| Author |
inet+ not good enough for virus attack
|
|
| EllenD2 2004-06-13, 6:46 pm |
| I just got hit by the Zestyfind/Spotresults ad virus
on my home win98 computer.
It seems I answered yes to "Do
you want to install this browser
update" from Nic Tech Networks.
Now ads are popping up every
10 seconds even when I'm not
connected to the Internet (gives
"Work Offline" dialog box).
Spyware programs are doing nothing.
What cert can help me? | |
| DaDnDe 2004-06-16, 1:21 pm |
| never never never agree to anything that is delivered by popups.
here is a computer i worked on last week
http://www.geocities.com/daveinolywa/images/garbage.jpg
http://www.geocities.com/daveinolywa/images/garbage2.jpg
the only way to fight adware, malware, spam etc is to simply not participate. always close a popup by clicking on the "X" in the corner. (keep in mind that some popups will install a program even if you say no to what they are offering.)
an even bigger problem stems from letting these programs get a foothold in your system. they can dig in so deep that it will soon become nearly impossible to clean them out. one program i dealt with recently installed a program that checks to make sure that the parent program is still installed on every bootup and will reinstall the program if it detects any of its program files missing. | |
| EllenD2 2004-06-16, 6:49 pm |
| Thanks for the advice.
You may have the same virus.
What I really need is a good
lawyer because implementing a
phony shell of Windows is not
what the popup stated - it said
"Browser Update" from Nic Tech
Networks. This is causing me to
waste a lot of time deleting
the virus files (which either
state Nic Tech Networks as the
author or give no creator at all)
The virus takes up so much memory
that some of the Windows system
programs like Control Panel either
take a very long time to come up
or some of the icons don't appear
at all. | |
| freak 2004-06-30, 11:11 am |
| run Highjack This! to see what's grabbing your browser and where the pop ups are coming from  It's a free download, and along with a good anti-virus, it will help you clean up that box. Great software, running HT is a must. I do it on a regular basis at all my customers as a value-add, and you'd be amazed the amount of crap I find on their boxes... actually, you wouldn't be, I am sure you have seen it first hand in the real world too!  | |
| jennie313 2004-06-30, 11:28 am |
| I've really come to love spyware and adware because things like this give me such good job security. Clients love you when you clean up pop ups and such for them. Encountering this will give you great experience and you will soon learn that Hijack This can be your best friend. | |
|
| I'd rather bill them for doing something constructive on their network, though... | |
| DaDnDe 2004-07-01, 1:01 pm |
| i 2nd that. i get a great sense of worth when i can show someone a better or faster way to do something they do everyday on a system that is already working fine. i find that many times, people take it rather personally when i fix a computer that has viruses and such. i guess i put too much emphasis on how simple it can be to eliminate 90% of their security problems.
but there are the ones who wont change their method even if it will save them time; they are just creatures of habit afrraid of change.
then there are the others who practically idolize you. its the latter that really make my day | |
| freak 2004-11-01, 10:28 am |
| quote:
Originally posted by DaDnDe
i guess i put too much emphasis on how simple it can be to eliminate 90% of their security problems.
that's why I wrote a document called 10 easy network security rules | |
| corndog 2005-01-08, 2:49 am |
| the only programs i use are adaware, norton antivirues 2005, and tiny personal firewall. i tell friends this all the time but they dont seem to understand (not pc savvy). this is what you need to do if your gonna be online imo. 99% of the time the exe will be running in your processes. enter task manager and get to know your processes. i know that i have 27 processes when i first boot my machine. if my pc slows down at all, i check my processes and easily pick up anything suspicious. just to be sure, do a google search on the exe and make sure its illegitimate before you make any attempts to remove it. also 99% of the time, the exe wont let you remove it. reboot in safe mode and delete it. when you search for the file, make sure you check the hidden files and folders box. also if the file is named something like bargain.exe, just do a search for bargain. most of the time there will be more files than just the exe that need to be removed. just my 2c, this method works great for me. | |
|
| I hear good things about the beta anti spyware tool that MS is distributing these days... | |
| kool_gall1991 2005-10-03, 4:15 pm |
| i think windows should start off with a spyware blocker or firewall....once i installed Windows XP and as before i could do the system updates and virus updates i had a virus (i was online maybe 30 secodns when i got the sasser error message). | |
|
|
| obeel65 2005-10-20, 8:19 pm |
| I've found that if you have a good idea about what time period you became infected
that by using the Search or Find tool you can check to see what Files/Folders were created at that particular time period and narrow down the Culprit Parent File with some detective work.... | |
| EllenD2 2005-10-22, 8:33 am |
| I already did that and found out that the virus was launching from multiple locations in the Registry using bogus WINDOWS startup files like explorer.exe. When you deleted the bogus explorer.exe, the virus just re-downloaded it from the virus web site. (The bogus Windows files were also part of the TCP/IP setup when you first brought up the Internet! over 54 of them!
The virus company was Nic Tech Networks originally but later they deleted their name when you did a right-click, Properties, on the file and looked at the Company name!) |
|
|
|