iDRY Vacuum Kilns

Sponsors:

Microsoft AntiSpyWare Beta

Started by GF, January 14, 2005, 02:13:08 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

GF

Here is a link to some new anit-spyware Microsoft is releasing was not sure if anyone was interested.  I am testing on my machine now.  It picked up some Spyware that others did not.  It also allows you Internet browser should it be hijacked to allow you to reset it back to original configuration.

http://www.microsoft.com/athome/security/spyware/software/default.mspx

It still is in Beta, but maybe something to look at.

Gary

Norm

Thanks for showing that GF, it found a couple that none of the others caught.

rebocardo

I am glad I am using "genuine microsoft software"  ;)

Furby

Had a heck of a time downloading this thing!
Got hacked a couple of times in the last week and things are really screwed! Figured I'd give this a try along with the others.
It did pick up 1 or 2 on the third scan or so. It is somewhat helping with the browser issue, but that problem seems to be self replicating and Msoft anti can't seem to totally control it. My issue with it is that it automatically shuts down on July 31, 2005. Does anyone know if it releases what it has "caught" when it shuts down???

Texas Ranger

I have replied once, and it did not show up, so pardon me if it replicates itself.

I down loaded the beta and ran it, then ran spybot, spybot caught 10 more, and strange enough, they were MS cookies.  

I then ran adaware, and got 4 more.  

No one program is the answer.
The Ranger, home of Texas Forestry

etat

I'm curious.  When you run disk cleanup, then delete temporary files, and offline content, and delete cookies and then run disk defragmenter doesn't that pretty much take care of the spyware anyways.  The reason I'm asking is a couple of times I've run these before running spybot and when i did spybot didn't catch anything.
Old Age and Treachery will outperform Youth and Inexperence. The thing is, getting older is starting to be painful.

Furby

Ya wanna hear what I'm running at this point???

Microsoft Antispyware
AOL Spyware Protection
AVG Antivirus
Norton Antivirus 2004
Ad Aware SE Personal
Spybot SD 13
2 different downloads of CWShredder
AND Zone Alarm Pro
STILL can't take care of my problem!

CWShredder was made just for CWS and it can't find it on my puter, even though I've seen it there.
The original hacks got through Zone alarm.
Currently I can run any one of these programs and then rerun it as soon as it is finished and it will pick up more.

If ya run all of these in different orders, it's pretty funny how they can "catch" each other. Thing is none of them are catching the bad guys. >:(

crtreedude

I went through about 3 or 4 of these and currently am using the Microsoft Beta.

One thing I did do is get rid of anything on my system that was a "Free" download - that was free because of ads. These are some of the worst offenders. One of them kept reinstalling junk after it was removed.  After I did that, life was much better.

Also, I switched to Mozilla FireFox and I am using the Thunderbird email client now. Both are working very well for me - and of course- everyone targets Microsoft.

The reason each one catches different things is that there isn't a clear definition of what is spyware and what isn't. Some of them are much stricter than the others. Also, with windows installer, if you remove a component that another program has registered that it needs - it will reinstall it as soon as you use the other program - from it's install / repair files. This is one of the reasons that it seems sometimes that you just can't get rid of something. It is because something else says it is needed.

Often when you get a freebie - it will bring a trojan as part of the deal. Part of the cost, at times, of "free" software.

Fred
So, how did I end up here anyway?

Furby

Yeah, I hear ya on the free download thing, only reason I have what I have is because I figured it couldn't be worse and if it helped, GREAT!
The Microsoft Beta finally helped me with my browser hacker. Now I can't us IE. It got rid of the hacker and took the search function with it, IE won't go anyplace. However I can open the side window and get a search that way, but with the hacker. ::) So I've gotten nowhere.

Does anyone know what happens when beta shuts down?
Really want to know if I should let it hold onto what it has, or if I need to find some way of getting rid of what it has before it shuts itself down.


Ianab

Hi Furby

The antispyware should have deleted / moved anyway bogus files and corrected any registry entries that were hijacking you. Removing the software wont put them back again. However it is a cat and mouse game, none of the automatic programs are 100% becuse new and sneakier hijacks keep coming along  >:(  Next weeks update may know about the one thats bugging you now and kill it for you.... hopefully.

Having had to manually remove a lot of this crap from customers PCs manually, I say it can usually be done, but it's not something I'm willing to talk people thru. To many variations of trojans, to much digging in the system registry, working from command lines, too much chance of totally toasting your PC ::)

The worst ones I've come across were multi-part trojans, and they monitored the system registry so any time you deleted them another part of the trojan put the entry back in again. Reboot pc and it came back. Had fun killing that one off  :P ( ever played Whack-A-Mole? )

Other thing is, does the software actually identify what trojan / hijack you have in your system? Doing a Google search on that may give more info...  :P

Wish I could help ya more, but short of sitting at your PC for an hour and seeing whats going on....  ::)

CK.

