Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Dron

Unstoppable virus/adware/spyware

By Dron, in Everything Else

Recommended Posts

Dron   

Dron
Posted

Okay, there's a program on my computer called "Adserve" that inserts pop-ups while im using the computer and makes dlfintemp(numberhere) folders in my documents and settings folder. The thing is, I can't get rid of it. I delete the temporary folders scan the computer with spybot S&D AND McAfee virus scan. I downloaded a special tool to delete adserve and IT didn't detect anything I searched for Adserve.exe on my computer and couldn't find it. No matter what I do it keeps returning. I deleted EVERYTHING that had the words Adserve in it and it still won't die. Any suggestions?

0

Share this post

Link to post

Sephiroth   

Sephiroth
Posted

S&D and adware cant get it all! yes there is stuff they even cant remove. however i have found only a few.

solution: regedit! yes my friend get to know your registry. i find my self in here alot because of spyware. however a word of caution. many spyware apps will destroy networking if you do not remove them correctly or completely!

steps to removale
stop an spyware processes in task manager
uninstall if possible, add/remove software
delete all 'bad' files (spyware related, duh!) on hard drive
regedit, be sure to remove all entries in registry. there are programs that can help.
this usally gets rid of it. however remeber some programs need spyware. these include a great many P2P share programs. some chat clients and other so called "freeware" apps that are nothing more than a spyware delivery system

0

Share this post

Link to post

Dron   

Dron
Posted
Sephiroth said:

solution: regedit! yes my friend get to know your registry. i find my self in here alot because of spyware. however a word of caution. many spyware apps will destroy networking if you do not remove them correctly or completely!

I already tried that. I deleted the adserve folder AND the registry entries it created I even deleted it from the startup list

0

Share this post

Link to post

Terra-jin   

Terra-jin
Posted

I've got several 'strangestuffs' myself. For one thing there's a program called ShopAtHomeSelect Agent in the Add or Remove Programs control panel. Doens't sound like anything you'd willfully install, right?

Anyway, when I try to remove it, my computer reboots! How inexplicable is that! Then there's the files/folders that I can't delete because 'access is denied' or it's 'in use' or 'doesn't exist'.

Oh well... as long as my computer works normally, it's okay I guess...

0

Share this post

Link to post

Dron   

Dron
Posted

Hmm... i've heard some stuff about Adserve.exe being related to the Sasser/Netsky/Doomjuice worm. Is this true

0

Share this post

Link to post

Sephiroth   

Sephiroth
Posted
Dron said:

Hmm... i've heard some stuff about Adserve.exe being related to the Sasser/Netsky/Doomjuice worm. Is this true

i wouldn't dout it. there are very few laws, if any, about how spyware works

0

Share this post

Link to post

Use   

Use
Posted
Dron said:

Hmm... i've heard some stuff about Adserve.exe being related to the Sasser/Netsky/Doomjuice worm. Is this true


Yup!

0

Share this post

Link to post

Sephiroth   

Sephiroth
Posted

right now my dad just got his computer infected. after i spent a week fixing it, god damn!

well if this lesson has taught me anything it is he is a moron.
well i am gonna install net nanny or a similar program, recommend something people. i dont really care if he looks at porn, but hell stop getting spyware on my network! even worse is this shit that dont go away. i AM paying for my internet so i make to rules. seeing that he cant learn he is now banned until i install a restrictive program.

now my dad is no genius. so recomend something that is effective at blocking what i tell it to block, even if there are ways around it. he aint gonna find those ways.

also his ass is paying me for doing this. seeing that he is a dumbass, makes me wonder what is on his work computer.

0

Share this post

Link to post

Bucket   

Bucket
Posted
Terra-jin said:

Anyway, when I try to remove it, my computer reboots! How inexplicable is that! Then there's the files/folders that I can't delete because 'access is denied' or it's 'in use' or 'doesn't exist'.

Not very inexplicable at all. There are a number of ways spyware can "preserve" itself, not limited to making you go online to the infernal company's website to download an uninstall program. Intolerable, but not inexplicable.

Solution: delete these in Safe Mode.

0

Share this post

Link to post

Psyrus   

Psyrus
Posted
Numbermind said:

Solution: delete these in Safe Mode.

...or while in DOS as a last resort. I had to do this with a couple of files that decided to lock up explorer whenever I clicked on them.

0

Share this post

Link to post

Skeletor   

Skeletor
Posted

Remember to always update your OS with those patches. Yeah, I know your fraggin away in Doom, but they're important. Alot of people just brush them off. I always did and I got infected with a worm a couple months back.

Also, don't use Internet Explorer. I recommend using Opera web browser. No popup-ads, no spyware, and Opera uses tabs. No more extra windows! Makes browsing so much easier.

