Well, I’m using Firefox now, I’ll try it out for a few days and see if it keeps the spyware at bay. (I do use Netscape, but only for reading documents that I already have saved on my computer and for using Netscape Composer. I rarely, if ever, use Netscape for browsing).
So far it seems pretty nice.
spooje, I’m with you-spyware is no different than a virus. The ones who are probably most affected would be the not so computer savvy-your elderly web surfers who get online for the first time, and computers used by little kids-who just can’t resist “Smack Bonzo!”
I hated IE back in the Windows 95 days. I never used it much. I always liked Netscape (starting with Netscape 3) better. I only use IE for Microsoft Updates and for other IE-specific (but safe) sites. I’ve been mostly IE-free for years now (since I started getting online) and I feel I’m so much better off.
Of course, it helps that much of my web surfing is done on the Mac ;), but even when I’m on the PC I stick with Mozilla or Firefox, and so far, so good. There’s absolutely no reason that I can see for people to use IE as their primary browser. But when I go through my website logs, I see that the majority of visitors are using IE. I can’t figure it out.
Sorry Guin, I was planning to post a PSA on the dope regarding spyware (and why the makers of it should be declared terrorists) and solutions on how to deal with it, but college stopped me from making the thread. I will get to it as soon I have a break from assignments.
In the mean time, I second the use of:
-Firefox.
-Microsoft Anti-spyware (this was a cop-out, Microsoft purchased the best anti-spyware (Giant) out there, and now it is marketed as their own)
-Spybot search and destroy.
-Ad-Aware.
Early last fall, I cleaned my (shared) work computer of all spyware and installed Firefox.
This week, I started getting popups. A lot of popups. So I had to redownload all of the spyware cleaners (Yes, the OIT department uninstalled all of those programs. Why? Because they’re fucking idiots, I guess). 800 pieces of spyware were found. This tells me that not only are my coworkers visiting sites they shouldn’t be (like the free java games etc) but they are using Explorer to do it.
This gives me the rage. It’s a work computer, goddamnit, as in, used for working. I shouldn’t have to devote an hour a week to cleaning up their garbage. GRRRR!
You go there and they have a fourm and you post your HiJack This Log and then someone will come and give you very explicit, step by step instructions that will clean it off and help you stay clean.
Firefox helps, but it is not 100% immune. I think I finally got rid of my Spyware, but even now I am not sure. I have Spywareblaster, Winpatrol, Hijackthis, Spybot, and the Microsoft anti-spyware. AND even with all of those and all of the security updates and running Firefox, I *still *had to have my computer guru freind come over and root out the programs while in Safe mode. :mad: That- combined with all of those- seems to have done it…“knock on wood”.
I’ll agree that it just isn’t porn that can bomb you computer with spyware. I work for a major corporation doing tech support, and my team receives at least one or more spyware calls a day.
Those of you that have a connection to the internet all the time (cable modem), will have more problems getting rid of some of the real nasty programs. When Spybot and others spyware programs prompt you to reboot to get rid of some of the files and it still doesn’t work, that’s because like Uvula Donor said it’s already swimming around in your registry. HiJack This can help you pin-point where it problem child is hiding.
The reason I said that those with a constant connection to the internet will have more problems is somewhere in the registry, as soon as it is deleted it reappears with a different name, because it is able to get out to the world wide web and reinstall itself.
Sometime you can even delete the problem through HiJack This, hit refresh and you little friend reappears.
Disconnect your connection, and then reboot in safe mode. Rerun Spybot or what ever and then run HiJack This. Notice where the programs are hiding, Check you Winnt or Windows folder (depending on OS) and System32 folder for the problem files. Next go to the registry and find the entries specified in HiJack This. After you delete an entry, refresh to make sure it doesn’t come back. Then reboot normally and check the spots again to see if they no longer exist. You should be okay then.