A lot of the stuff Ad-Aware IDs and removes is just tracking cookies. They are basically harmless,  but the identify your PC to the advertising companies, just like it does to the FF site. Some people prefer not to give this info away, even to legit advertising companies, hence Ad-aware will delete it for you. Manually deleting the cookies will do the same thing.
A more serious form of hijack or trojan changes system settings to redirect your browser, or runs programs in the background on your pc to do, well,  who knows what? They can be more difficult to remove, and can definately affect your PCs operation. Think random pop-ups, slow PCs, not even able to get online  ::)  

fun fun fun  >:(

Ian

P.S. Two real time virus scanners is usually a bad thing, they end up double checking everthing and each other all the time, really slows the PC down and leaves less resources for your actual programs to run in.
Weekend warrior, Peterson JP test pilot, Dolmar 7900 and Stihl MS310 saws and  the usual collection of power tools :)

Furby

Thanks Ianab,
I belive the Beta is actually holding a couple, and has not deleted them.
One program has caught the same virus twice in two different files, several days apart. Once last night while the puter was just sitting there turned on and not hooked to the internet. I was just letting it sit while I tried to figure out my next move and it poped up. That one I'm going to dig up on web because it lists a "possible" name.

I "think" I may have gotten rid of CWS, but I don't know what the one that has my browser is if it's not CWS.

The multi-part-trojan type is also what I have. I have close to 30 hours in trying to remove these things, and have been running removers almost non stop.

Thinking about useing pc pitstop's "high jack this" option, but after reading through a couple of the threads on their forum, I know I'm in over my head. Trying to decide if wiping the drive would be worth it. What ya think?

etat

From a armature computer guy that often gets in more trouble than he can get out of.

Sometimes, and I'm 'not' recommending this you can cut the power to your computer without turning it off first and when it comes back on it will reset itself.  This would be the same as the power going off and coming back on later.  Hopefully it won't burn out yer hard drive.  

Here's some more advice I'm 'not' recommending.


Make some backup disc's.

Clean up yer history files and temporary internet files and delete yer cookies and run disk defrag.  If your computer has scan disk run that too.

Scan disk and disk defrag will run faster in safe mode.

To get into safe mode restart your computer and hold down the F8 key.

Go to control panel and add and remove programs and dump any junk that you know you don't ever use. Be careful and don't dump any good programs and if it ever pops up that a dll. file may be used by other programs, DO NOT delete it.  You can delete the program but say no to deleting a .dll file.

Clean everything up again and run disk defrag. again.

Go to system restore and try to go back in time to where yer compute was a working right. If you go back to before any programs were installed and want to stay there you may have to reinstall em.  

If internet explorer still is not working right you can re-download it from the net.  That will take a while.

You can always go back to system restore and undo yer restoration.

System restore will not help if there are corrupt system files in your computer.

If this don't work get ready to bite the bullet and either do a partial system recovery, or a full system recovery.

Before doing a system recovery check your emails and if you have any you want to keep forward them to yourself at the last minute and don't receive them until you get your computer redone.

Also before doing a full system recovery copy all your shortcuts to a file and put them on disk.  

Any type of system recovery, either full or partial you will have to redo your internet connection and your email connection.  A partial recovery will save all your files and pictures but you may lose your emails.  Also any  system recovery will wipe out any programs you've downloaded on your computer.

Before doing any type of system recovery it pays to write down your passwords, phone numbers, and appearance settings.  It makes rebooting your computer much less painful.

The old Hewett Packard, windows me computer I was using I'd have to do this about every 6 months or it'd just practically quit running. I would regularly run clean up programs on it but nothing would help other than system recovery.  

I am not recommending 'any' of the above information.  Nope, not me.  It's just some things you may want to look into.

As a side note I downloaded the Microsoft AntiSpyWare.  Before running it I did as i said above and cleaned up my files and cookies manually and ran disk defrag.  I then ran the AntiSpyWare Beta twice.  Both times it found nothing.  I believe there's two main places spyware hangs out.  In some programs, as said mostly free, and in cookies. If you delete cookies you will just have to sign back in everywhere.

The only programs I have downloaded on my computer is iespell, ebay toolbar, google toolbar, irfranview,  image forge, and bellsouth accelerator. I did notice it didn't mess with my ebay toolbar.  I youster have Spybot but it will mess up ebay toolbar real bad if you ain't careful.



 





Old Age and Treachery will outperform Youth and Inexperence. The thing is, getting older is starting to be painful.

Ianab

If you are thinking of re-formatting the disk, then you have nothing to loose by playing with Hi-Jack This. The worst you can do is to kill the system, and have to reformat  ::)
IMPORTANT
Make sure you back up anything important BEFORE you play around or re-format.

Another option is to run Hi-Jack This and just save the log file. You could email this to me and I'll have a guess at what you should remove. The problem with Hi-Jack This is that it picks up ANY change that could be a hijack. 90% of  them are usually legit things like printer drivers or digtal camera software or web plug-ins.

