close

Privacy guaranteed - Your email is not shared with anyone.

"SpySheriff" and other malware programs...where do they hide?

Discussion in 'Tech Talk' started by The Pontificator, Sep 23, 2006.

  1. The Pontificator

    The Pontificator Angry Samoan

    Joined:
    Sep 18, 2000
    Messages:
    4,497
    Likes Received:
    1
    Location:
    Grumpyville
    Having had to do one destructive recovery to rid my computer of malware...

    ...where do the creators of these programs typically hide them?

    Besides porn sites, that is. :banana: :dancingbanana: :banana:
     
  2. KSS745

    KSS745 The Geek!!

    Joined:
    Nov 19, 2003
    Messages:
    45
    Likes Received:
    0
    Location:
    Spokane, WA
    You can get them anywhere and everywhere, chances are that about 50% of website regardless of what they are, in some form or fashion will install malware or spyware on your machine. What I do is install 2 programs, one called Spybot and one called Adware. If you run both of them they will clear 99% of the crap on your machine.
     

  3. The Pontificator

    The Pontificator Angry Samoan

    Joined:
    Sep 18, 2000
    Messages:
    4,497
    Likes Received:
    1
    Location:
    Grumpyville
    I have both those programs and neither of them were able to remove the infection on a permanent basis.
     
  4. Harlequin

    Harlequin I need a weapon

    Joined:
    Sep 19, 2003
    Messages:
    455
    Likes Received:
    0
    Location:
    East Central Indiana
    What browser are you using? I use Firefox and rarely have either problem on my machine.
     
  5. The Pontificator

    The Pontificator Angry Samoan

    Joined:
    Sep 18, 2000
    Messages:
    4,497
    Likes Received:
    1
    Location:
    Grumpyville
    I.E 6.0
     
  6. David N.

    David N.

    Joined:
    Feb 13, 2002
    Messages:
    328
    Likes Received:
    0
    Location:
    Kentucky
    There's your trouble.

    Switch to Firefox or Opera and 99+% of your future spy/adware problems will vanish instantly.
     
  7. doktarZues

    doktarZues I'm anti-anti

    Joined:
    Nov 11, 2003
    Messages:
    1,597
    Likes Received:
    58
    Location:
    Brevard County, FL
    These days Spyware/Malware/Viruses are more often using "rootkits" that actually imbed themselves into the system files and kernel of windows, making it hard for programs like spybot to find them, and harder to remove them.

    The absolute best way to prevent *Badware is to be an intelligent user and be proactive about never getting infected to begin with. It is so much easier to do than trying to get rid of a bunch of crap. It isn't unheard of to create a limited profile to use when you are surfing or to give to children or inexperienced users to use when they are using your computer.

    I'd say 98% of badware gets loaded from the IBC (idiot behind the computer) clicking Yes to a security warning from your browser about accessing or installing things. Your suspicion should increase when surfing anything looking seedy or having to do with porn or illegal or free stuff. (I don't want to scare anyone away from clicking yes on important things you may need from reputable sites).

    Like David said, IE gets targeted a lot more often than Firefox, making firefox a lot safer to browse with, though his statement about making your problems vanish instantly is completely incorrect. Most badware affect all of the browsers. I've seen plenty of badware that had affected the actual operating system (rootkits), causing the same or similar problems to also appear in firefox (even if you loaded firefox after the infection), and you are still very susceptible to further being infected while running Firefox or Opera. -dok
     
  8. Kasinefect

    Kasinefect

    Joined:
    Apr 30, 2004
    Messages:
    1,166
    Likes Received:
    8
    Location:
    Central Alabama
    Somehow somebody in my house managed to download a virus/malware/whatever from someplace. It slowed down my computer and I tried for several days to remove it with F-Secure,(an Adaware product provided by Charter), and with Spybot. I called Tech Support who told me to delete the F-Secure,(I did), and the Spybot which refused to uninstall by ANY method I tried. I found out that my son had downloaded and installed SpyCatcher,(which now ALSO refuses to uninstall.)

    The Geek Squad guy guys at BestBuy said they had removed these two programs,(I discovered later that they were still there and still cannot be removed.)

    After numerous attempts I have reluctantly decided to reinstall Windows XP-Service Pack 2 when I have time in a few days. At the moment I can get this HELL...errrrr DELL computer to function but suspect that the discovery of a root file by the Geeks cannot be a good thing.

    Suggestions?
     
  9. aaronrkelly

    aaronrkelly

    Joined:
    Feb 27, 2005
    Messages:
    974
    Likes Received:
    47
    SpySheriff is particularly nasty. I tried for 3 days to rid a PC at work of this POS. After three days of failed attempts I finally re-installed Winblows XP.......
     
  10. Poppa Bear

    Poppa Bear Protective G'pa CLM

    Joined:
    Sep 14, 2004
    Messages:
    949
    Likes Received:
    1
    Location:
    The land of extreme cold and heat
    It takes some knowledge of your computer but I typically start in safe mode and then run regedit.

    START: RUN: type regedit into the command window. Click OK. Click on FILE then SEARCH. Type in the malware that you cannot get rid of and delete as needed.

    Restart in safe mode again and run Adaware and Spybot that should clean most of it out if not all of it. Many files are hidden or in use when the computer is running in normal mode that are removable in safe mode.
     
  11. bambihunter

    bambihunter 10mm collector

    Joined:
    Feb 4, 2004
    Messages:
    842
    Likes Received:
    2
    Location:
    Oklahoma City, OK
    Quite often malware backs itself up with the system restore. Often you have to start in safe mode, turn off system restore (provided your system is OK up to that point), and run your anti-spy program (we use SpySweeper at the shop). I normally run Hijack-This afterwards. This is a great and powerful program but is easy to remove stuff that is not spyware. Hijack-This also has a "delete file on reboot" function that is particularly effective on removing malware files that you can never seem to delete because they are in use.
    SpySheriff and others are referred to as Fake Alert since they lie to you indication you have a virus or spyware so you'll download it and make it even worse.

    @$#%@!#@%# malware and virus writer!!!!!!!!:steamed: :badpc: :burn:
     
  12. Ljunatic

    Ljunatic On The Fringe

    Joined:
    Oct 23, 2001
    Messages:
    1,034
    Likes Received:
    0
    Location:
    Lincoln, Nebraska
    If you are using IExx , then you should also be using a spyware blocker like SpywareBlaster in addition to Spybot S&D's immunization feature.

    Adaware and Spybot merely remove Malware, while these other tools prevent their downloading to your machineJavacool SpywareBlaster