Spyware....

THPS

THPS

CAGiversary!
Feedback
7 (100%)
I am fed up with spyware. Because of it, I had to re-install Windows not too long ago. Just the other day, my homepage kept getting reset and my computer was as slow as dial-up. I just got broadband so this made me really mad. Ad-Aware couldn't find any spyware to delete so I downloaded SpyBot. The download cost me $30 but I feel it was worth it. It does a very thorough scan and can recognize much more than other free spyware removal programs. If you have problems with spyware, I highly recommend getting this.

EDIT: IT IS SPYHUNTER NOT SPYBOT
 
Why did it cost you $30 to download Spybot? I get it for free all the time off of download.com, we use it on nearly every computer at our company.
 
Spyware does indeed suck hard. It has caused this computer much pain and I'm not very good with computer so the suffering will continue. If it were up to me I'd personally enjoy tracking down everyone affiliated with spyware's conception and then see to their slow demise.
 
Spybot can delete important files that are NOT spyware so be careful.

Don't trust it outright. Make sure you know what you are deleting.

And spybot IS FREE
 
For the cost of SpyBot, it would scan your computer for free but you had to get the full version in order to delete it so I had to buy it from their website.

EDIT: Wait one second, it is actually SPYHUNTER I got. Sorry about that. I just checked right now and saw that. I think I was going to download SpyBot but didn't.
 
I use spybot and ad aware, in addition to cwshredder and hijackthis.

I also have a free program called spyware guard running that alerts me if my homepage is being changed, etc.
 
There are some fake "Spybots" out there, if you are unlucky enough to install one, you will have to pay $30 for the removal tool, or reinstall/delete said files manually. I know this because it was posted on the spybot- search and destroy home page:

http://www.safer-networking.org/

sometimes there is even spyware in drivers for hardware in your pc. I suggest doing a minimum install unless absolutely neccesary.
 
Not too long ago I had some Golden Palace Casino software install itself on my machine. At the same time, my Google toolbar disappeared AND my homepage got set to some oddball search engine (can't remember the name). Uninstalling manually did not fix any of this, because as soon as I would restart, it would all reinstall again. I finally got it to stay gone...for about 6 weeks. Then it popped up again. Up to date Spybot didn't detect anything, sadly, so I went on a rampage and uninstalled every program that I didn't recognize, cleaned my startup files, and also uninstalled stuff like Gamespot's DLX client and Kazaa (yeah, I know that last one is a big red alarm). No problems since, but it made me lose a lot of faith is Spybot.
 
[quote name='PsyClerk']Not too long ago I had some Golden Palace Casino software install itself on my machine. At the same time, my Google toolbar disappeared AND my homepage got set to some oddball search engine (can't remember the name). Uninstalling manually did not fix any of this, because as soon as I would restart, it would all reinstall again. I finally got it to stay gone...for about 6 weeks. Then it popped up again. Up to date Spybot didn't detect anything, sadly, so I went on a rampage and uninstalled every program that I didn't recognize, cleaned my startup files, and also uninstalled stuff like Gamespot's DLX client and Kazaa (yeah, I know that last one is a big red alarm). No problems since, but it made me lose a lot of faith is Spybot.[/quote]

For every new piece of spyware that a anti-spyware prog can detect there are 2 new ones popping up that it can't detect.

Same goes for antivirus software.
 
Modify your HOSTS file to prevent access from the adservers. You can update it to block all the adservers that you come across.
 
Ironic that not 12 hours after I posted above, my machine was taken hostage by about 16 distinct adware/spyware programs. Took 45 minutes to get it cleaned this time. Absolute insanity. I don't get spyware over time...I get a bigass batch all at once.
 
[quote name='PsyClerk']Not too long ago I had some Golden Palace Casino software install itself on my machine. At the same time, my Google toolbar disappeared AND my homepage got set to some oddball search engine (can't remember the name). Uninstalling manually did not fix any of this, because as soon as I would restart, it would all reinstall again. I finally got it to stay gone...for about 6 weeks. Then it popped up again. Up to date Spybot didn't detect anything, sadly, so I went on a rampage and uninstalled every program that I didn't recognize, cleaned my startup files, and also uninstalled stuff like Gamespot's DLX client and Kazaa (yeah, I know that last one is a big red alarm). No problems since, but it made me lose a lot of faith is Spybot.[/quote]

That's why you need both Spybot and AdAware. Neither one is complete protection, but together you'll get the best protection. I have noticed, however, that AdAware is updated more often.
 
Your best defense against Spyware is either Spybot or Adaware (both are not necessary) and a free popup blocker. Spyware usually gets installed by an errant click on a pop up window you didn't want in the first place. Sometimes these pop up windows will prompt you with a EULA. If you clicked yes, it is over for you. Spyware everywhere.