I’ll point out that every Windows-based computer has a program called Regedit installed, for editing the registry. If you cannot delete an identified-as-spyware file because “Windows is already using this file,” the thing to do is to locate it in the registry using the Find function in Regedit, remove it there, and then delete it. (Caution is advised, though, when using Regedit; it’s fairly easy to delete the wrong thing and create an irreparable problem.)
While we’re on the subject of Spyware and related phenomena, what is the easiest way to get rid of stuff in the Cool Web Search family of annoyances, now that Merijn has quit updating CWShredder? And where are the .CC domains located? I presume that’s a national identifier like .AU and .FR – I’ve noticed that a lot of malware originates from there.
He sold CWShredder to a company called InterMute who integrated it into their own product, but still offer an updated stand-alone version (available from their site). I’ve not had occasion to use it since the transfer of ownership, but I assume it still works.
And .cc is apparently the Cocos Islands, who I assume have sold their TLD to someone dodgy, like Tuvalu (.tv) did.
Now that I’ve spoken so highly of Firefox and convinced you to start using it, I feel I must warn you that the programmers recently discovered a fairly critical phishing/spoofing vulnereablility in the browser. It will no doubt be fixed soon by patch or upgrade, but if it worries you, go here and take the test.
As a solution to the vulnerability Secunia recommends that you not follow links from untrusted sources. Be particularly careful about this if you do much online purchasing, etc.
In addition there is a simple solution that involves deactivating the IDN feature in Foxfire. It’s not too difficult and if you like I can help walk you through the process. Bitterness:
Sound advice, no doubt, but do be sure to back up the registry before changing anything, just in case.
Well, I did disable the pop-up blocker because I was still getting pop ups, only they were opening with IE! So I figured if I’m going to get them, I’d be better off having them open with Firefox. (Listen to me, I only started using it last night and already I’m sold.)
You know, I’ve used Mozilla for a couple of years now, and I never, ever get pop-ups. Period.
If you’ve just installed Firefox and you’re getting IE pop-ups, then I’ll bet dollars to donuts you still got spyware problems going on, big time.
Do the following: download and unzip the latest version of HijackThis. IMPORTANT: let it install itself in its default folder. Run it and select “Do a systmescan and save a logfile.” Copy the logfile, post it at TomCoyote, and ask someone to look it over for you (you can tell little eagle that Slipknot sent you). Alternatively you can try the forum Zebra linked above. (I recommend TomCoyote because the board rules help ensure that you get sound advice).
Not much, I have been given to believe. If I understand correctly, IE doesn’t even use it, which is why IE doesn’t suffer from this particular vulnerability.
But before we work on that, please follow the instructions above. I suspect you have a good deal of spyware removal awaiting your attention.
Whoaaa!
I just upgraded my McAfee anti-virus to version 9 and ran a complete scan of my computer. Completely virus-free. Then I downloaded HijackThis from the recommended site and attempted to run it. McAfee reports HijackThis is contaminated by a virus!! I proceeded to download HijackThis from all of the recommended sites and everyone was found by McAfee to be contaminated by the same virus.
Finally, I downloaded the previous version of HijackThis from the owner’s site and found it was ok.
Will someone please verify this. Am I getting false positive readings?
BTW, McAfee Viruscan 9 is running on an XP Prox machine.
The ads that are opening in IE are probably not due to web surfing, you may find they pop up even if your internet is unplugged. (It’s good to unplug your internet when removing this stuff.) For the nasties that nothing else would get, I resorted to Bazooka. It’s intimidating to delete everything manually, so it’s a bit of a last resort program. The instructions are clear (if complicated.)
BTW, could someone tell me if you can get spyware while logged in as a Guest (and therefore unable to install programs)? My little brothers get hundreds of spyware stuck on the family laptop and I have to clean it every few weeks. Dad refuses to install Firefox because our parental controls don’t work with it, so I’m hoping that kicking them off the Admin account will help.
I can’t figure it out.