0

Share this post

Link to post

Skeletor   

Skeletor
Posted
Sephiroth said:

right now my dad just got his computer infected. after i spent a week fixing it, god damn!

well if this lesson has taught me anything it is he is a moron.
well i am gonna install net nanny or a similar program, recommend something people. i dont really care if he looks at porn, but hell stop getting spyware on my network! even worse is this shit that dont go away. i AM paying for my internet so i make to rules. seeing that he cant learn he is now banned until i install a restrictive program.

now my dad is no genius. so recomend something that is effective at blocking what i tell it to block, even if there are ways around it. he aint gonna find those ways.

also his ass is paying me for doing this. seeing that he is a dumbass, makes me wonder what is on his work computer.


woah man. respect your father....

unless he's a drunk, substance abusing asshole who abuses you.

0

Share this post

Link to post

Mordeth   

Mordeth
Posted

Trouble removing malware from your computer and Adaware/Spybot don't seem to get rid of it? Search on google for removal instructions. And may I suggest that you browse SAFELY?

0

Share this post

Link to post

wildweasel   

wildweasel
Posted

And may I suggest that you browse SAFELY?

How? There's virtually NO way to browse safely anymore. I'm probably going to switch from Firefox back to Opera, because I've had better luck with it.

0

Share this post

Link to post

pritch   

pritch
Posted
wildweasel-r3000 said:

How? There's virtually NO way to browse safely anymore. I'm probably going to switch from Firefox back to Opera, because I've had better luck with it.

This is like saying there's no way to drive safely because there are a few idiots on the road. Of course you can browse safely, you just need a good firewall, you need to understand how your computer responds to pings from the internet and how vulnerable it is, and you need to recognise how to spot malware running on your system and how to remove it. If you googled for all this info, downloaded something like zonealarm for a start and so on, you could be browing safely in like a couple of hours maximum.

Ok, ok, maybe it would not be 100% perfect safety, but then I could say I'm unsafe sat here in my house because a giant fucking great asteroid could fall out of the sky and squash me any second...

0

Share this post

Link to post

Arioch   

Arioch
Posted

I don't need any of that shit to "browse safely".

Browsing "safely" is a state of mind and no combination of software can really make you safer without doing some truly low-level modifications to your habits.

I note that there are already .xpi installers out there for spyware for Mozilla and Firefox, and more are being written every day, and at the moment they can also be launched from jscript onclicks, onloads, and such (until the next Firefox update). The problem is just starting to get bad on Mozilla's side.

Here's a hint: you've got a NT-based OS? Run as a restricted user. Use "run as" to act as an administrator on installers for games and applications that you're absolutely fucking sure aren't loaded down with malware and trojans (those programs you're downloading from warez sites? stay the fuck away from those unless you've got an MD5 that verifies it is unmodified from the original).

0

Share this post

Link to post

Sephiroth   

Sephiroth
Posted
Skeletor said:

woah man. respect your father....

unless he's a drunk, substance abusing asshole who abuses you.

well um.... yea.

point is if he was your father you would be ashamed too... but we are not here to discuss that.

we are here to discuss other evils, mainly spyware.

anyways it was just easier to reinstall. christ there was 18 trojans, who knows what else, too many spyware programs to count. all this done in a single night?
i flashed the bios cleaned the drive, MBR included. i didnt really feel like sitting down with his system, more so after i had just gone thru that.

0

Share this post

Link to post

Reisal   

Reisal
Posted
Sephiroth said:

right now my dad just got his computer infected. after i spent a week fixing it, god damn!

well if this lesson has taught me anything it is he is a moron.
well i am gonna install net nanny or a similar program, recommend something people. i dont really care if he looks at porn, but hell stop getting spyware on my network! even worse is this shit that dont go away. i AM paying for my internet so i make to rules. seeing that he cant learn he is now banned until i install a restrictive program.

now my dad is no genius. so recomend something that is effective at blocking what i tell it to block, even if there are ways around it. he aint gonna find those ways.

also his ass is paying me for doing this. seeing that he is a dumbass, makes me wonder what is on his work computer.


Install SpywareBlaster and SpywareGuard on his machine w/ latest updates.

0

Share this post

Link to post

Mordeth   

Mordeth
Posted

wildweasel-r3000 said:
How? There's virtually NO way to browse safely anymore. I'm probably going to switch from Firefox back to Opera, because I've had better luck with it.


I mentioned it before, but here it goes again:

When using IE, go to Tools > Internet Options > Security Settings. Choose Internet icon, click on Custom Setting. Disable all ActiveX stuff, set all mentions of security settings to highest and disable Java applets. You may also choose to disable Active Scripting (aka javascript) to get rid of pop-ups windows and stuff. Going back to Internet Options, set on the Privacy page your cookies to "medium high" at the least. With these restrictive settings IE is as safe as the next browser.