I deal with this all the time at work. I remove spyware from at least 2 PCs a day. Usually, the user has no idea how to use (and not use) a computer. I spend half an hour cleaning that shit out. I've learned quite a bit about the nature of spyware so I'll share it with you. Follow these steps, in order, and you should be ok. Make sure you close ALL PROGRAMS AND IE WINDOWS WHILE DOING THIS! Otherwise, this won't work and your spyware will come back.

1) Uninstall any and all spyware that you can using Add/Remove programs. Spyware is getting so smart that it knows how to re-install itself when it detects a program like Ad-Aware has removed it. (I had this problem last week :roll:.) The best way to keep it from coming back right away is to remove it the old fashioned way first. (The latest version of Golden Palace Casino actually tells you to enter "The number you see if you are not a program" to uninstall!) Also, reboot when prompted. I know this can be tedious but the end result is a smooth running computer.

2) Once you have removed all the spyware you can the "normal" way run your anti-spyware program. (I will use Ad-Aware as my example program.) Make sure you've checked the special scan settings to include your IE Favorites and your Hosts file. (The hosts file is one way spyware reroutes your homepage and your search properties.) Don't just use the default settings because they ALWAYS miss something. Scanning archive files is not really necessary unless you are in the habit of downloading questionable software from questionable sources. :wink:

adaware.jpg


After the scan, Ad-Aware will prompt you with a results screen. Nine times out of 10 none of the objects it finds will be selected. This is what it will look like.

adaware2.jpg

YOU MUST MANUALLY SELECT THESE ITEMS OTHERWISE THE SPYWARE WILL STAY ON YOUR COMPUTER!!!

adaware3.jpg


There are occasions where Ad-Aware won't be able to remove certain files that are in use. These are usually .dll files that the spyware is using. Make sure you reboot and allow the second scan to proceed. Again, you want to take your time and be as thorough as possible.

3) Next, scan your Program Files folder for sub-folders that don't belong. A few popular ones for me are "hbinst", "hotbar", and "SearchBar." The "hbinst" folder is where Hotbar stores its installation files if ever it gets removed by a bot. Ad-Aware doesn't always delete these folders for some reason so it's best to check just in case. Also, dump your Temporary Internet files since many of these programs leave dormant installation files there too.

Repeat and rinse if necessary. :wink:

Sorry if this was a bit long.
 
[quote name='daphatty']Your best defense against Spyware is either Spybot or Adaware (both are not necessary) and a free popup blocker. Spyware usually gets installed by an errant click on a pop up window you didn't want in the first place. Sometimes these pop up windows will prompt you with a EULA. If you clicked yes, it is over for you. Spyware everywhere.

I deal with this all the time at work. I remove spyware from at least 2 PCs a day. Usually, the user has no idea how to use (and not use) a computer. I spend half an hour cleaning that shit out. I've learned quite a bit about the nature of spyware so I'll share it with you. Follow these steps, in order, and you should be ok. Make sure you close ALL PROGRAMS AND IE WINDOWS WHILE DOING THIS! Otherwise, this won't work and your spyware will come back.

1) Uninstall any and all spyware that you can using Add/Remove programs. Spyware is getting so smart that it knows how to re-install itself when it detects a program like Ad-Aware has removed it. (I had this problem last week :roll:.) The best way to keep it from coming back right away is to remove it the old fashioned way first. (The latest version of Golden Palace Casino actually tells you to enter "The number you see if you are not a program" to uninstall!) Also, reboot when prompted. I know this can be tedious but the end result is a smooth running computer.

2) Once you have removed all the spyware you can the "normal" way run your anti-spyware program. (I will use Ad-Aware as my example program.) Make sure you've checked the special scan settings to include your IE Favorites and your Hosts file. (The hosts file is one way spyware reroutes your homepage and your search properties.) Don't just use the default settings because they ALWAYS miss something. Scanning archive files is not really necessary unless you are in the habit of downloading questionable software from questionable sources. :wink:

adaware.jpg


After the scan, Ad-Aware will prompt you with a results screen. Nine times out of 10 none of the objects it finds will be selected. This is what it will look like.

adaware2.jpg

YOU MUST MANUALLY SELECT THESE ITEMS OTHERWISE THE SPYWARE WILL STAY ON YOUR COMPUTER!!!

adaware3.jpg


There are occasions where Ad-Aware won't be able to remove certain files that are in use. These are usually .dll files that the spyware is using. Make sure you reboot and allow the second scan to proceed. Again, you want to take your time and be as thorough as possible.

3) Next, scan your Program Files folder for sub-folders that don't belong. A few popular ones for me are "hbinst", "hotbar", and "SearchBar." The "hbinst" folder is where Hotbar stores its installation files if ever it gets removed by a bot. Ad-Aware doesn't always delete these folders for some reason so it's best to check just in case. Also, dump your Temporary Internet files since many of these programs leave dormant installation files there too.

