| View previous topic :: View next topic |
| Author |
Message |
JB4GDI
Trick Member
Joined: 13 Sep 2003
Location: Derby, CT |
80.  Posted: Wed Mar 17, 2004 6:02 pm Post subject: |
 |
|
I'm not an expert on Spyware, but I have picked up some tricks on how to find and deal with it.
*This is just for future reference, I realize it probably won't solve everyone's problem but it will help with some of this undeletable spyware that programs haven't caught yet.*
http://36echo.com/jb4gdi/mscpbo.txt
Basically, run a search for files created on the day you first noticed the problem. Isolate the files (they are normally .exe and .dlls) and like someone said, try the 'Hijack This!' program.
I've also heard you can boot up in safe mode and permanently destroy duplicating .exes without that safeerase program I found.
This is just for the hope that it helps someone.
-Jaime |
|
| Back to top |
|
 |
IRONMONKIE
Basic Member
Joined: 27 Mar 2004
Location: NYC |
| 81. Posted: Sun Mar 28, 2004 8:48 am Post subject: |
|
|
This may help.
Any computer user who sees a window flash followed by a homepage switch has NOT patched their computer since June of 2003. Microsoft has offered a fix to this problem for over 8 months now. It's not the actual iframe that is causing the problem. It's users who installed kazaa or imesh or have adware that reacts to certain banners, especially music related banners. If the user's computer has this adware, it changes a homepage based on certain banners. Sometimes the adware changes the banner itself to a different banner too. The original banners themselves are innocent. The users need to remove the adware from their system and they need to patch their computer using microsoft auto-update or from microsoft.com. The patch is ms-032 and ms-040. |
|
| Back to top |
|
|
princessangelic
Trick Member
Joined: 25 Nov 2003
Location: western mass |
| 82. Posted: Fri Apr 02, 2004 10:50 am Post subject: |
|
|
Neither Spyware search and destroy nor ad aware will work for me as I have a mac and macs cannot open .exe files or .zip files. And house call won't work because my browser isn't supported by it. Anyone have any ideas or file names that I can manually search for.
_________________
|
|
| Back to top |
|
|
Cutriss
Staff Member
Joined: 24 Jan 2002
|
| 83. Posted: Fri Apr 02, 2004 11:02 am Post subject: |
|
|
| nonessentialgirl wrote: | | Neither Spyware search and destroy nor ad aware will work for me as I have a mac and macs cannot open .exe files or .zip files. And house call won't work because my browser isn't supported by it. Anyone have any ideas or file names that I can manually search for. |
You shouldn't really be prone to most spyware then, since you have a Mac.
Are you having any problems with using the site? I have never heard of the concept of "Mac spyware".
_________________
Sentient Mode is capable... |
|
| Back to top |
|
|
princessangelic
Trick Member
Joined: 25 Nov 2003
Location: western mass |
| 84. Posted: Fri Apr 02, 2004 11:17 am Post subject: |
|
|
| Cutriss wrote: | | nonessentialgirl wrote: | | Neither Spyware search and destroy nor ad aware will work for me as I have a mac and macs cannot open .exe files or .zip files. And house call won't work because my browser isn't supported by it. Anyone have any ideas or file names that I can manually search for. |
You shouldn't really be prone to most spyware then, since you have a Mac.
Are you having any problems with using the site? I have never heard of the concept of "Mac spyware". |
I found some spyware residing in my cookies bin(not ddr related). So I usually dump my cookies every night but some of them cant be deleted. Im not sure if I'm having any DDR freak realated spyware but Im also not sure how to check. Mac Os doesnt use dlls so the places they can hide is relatively small but Im not sure how to reveal hidden files, and if I unhide hidden files I'm not sure I could sort out the system files as I'm a newer mac user
_________________
|
|
| Back to top |
|
|
Cutriss
Staff Member
Joined: 24 Jan 2002
|
| 85. Posted: Fri Apr 02, 2004 11:55 am Post subject: |
|
|
| nonessentialgirl wrote: | | I found some spyware residing in my cookies bin(not ddr related). So I usually dump my cookies every night but some of them cant be deleted. Im not sure if I'm having any DDR freak realated spyware but Im also not sure how to check. Mac Os doesnt use dlls so the places they can hide is relatively small but Im not sure how to reveal hidden files, and if I unhide hidden files I'm not sure I could sort out the system files as I'm a newer mac user |
I wouldn't worry so much about it.