CWS is short for Cool Web Search... it's   >:( #Q&^$#@!^%!@# !!!  >:(

From memory it can usually be removed by killing all it's components while running windows from Safe Mode.  :P

Ian
Weekend warrior, Peterson JP test pilot, Dolmar 7900 and Stihl MS310 saws and  the usual collection of power tools :)

Ianab

CK's advise is good, and will help with PC life in general, but it wont get rid of CWS  >:(

The first bit about the power off, it's best to do a normal shutdown ( if you can ) , then unlug the PC from the wall. This seems to reset certain circuitry inside the PC. When a modern PC is 'switched off' it's really in a deep standby and there is still standby voltage going to the system board. Sometime a power glitch will upset things here and a full power off is needed to reset everthing.

Ian

Weekend warrior, Peterson JP test pilot, Dolmar 7900 and Stihl MS310 saws and  the usual collection of power tools :)

etat

Wow, thanks Lanab can ya tell I've went through a couple of 'painful' restorations. I'm gonna repeat this one more time. I learned the importance of  putting all files and pictures and shortcuts to disk and writing down all passwords and phone numbers and forwarding all emails back to myself. Recently I learned how to save some programs such as image forge to disk and then reinstall it off of the disk.  I never heard of cool web search but I found this explaining the difficulties of it.  A full restoration is somewhat painful if you ain't ever done it before  but not impossible.  Again, repeating was Lanab said, save everything you can to a disk.

http://www.scumware.com/apps/scumware.php/action::view_article/article_id::1075329940/topic::Scumware,-Spyware,-Adware-&-Malware-Applications/
Old Age and Treachery will outperform Youth and Inexperence. The thing is, getting older is starting to be painful.

Furby

Sounds like good advice from both of ya!
Thing that really hurts is this is my month old laptop I'm talking about, and it was only hooked to the internet for less then a week.
I have the disk that came with the puter for reinstalling the drivers and such, is there anything else I would need "if" I were to dump the disk?
All the software that I added that did not come with the puter I have on CD, except for I think two downloads and the antispyware stuff I downloaded.
I did put a pile of pics on the puter, but I still have them saved in the camera as well. The only thing I'm worried about losing if I dump the disk, was the stuff that came already installed on the puter. I guess I'm not really sure what is on the restore disc that came with the puter.
My though with backing things up is will I also be backing up the problems?

I KNOW I had CWS as I was finding the log file for it. I downloaded Two different CWShredders and the second one caught one small file. But the search feature that has taken over IE and the pop up that comes from it (for of all things "antispyware" ::) ), automaticly recreate themselves. I can find and block the pop up, but when it comes back, it has a slightly different file name.

Texas Ranger

Got an email and then a call from my computer guru.  The beta verion is flawed and under some circumstance considers IE a virus and damage it, causing pain to user.  MS recommending wait for full version.
The Ranger, home of Texas Forestry

Furby

Thanks for the link CK, I have read some of that stuff before, but it added a lot I didn't know. Now I'm SURE I still have CWS, just don't have a new enough version of shredder to get rid of it.

Ranger,
That explains why my IE got dumped. ::)
From Microsoft.............go figure! :-/

crtreedude

You mean that IE ISN'T a virus? ;-) Boy, it always seemed to be one to me...

Of course, it is funny that Microsoft is identifying it's own software as a virus. However, it is possible that IE has been hacked and so for that reason it is thought to be a virus.

So, how did I end up here anyway?

Furby

Well using the Beta I managed to regain full control of IE.....I think.
I had to dig around the beta a bit to get it all right. Now I don't know if the beta was doing it or some thing else, but in the beta when ever I tried to change a setting, it always changed it to a microsoft component.  ::) It didn't matter what I typed or how I typed it, it said it would change it to that, and then went and changed it to something Microsoft.

I took the batt. out of the laptop and left the cord unplugged all night. Now today I can change the beta to what I want with out it changing to MS.

I have all the scans showing less then before which is great.
But I still have some stuff.

Spybot SD is showing DSO Exploit, which I have learned is/was a flaw in windows and "should" be taken care of with SP2 or any win updates. The puter came with SP2 and I did an update or two, so I'm guessing the "flaw" is taken care of and spybot's flaw is what is still showing Exploit.

Norton picked up and removed Trojan.startpage last night.

AVG is still holding onto two files that "might" be VBS/Psyme, it can't repair them. Should I just delete those two files???

Pest patrol's free online scan keeps picking up Viewpoint toolbar. They give directions to remove it with out their product, but I can't find the files they are listing.
They say their software will remove it. ::)



Am I being to overly concerned about getting rid of these last few things??? The scans are mostly just finding cookies and stuff at this point. I don't know if there is still something in there that has not yet been found or not. I also don't know if my browser is totally free or just being "helped" by the Beta.

etat

I got a couple of questions.  The first is 'what is beta'.  

The second is in follow up to something Furby said.  If you have a infected computer and save your files and pictures and things to disk to download to your computer after reformating it is there a chance of some of the infected files hiding out in your files or pictures?
Old Age and Treachery will outperform Youth and Inexperence. The thing is, getting older is starting to be painful.

Tom


Furby

That's a major concern for me CK, I know it use to be really easy to do that, and I belive it still is. I just don't know enough about any of this to figure it all out. ::)

Thank You Sponsors!