Repeat and rinse if necessary. :wink:

Sorry if this was a bit long.[/quote]

Since you seem to know a lot about cleaning computers, I wanted to see if you knew any way to get rid of the Jeefo virus. I have it on my computer according to Norton antivirus, but I cannot get rid of it. Norton tries to delete and quarantine the files, but it is unsuccessful. I having been trying to figure this out for weeks. Any help would be greatly appreciated.
 
You came to the right place. :D I attended a three day training class at Symantec's headquarters last year.

You need to do a couple of things. First, check the symantec website to see if they have a Jeefo removal tool. These are usually small enough to fit on a floppy. Sometimes they are larger and therefore will need to be burned to a CD. To remove the virus, boot into safe mode and run the removal tool (if one exists) and then run a scan. The biggest cause of Access Denied errors is because the file is in use. Safe mode loads the OS with the bare minimum of files, which is usually less than a virus needs in order to run.

There are some additional steps to take depending on your OS version. Click the link below and READ EVERYTHING symantec has to say about the Jeefo virus.

http://securityresponse.symantec.com/avcenter/venc/data/w32.jeefo.html
 
spyware sux, not that i care that someones spying on what im doing but those retarded pop ups keep comming. i've kept my ad-aware updated but it still doesent get rid of them all. well i've now come to a point where i just accept the spyware being there, ive tried reformatting, pop up blockers, and numerous progs but they just dont go away. so screw it, ill just put up with it, who knows maybe v could even become friends....
 
For my dad's computer, we have
SpyBot: Search and Destroy and
Pop-up Cop
The spybot takes care of most of the ad-ware and spyware on my computer. Even if you do delete all of the ad-ware, there will still always be pop-ups.
And that's what I used Pop-up Cop for.
it does a great job, it was ranked highest effectively working pop-up blocker for the lowest price. instead of 30$, it's 19.95$.
Absolutely no pop-ups on my computer, either. :)
 
I used Pop-Up Cop a while back. Google Toolbar seems better. Also, GT is free. I use it at both home and work. Have blocked over 400 pop-ups at work, nearly 5000 at home. I think I've seen maybe 1 pop up in the past 4 months, but that was most likely from errant adware that escaped a purge.
 
I use:
Ad-Aware [at least weekly]
Spybot Search and Destroy [at least weekly]
Google Toolbar [popup-blocker and integrated search]
AVG Anti-Virus [autoscan daily]
Antivirus.com's online search about fortnightly.
And of course the three essential rules, which are all too often ignored:
* Only download/install programs if you know what they are and trust them.
* Any of these tools are worthless if you don't update and run them, often.
* NEVER open a file/email attachment ifv you don't know what it is, who it's from, and are expecting it.
 
[quote name='PsyClerk']Not too long ago I had some Golden Palace Casino software install itself on my machine. At the same time, my Google toolbar disappeared AND my homepage got set to some oddball search engine (can't remember the name). Uninstalling manually did not fix any of this, because as soon as I would restart, it would all reinstall again. I finally got it to stay gone...for about 6 weeks. Then it popped up again. Up to date Spybot didn't detect anything, sadly, so I went on a rampage and uninstalled every program that I didn't recognize, cleaned my startup files, and also uninstalled stuff like Gamespot's DLX client and Kazaa (yeah, I know that last one is a big red alarm). No problems since, but it made me lose a lot of faith is Spybot.[/quote]

psyclerk, THE SAME EXACT THING HAPPENED TO ME! i got rid of most of it, but i still have to deal with it daily b/c ad aware can't remove the .dll files.

daphatty, thanks for the advice. i'm gonna try that on my computer before i leave the office.

[quote name='daphatty']There are occasions where Ad-Aware won't be able to remove certain files that are in use. These are usually .dll files that the spyware is using. Make sure you reboot and allow the second scan to proceed.[/quote]

btw, when i first used ad-aware, it automatically ran a second scan after i rebooted. ever since i was bombarded (refer to psyclerk's story up above) ad-aware doesn't automatically run a second scan after reboot. anybody know how to remedy this situation? thanks.
 
Do you also have Spybot? I did manual uninstalls for all the 'foreign' programs I saw in Add/Remove programs, then ran Spybot BEFORE I rebooted for anything.

I also grabbed Ad-Aware yesterday and it found even more stuff, though mainly just cookies. Still a few 'real' entries though.