Cross-reading of cookies may be a bit of a privacy violation, but it's far less of a problem than spyware.
Think about it this way - Spyware exists so that companies can profit by selling your information to others. The way to do this is to try to hit as many people as possible (because you want more profit). If you designed a tool for this purpose, would you spend time making it work on the Mac too? Far fewer people use Macs, and it's a foreign platform for most Windows developers.
Plus, if you're using OS X, it has a lot of built-in Unix security that keeps you covered.
I wouldn't worry about it.
_________________
Sentient Mode is capable... |
|
| Back to top |
|
|
Dross
Trick Member
Joined: 26 Jan 2002
|
| 86. Posted: Sun Apr 04, 2004 9:09 am Post subject: |
|
|
Firefox, Firefox, Firefox. Cutriss knows what he's talking about. It's faster, has better support for new standards, blocks popups and background installs, has tabs, does everything on its own that you have to install huge memory-eating addons to IE to do (including search bars for many search engines), is skinnable...
Need I go on? |
|
| Back to top |
|
|
Edible Bondage Tape
Trick Member
Joined: 26 Jan 2002
Location: Kerri |
| 87. Posted: Sun Apr 04, 2004 1:06 pm Post subject: |
|
|
has anyone made plugins to make the menus auto hide to the side and pop back out at a mouse movement yet nad how about makeing a full screan mode that dosnt suck
_________________
|
|
| Back to top |
|
|
xphoguytonyx
Trick Member
Joined: 26 Dec 2003
Location: Haltom City, TX |
| 88. Posted: Sun May 02, 2004 8:35 am Post subject: |
|
|
| use zonealarm pro. it keeps spywares,viruses and popups out of ur computer. it works too. |
|
| Back to top |
|
|
Chealion
Trick Member
Joined: 15 Dec 2002
Location: Calgary, Alberta |
| 89. Posted: Fri May 14, 2004 2:28 pm Post subject: |
|
|
I didn't see this posted, so if you ever get hit by a virus check out Stinger, free and great for removing viruses that have infected your system.
Personally I just use my Mac and Safari's pop-up blocking, but that's me. Firefox is an awesome program if you are using a PC as echoed numerous times in this thread.
_________________
Chealion - The one and only. |
|
| Back to top |
|
|
Cutriss
Staff Member
Joined: 24 Jan 2002
|
| 90. Posted: Sat May 15, 2004 9:43 am Post subject: |
|
|
Does anyone get a message/warning from their spyware/virus apps about W32.Pariti.B when they visit the site?
I just set up a new PC strictly for playing FFXI, and the only things I've done on that PC are:
Run Windows Update
Updated drivers from Asus and Nvidia
Updated PlayOnline
Visited Asus.com, Nvidia.com, Slashdot, and DDRFreak *in Internet Explorer*
And now it has Pariti.B apparently, and I can't run PlayOnline anymore.
I doubt it was delivered through any Blaster-type DCOM exploits, as I'm tunneling my connection through my Win2K laptop, which has DCOM shut off.
Considering prior problems, I figured I'd ask here.
_________________
Sentient Mode is capable... |
|
| Back to top |
|
|
xphoguytonyx
Trick Member
Joined: 26 Dec 2003
Location: Haltom City, TX |
| 91. Posted: Sat Jun 19, 2004 12:26 pm Post subject: |
|
|
omfg, i find a win32 and winsassar on my computer. it came from ddrfreak.com (this site). bc thats the only site i been on ever since i bought the computer.
_________________
Site coming sooN....
www.DDRTX.Net
Dont come to my site if u going to spam...
~~~Tony~~~ |
|
| Back to top |
|
|
VxJasonxV
Maniac Member
Joined: 08 Feb 2002
Location: Castle Rock, CO |
| 92. Posted: Sat Jun 19, 2004 10:15 pm Post subject: |
|
|
Congradulations, you didn't get that virus from DDR Freak.