Do not use Outlook Express. Download any of the free email clients available (ie. Eudora, or Pegasus) and use that instead. Never open any attachments, ever. Delete spam unread.

After that, get ZoneAlarm (or another firewall of your choice) and take the time to read the manual and install it.

At regular intervals check Windows Update. This requires you to turn on ActiveX (set to 'prompt'), Active Scripting and cookies to 'medium high'. Don't forget to put those back to more restrictive settings after you're done.

And when you download files from internet you really, really need an up-to-date virus scanner. Do not install 3rd party programs blindly, especially those you downloaded from untrusted sites.

0

Share this post

Link to post

Laguna   

Laguna
Posted

Was it a magnum-sized one? Those aren't really one-size-fits-all... Fucking advertising.

0

Share this post

Link to post

Ultraviolet   

Ultraviolet
Posted

You don't JUST do this or JUST do that and expect everything to be fine.

- Format your HD
- Install Windows from a clean CD
- Windows update
- Firewall
- Spybot S&D
- Ad-Aware
- SpywareBlaster
- SpywareGuard
- Probably a few other things. Google Toolbar couldn't hurt, if you're planning to continue using IE. (NO FUCKING COMMENTS PLEASE.) Browse smart. Don't click anything that says "CLICK HERE TO SEE SUCH AND SUCH A SUPER AMAZING THING! ONCE IN A LIFETIME OFFER!" Don't download every program that claims it will make your computer work 500% faster, even if it shows these neat little graphs demonstrating that the computer running the program is running really super fast!11!1! Close popups that get through whatever filtering you have setup as fast as you possibly can.

0

Share this post

Link to post

Dron   

Dron
Posted
Mordeth said:

Trouble removing malware from your computer and Adaware/Spybot don't seem to get rid of it? Search on google for removal instructions. And may I suggest that you browse SAFELY?

I did. Couldn't find nothin'

0

Share this post

Link to post

myk   

myk
Posted

Did you patch up the LSASS vulnerability? If so run the Sasser Worm Removal Tool. If that doesn't do it, search for relatively new EXEs and try renaming them to disable them, since usually trojans are backed up on another folder (such as system32 or the local drive) and then copied into the windows folder and installed. If that works delete those EXEs and any of the very same size (and similar name format, probably.)

0

Share this post

Link to post

Mordeth   

Mordeth
Posted

Ultraviolet said:
- Windows update
- Firewall


I would do that the other way around, if I were you.

0

Share this post

Link to post

zark   

zark
Posted
Arioch said:

I don't need any of that shit to "browse safely".

Browsing "safely" is a state of mind and no combination of software can really make you safer without doing some truly low-level modifications to your habits.

I note that there are already .xpi installers out there for spyware for Mozilla and Firefox, and more are being written every day, and at the moment they can also be launched from jscript onclicks, onloads, and such (until the next Firefox update). The problem is just starting to get bad on Mozilla's side.

Here's a hint: you've got a NT-based OS? Run as a restricted user. Use "run as" to act as an administrator on installers for games and applications that you're absolutely fucking sure aren't loaded down with malware and trojans (those programs you're downloading from warez sites? stay the fuck away from those unless you've got an MD5 that verifies it is unmodified from the original).

Amen. I've rarely had any big problems just browsing... the only times I have problems are due to my own stupidity (downloading .exe files from Kazaa)... I do get a fair number of tracking cookies and stuff showing up in Ad-Aware, but that's fairly normal.

I don't understand how people can get spyware and viruses just by surfing around. OK, maybe by using IE without any pop-up blocker and such. But most people on these boards are smart enough not to use that. Is there some secret spyware-infecting website nobody's told me about?

0

Share this post

Link to post

Ultraviolet   

Ultraviolet
Posted

Mordeth: It wasn't supposed to be in any particular order, heh.

How about unplugging your network cable when you aren't using the machine?

0

Share this post

Link to post

Graf Zahl   

Graf Zahl
Posted
Mordeth said:

I mentioned it before, but here it goes again:

When using IE, go to Tools > Internet Options > Security Settings. Choose Internet icon, click on Custom Setting. Disable all ActiveX stuff, set all mentions of security settings to highest and disable Java applets. You may also choose to disable Active Scripting (aka javascript) to get rid of pop-ups windows and stuff. Going back to Internet Options, set on the Privacy page your cookies to "medium high" at the least. With these restrictive settings IE is as safe as the next browser.



Yeah, but unfortunately half the internet won't work anymore after that. Far too many designers still think it's cool to force their users to use such insecure settings.

0

Share this post

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing Everything Else
×