Spyware

[copperwindow]

Some time ago I got several messages on my computer saying it was infected with viruses and to go to www.antispyware.com to remove them. I learned how do delete the files from my computer, but now I’m getting the same thing from http://protectmypc.net/. When I delete it, it comes back. Does anyone have any clue how these rouge virese are getting on to my compter in the first place?

[What_Exit]

I believe both sites are Spy Ware Sites. The Second one definitely is.
I will report your post to request the links be broken. Be very careful with pop-ups on your PC telling you to go to a site. If it is not Microsoft* or your PC Manufacturer it is probably a fishing expedition to get you to a site where they can download malicious software (Spyware, Mal-ware or Virus) onto your PC.
I cannot instruct you on how to clean up your PC, but if you have a PC savvy friend, it is a good time to ask for help.

Good Luck,
Jim

• assuming you are on a Windows PC

[BMax]

copperwindow:

Some time ago I got several messages on my computer saying it was infected with viruses and to go to www.antispyware.com to remove them. I learned how do delete the files from my computer, but now I’m getting the same thing from http://protectmypc.net/. When I delete it, it comes back. Does anyone have any clue how these rouge virese are getting on to my compter in the first place?

As an ISP support tech I suggest you go to http://www.lavasoft.de/ms/index.htm , download and run adaware on your PC. after the scan, check off every box on the list, then click next. It will remove everything it finds. You will probably experience faster browsing speeds and possibly all-around faster performance. Don’t click on pop-ups anymore. Ever.

[copperwindow]

I know how to remove it, I’m just wondering how it gets to my compter in the first place.

[What_Exit]

copperwindow:

I know how to remove it, I’m just wondering how it gets to my compter in the first place.

You get them by clicking on Pop-Ups that say their is a problem with your PC or by surfing unethical sites (usually Porn, Cheat Codes or Password Sites).

Jim

[copperwindow]

Correction, the first site was www.antispylab.com, not www.antispyware.com, sorry for any confusion.

[Cazzle]

Spyware finds it easy to sneak in if you use Internet Explorer. Switching to another browser will help minimise future infections. I cannot recommend Firefox highly enough and have seen a dramatic decrease in Spyware activity on my machine since I began using it a year or two ago.

The Spyware you already have will need to be properly removed. If you are just deleting it and it is coming back, it means you aren’t getting it all. Firefox won’t get rid of spyware that you already have, it will just help minimise the risk of picking up new infestations, so you’ll need to sort out that problem separately.

[What_Exit]

copperwindow:

Correction, the first site was www.antispylab.com, not www.antispyware.com, sorry for any confusion.

Please stop linking these sites. Post them in a broken link fashion. Use a comma instead of a period or leave spaces.
You have already posted at least one link to a malicious site. If a member clicks on a link they might end up infecting their PC.

cazzle: I like Firefox but I have to support IE at work, so I use IE at home.
If you keep IE up to date and the pop-up blocker on it does a great job of blocking spyware.

Jim

[Cillasi]

Some of the most common ways spyware gets into your computer are through “free” programs, screensavers, cursors, etc. The “you have qualified to receive a free <insert great gift here>” pop-ups also install spyware on your system.

Some are drive-by installs. Set your internet privacy at least to medium high. You will be prompted to download things instead of them just downloading automatically.

The best way to avoid spyware is to limit your browsing to sites you know and trust. If you insist on “exploring” then set your internet security and privacy very high. You’ll get a lot more prompts, but a lot less spyware.

[What_Exit]

Thank you Rico, I feel like an idiot for leaving the links intact in the reply. :smack:

[Reply]

copperwindow:

Does anyone have any clue how these rouge virese are getting on to my compter in the first place?

There are two main ways:

1. Evil companies can find bugs in your existing programs (like Internet Explorer or Outlook Express) and then use these bugs to secretly issue commands to your computer, causing it to install their crap.

