great free software firewalls like ZoneAlarm. Get all those things and scan regularily, and if you can spare the cash get soemthing like Norton Antivirus to protect against worms and stuff. One thing none of those can protect against is viruses and worms and trojans and spys that are INSIDE PICTURES. so if you're in a porn site lookin at chix, be carefull what site ur at because the pic can be encoded with a virus! Everything besides that though, can be fixed and prevented using the options I provided. Hope that info helps some ppl! Kk peace

:kill: :too mad: :kill:

Ryan_Falco
09-01-2006, 11:03 PM
please delete this post I accidentally double posted cus I forgot I already replied and yea... sorry AussieAdmin*TM pls delete it! Didnt mean 2 double post :O

SuperAngelo64
09-08-2006, 04:52 PM
I cannot seem to get rid of this file called sql-smss.exe.

I have tried everything suggested.

EDIT: Nevermind I got it. The bastard constantly altered reg keys.

Zachalmighty
06-13-2007, 11:08 PM
If anyone has come in contact with Virtumonde It is almost impossible to get rid off even in safe mode running a dos shell extension to manually delete it.

Heres your fix, http://www.bleepingcomputer.com/forums/topic18610.html

Alucard
06-13-2007, 11:48 PM
Good find

Zachalmighty
06-13-2007, 11:52 PM
Good find
Thanks.

You know what Virtumonde does right? Its possibly the worst ever spyware to get.

It drops trojan downloaders, trackers, and this crappy anti virus program called win-antivirus. The way I tried to get rid of it was by typing

C:/ -r -a -s -h (the dll file name).dll
next command line
C:/ delete (dll file name).dll
didnt work.
tricky bastard.

Zachalmighty
06-17-2007, 11:40 AM
Smitfraud fix

http://www.bleepingcomputer.com/forums/topic17258.html

MarionetteKazuk
02-17-2009, 01:43 AM
Thought I'd post this here instead of making a new thread.

Link (http://www.technibble.com/computer-repair-utility-kit/)

It's a computer repair toolkit, seems pretty useful. Good to use on thumb drives.