You know why you got that virus? Because you haven't run Windows Update.
Sasser doesn't require web sites to spread, it spreads from computer to computer, just over the plain 'ol internet.
If Sasser were spreading around DDR Freak, a lot more people would have it.
I'm sorry for being so rude, but it's a major pet peeve of mine when people blame their problems on something that isn't the cause.
_________________
|
|
| Back to top |
|
|
clubbinguy
Trick Member
Joined: 19 Jan 2003
Location: USA |
| 93. Posted: Mon Jun 28, 2004 8:02 am Post subject: |
|
|
EDIT: nevermind this.
I made a long post about the IntelliTXT ads before finding the thread where JDogg announced it. |
|
| Back to top |
|
|
Terra (Red)
Trick Member
Joined: 24 Jan 2002
|
| 94. Posted: Mon Jun 28, 2004 10:19 am Post subject: |
|
|
This came up everytime I go to the ddrfreak.com front page. The address I got for it anyway.
http://search200.com/passthrough/index.html?http://www.ddrfreak.com/
It's some kinda search toolbar that appears on the bottom of the screen. And it just showed up either yesterday, or a day or two before. The normal add on the DDR Freak front page was blank when this poped up as well.
That's what it changes my homepage address to as well. Just wondering what's going on with this. Deleting a folder in my program files did stop this yesterday. But it did come back. And I had to do the same thing again today.
Also spybot didn't seem to help either. And there isn't anything on windows update.
Thanks for any help I can get here. ^.^;; |
|
| Back to top |
|
|
J Dogg
Administrator
Joined: 16 Jan 2002
Location: Sunnyvale, CA |
| 95. Posted: Mon Jun 28, 2004 10:42 am Post subject: |
|
|
Tekara Asagiri, did you try Ad-Aware? Also, did you make sure your spybot had the latest info?
_________________
|
|
| Back to top |
|
|
Terra (Red)
Trick Member
Joined: 24 Jan 2002
|
| 96. Posted: Mon Jun 28, 2004 2:31 pm Post subject: |
|
|
Spybot was up to date. But I didn't have Ad-Aware.
That did find 77 different things including a nester search toolbar. It was the only one I saw on the list. So I guess that was it. Thanks for the help. |
|
| Back to top |
|
|
Nanashi
Trick Member
Joined: 24 Feb 2003
|
| 97. Posted: Wed Jul 07, 2004 7:39 am Post subject: |
|
|
Really long link #1
Really long link #2
Really long link #3
I get these pop-up ads every site I visit, exclusive to DDRfreak. Main page, forum index, site feedback, this thread, and the reply page. Five popups, two of which were attempted exploitive auto-installs blocked by Spybot. As I said, this is exclusive to DDRfreak, as no other site I've visited today has tried to do this, and while typing this, I browsed a number of other webpages with no popups.
Edit (Cutriss) - Trimmed those URLs... |
|
| Back to top |
|
|
Nanashi
Trick Member
Joined: 24 Feb 2003
|
| 98. Posted: Wed Jul 07, 2004 7:44 am Post subject: |
|
|
Okay, now this is just ridiculous.
An attempt to add a BHO (aka: an attempted browser hijack): http://server224.smartbotpro.net/7search/?n
This is not a result of spyware on my computer, these are being generated by the ads on DDRfreak. |
|
| Back to top |
|
|
Cutriss
Staff Member
Joined: 24 Jan 2002
|
| 99. Posted: Wed Jul 07, 2004 1:40 pm Post subject: |
|
|
| Nanashi wrote: | | http://servedby.advertising.com/click/site=0000103433/mnum=0000194852/genr=1/tkdt=B0P1R1T0/bnum=34257443 |
That one surprises me. Have you tried contacting UMUC to tell them that the marketing firm they hired is doing popup advertising? I highly doubt a reputable institution of higher learning would knowingly do that.
_________________
Sentient Mode is capable... |
|
| Back to top |
|
|
|
Forums FAQ
Search
Memberlist
Usergroups
Register
Profile
Login to check your private messages
Login