2. They can also simply trick the user into installing their programs. Often, spyware is hidden inside legitimate-looking programs. You find this legitimate-looking program, download and install it and bam, you get the hidden spyware too. Or they can make fake advertisements that look like real Windows warnings. Users are fooled by these fake messages and they do everything they’re told, thereby granting the spyware full access to their computer without knowing it.

Or they could use some combination of the two.

The easiest way to get rid of these issues is to get a Mac. For the last few years, they’ve managed to stay completely afloat of the spyware scene due to a variety of reasons. If you must stay on Windows, use Firefox (as cazzle suggested) and don’t believe, download, or install anything from unknown websites. There are other things you can do too but you probably already know them and I don’t want to take this thread offtopic.

[copperwindow]

Reply:

1. Evil companies can find bugs in your existing programs (like Internet Explorer or Outlook Express) and then use these bugs to secretly issue commands to your computer, causing it to install their crap.

Is this illeagal? If so, what are the repercussions?

[c_goat]

copperwindow:

I know how to remove it, I’m just wondering how it gets to my compter in the first place.

It doesn’t seem like you fully get what’s happening to you. When you see a popup saying your computer is infected and instructing you to dowload program X, it’s a trick. Your computer isn’t really infected, they’re just trying to trick you to download their software, which actually WILL infect your computer at that point. These popups are made to look like they’re coming from your system, when they’re not.

[copperwindow]

c_goat:

It doesn’t seem like you fully get what’s happening to you. When you see a popup saying your computer is infected and instructing you to dowload program X, it’s a trick. Your computer isn’t really infected, they’re just trying to trick you to download their software, which actually WILL infect your computer at that point. These popups are made to look like they’re coming from your system, when they’re not.

I understand this. When I remove the files from my computer, they come back from the way they came in the first place and I’m trying to determone which application is running that’s letting the files on.

[Fear_Itself]

copperwindow:

I understand this. When I remove the files from my computer, they come back from the way they came in the first place and I’m trying to determine which application is running that’s letting the files on.

Many spyware programs are very difficult to remove, and when you think you have deleted the files, they are capable of reinstalling themselves from hidden files that you are not aware of, files that even AdAware or Spybot cannot see or remove.

[copperwindow]

Fear Itself:

Many spyware programs are very difficult to remove, and when you think you have deleted the files, they are capable of reinstalling themselves from hidden files that you are not aware of, files that even AdAware or Spybot cannot see or remove.

So what do I do?

[c_goat]

copperwindow:

I understand this. When I remove the files from my computer, they come back from the way they came in the first place and I’m trying to determone which application is running that’s letting the files on.

Ok, just wanted to make sure.

The stubborn ones can come back through system restore points or because they’re still running when you try and remove them, so they just put themselves back. If you know what the executable is, then you can usually get rid of it by going into safe-mode, deleting the executable, searching for any other instances of the executable and deleting them (there might be copies in system restore directories), then rebooting. You should get a failure that the thing you deleted didn’t start, at which point you should be able to use AdAware or whatever program to remove the registry/startup entries for good.

[copperwindow]

c_goat:

Ok, just wanted to make sure.

The stubborn ones can come back through system restore points or because they’re still running when you try and remove them, so they just put themselves back. If you know what the executable is, then you can usually get rid of it by going into safe-mode, deleting the executable, searching for any other instances of the executable and deleting them (there might be copies in system restore directories), then rebooting. You should get a failure that the thing you deleted didn’t start, at which point you should be able to use AdAware or whatever program to remove the registry/startup entries for good.

I’ve done all of this. I have a feeling that the way it origally got on to my computer is the same way it’s coming back after I use smitfraudfix to delete it.

[c_goat]

You should probably go here. There’s a bunch of experts there who love this kind of thing.

[OKFMDOA]

What Exit?:

You get them by clicking on Pop-Ups that say their is a problem with your PC or by surfing unethical sites (usually Porn, Cheat Codes or Password Sites).

It’s unethical to use cheat codes in a video game?? :eek:

Now I feel guilty. I didn’t deserve unlimited ammo.