I had stopped using Ad-Aware a while back because months ago, we (the IT department I worked with) found that it didn't do as well as Spybot. Obviously that's changed, and I'm already adding both programs to my tools disc so I'll have them ready to install anywhere.
 
yea, i also use spybot. i don't like spybot as much as ad aware though b/c it seems to pop up everytime i run spybot.... kinda like spybot is the trigger for all this spyware. i d'l it off of download.com so i'm pretty sure it's the real thing. i'll probably uninstall spybot today and reinstall it later tonight. this time, i'm going to download it off of thier website. to me, it seemed that spybot created more problems on my work computer.
 
Actually, Spybot makes backups of some software entries, so Ad-Aware picks up on those backups. Spybot SHOULD have flashed a warning about that the first time you ran it.

Remember, though, to go through Add/Remove and take out the unknown programs. Look for stuff like WhenUSave, SaveNow, New.net, CasProg, and Bridge. All should be axed.
 
[quote name='daphatty']You came to the right place. :D I attended a three day training class at Symantec's headquarters last year.

You need to do a couple of things. First, check the symantec website to see if they have a Jeefo removal tool. These are usually small enough to fit on a floppy. Sometimes they are larger and therefore will need to be burned to a CD. To remove the virus, boot into safe mode and run the removal tool (if one exists) and then run a scan. The biggest cause of Access Denied errors is because the file is in use. Safe mode loads the OS with the bare minimum of files, which is usually less than a virus needs in order to run.

There are some additional steps to take depending on your OS version. Click the link below and READ EVERYTHING symantec has to say about the Jeefo virus.

http://securityresponse.symantec.com/avcenter/venc/data/w32.jeefo.html[/quote]

I did everythin symantec told me to do, but it did not remove the virus. I was able to determine that all the files are in the following location:
c:\undo\backup.cab

There are multiple compressed files in there that are infected. The problem is, I cannot delete the files when I go in the folder. The only thing I can think of would be to delete the entire backup.cab file, if that is even possible. Is that a mistake? I think that might be one of the only remaining options I have. Please give me your advice again. Thanks.
 
[quote name='nikkai']Here's the big irony. Adaware itself is spyware... =P check around the web for articles.[/quote]

How about you supply some links. Bold statements like that come across as bullshit unless you have something to back it up. I've been using this program for quite some time in a corporate environment and have yet to find any such evidence to support your claims.
 
[quote name='greendj27']
I did everythin symantec told me to do, but it did not remove the virus. I was able to determine that all the files are in the following location:
c:\undo\backup.cab

There are multiple compressed files in there that are infected. The problem is, I cannot delete the files when I go in the folder. The only thing I can think of would be to delete the entire backup.cab file, if that is even possible. Is that a mistake? I think that might be one of the only remaining options I have. Please give me your advice again. Thanks.[/quote]

What operating system are you running? Do you happen to own a Dell/Gateway/Insert Manufacturer name here computer? Reason I ask is I have yet to see a Windows based computer with an "Undo" folder containing a backup.cab file. I build my own computers so I would have just deleted the folder, however, I have no idea what kind of system you use so caution is urged.
 
[quote name='daphatty'][quote name='greendj27']
I did everythin symantec told me to do, but it did not remove the virus. I was able to determine that all the files are in the following location:
c:\undo\backup.cab

There are multiple compressed files in there that are infected. The problem is, I cannot delete the files when I go in the folder. The only thing I can think of would be to delete the entire backup.cab file, if that is even possible. Is that a mistake? I think that might be one of the only remaining options I have. Please give me your advice again. Thanks.[/quote]

What operating system are you running? Do you happen to own a Dell/Gateway/Insert Manufacturer name here computer? Reason I ask is I have yet to see a Windows based computer with an "Undo" folder containing a backup.cab file. I build my own computers so I would have just deleted the folder, however, I have no idea what kind of system you use so caution is urged.[/quote]

I have a dell computer. It came with Windows Me, which was terrible, so I upgraded to windows XP.
 
Turn off System Restore in XP. Files get cached that way, including malicious files. Viruses can propogate out of the System Restore.
 
[quote name='PsyClerk']Turn off System Restore in XP. Files get cached that way, including malicious files. Viruses can propogate out of the System Restore.[/quote]

I did turn it off. Didn't help anything. Thanks for the idea though.
 
Did you run the tool after you turned off System Restore?

Edit: Just looked it up and you can safely delete backup.cab. And delete the undo folder. That is only created if you upgrade your OS. It contains data needed if you want to uninstall XP and revert to ME. It's not necessary and just takes up space, unless you are unhappy with XP.
 
Yes I did. I first turned off system restore. Restarted my computer in Safe Mode, and then ran my antivirus program. (Norton)
 
[quote name='PsyClerk']See above edited post.[/quote]

Thanks. I'm about to delete it. I really hope this works.
 
Wow thanks for the info daphatty! Most of the spyware I had kept coming back but now it hasn't come back in a while. My computer has been much faster lately and my homepage has stayed the same. L)
 
You must log in or register to reply here.
bread's done
Back
Top