Posted on 12/06/2010 9:34:59 AM PST by piytar
Running Windows XP with Microsoft Security Essentials and Ad-Aware for protection. Getting random nasty (and I mean nasty) pron ads and links popping up. Sec Essentials and Ad-Aware scans show zilch. About to go through the misery of the Major Geek/Hijack This cleaning process, which takes hours (but does work). Thought I'd ask here first if anyone knew of a specific new pron virus/bot that's making the rounds. If so, it might help me clean it out quicker. Thanks!
PS I do searches for manufacturing for certain clients, so I end up on Chinese mfg sites a bit. (Trying to buy American, but done a search for mfg lateley? You get a LOT of hits in China et al.) Wonder if one of those was "dirty"? Does that help anyone id the virus/bot?
I have had success with Superantispyware. It found items Malwarebytes did not.
Not that I enjoy asking stupid questions I can answer anyway, but I have NEVER been able to figure out why any human being would take the time or delight in creating these things to harm innocent people who’ve never done any harm to them? Why? It just beyond comprehension to purposefully destroy something for absolutely NO reason?
Thanks! Will give it a try!
Try this first.
http://downloadcenter.trendmicro.com/index.php?clk=tbl&clkval=355®s=NABU&lang_loc=1#undefined
then this
Generally, when AV-companies shows you tests (100% detection and so on), the test is fraudulent. That is because these tests are done against a small subset of viruses known as the wildlist. Compiling the wildlist is a small number of AV people and cronies. The problem with that is that the wildlist is a very small percentage of what is known to be in the wild.
What is known to be in the wild is collected by a couple of companies who, in practice, solicits new viruses. *That* list stands at several million. And those companies, like the subset-keepers, are paid by the AV-companies. At least, that was how things worked not very long ago, been a few months since I actually took that stuff apart.
If you deal with the AV establishment (like Trend, K7, Symantec, Norman and so on), there's a fairly high chance that you're being ripped off, contribute to very bad actors, or both.
Don’t even.
Try Avast instead. Free, effective and almost no footprint.
Fixwareout.exe
It runs in a ‘DOS’ or ‘command’ box.
Run it in Safe Mode only.
Browse the web with a vmware machine running linux. Furthermore, use an “undoable disk”.
Good info, thanks for posting.
What do you know about Webroot/Spy Sweeper?
Well, it COULD be an extreme use of flash cookies to call ads, the link to the settings manager http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager08.html.
Only take a minute to delete all.
And make sure you use the “full scan” of sec essentials. I assume you checked your host file, cleaned your cache.
Good luck.
I find this tool helpful for Windows systems as well as linux you can boot it up and scan your system without any programs running has lots of good rescue tools you can find information about it at www.distrowatch.com it is called Trinity Rescue Kit.
By the way, IIR, Ad-Aware is owned by a company called ‘Lavasoft’. I used to have that (actually a paid subscription) but it ran out and they never even emailed me to solicit renewal or acknowledged me as a customer. This was a couple of years ago. It was odd, and made me suspicious of what kind of company it is. So I forgot about it.
Thanks, all! Will try some/all of the suggestions. Really hate doing the Hijack This routine. Will report back if any of the suggestions work.
Well, in the case of pron viruses/bots, it’s usually about the money and using other people’s computers to store nasty stuff (i.e., avoiding criminal liability).
Personally, I think people who write these things should get life in jail. Many times I’ve lost an entire day’s work dealing with a virus. As a small business, that can REALLY hurt. Multiply that by thousands of people, and these things really do consume lifetimes or work and productivity. Hence, life in jail is just about right!
Lavasoft more or less died, being that they got no attention from Norman I think. Far as I remember, the updates just stopped.
When Norman showed itself to be both incompetent, on turbo bigotry and more or less criminal, I went to Malwarebytes for a while, but that is sort of like a properly done Ad-Aware.
But have been running Avast for a year or two, very effective against everything (and I go some very hairy places), unobtrusive and totally trouble free. The company also seems remarkably clean, in a business sector that is basically a thieves market - for example, when Norman got a new CEO in from Symantec a few months back, my first impression was The Beagle Boys hiring a Gambino.
If you download anything, especially from a porn site, then that increases your chances of hijackers/virus/spam...
Best way to avoid this is to not surf porn and to be very careful when downloading a file. Best way to download a file is to save it to your desktop, and then scan it before you install it.
Thanks! I guess that explains why they didn't care about subscribers going away.
How about Webroot? I have been running Spy Sweeper (now Webroot AV) for at least 5 years and have had pretty good experience with it. I am not, however, real impressed with the new screen format they came up with a year or two ago.
Very likely. I saw somewhere a survey of infected websites, by country. It was staggering - half the websites in some countries are infected. I can't advise you what to scan your computer with, but it might be quicker and more certain to reload Windows. If you really must browse risky foreign websites, you ought to boot your Windows PC temporarily from a Linux CD (no installation required) and browse the Internet using the FireFox browser in Linux. When finished, remove the Linux CD and reboot to Windows. I don't know a safer way to "surf".
Make sure before you run your full virus and spyware scans, you reboot the computer first and press f8 inbetween the cmos startup and windows splash screen to get to the windows boot menu, choose safe mode without networking. You may end up with a very basic video setting with a decreased resolution, but work around it.
Then run a full virus scan on all drive partitions (C:, D:, etc...) on your computer. Then run any adware removal type programs to remove anything else. This may take an hour or more to finish the scan depending on how much data you have on the machine.
Also check your startup configuration to see if anything has been set to start everytime you boot that shouldn’t be there.
Quick way is to run: msconfig
You can start it by typing that in the run programs area.
Check the startup tab. You’ll see what programs are set load on reboots everytime. You can always google search on anything listed there that seems suspect by either the file name or program name. Just becare not to disable or delete important things like mouse and video drivers, etc...
Once all that is done, you can try reboot as you normally do. Hopefully, that will clean out anything that was missed before.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.