You should be ASHAMED

[JuniperPark]

Spent the last 24 hours dealing with the most aggressive set of viruses I've ever seen. Every trick in the book running... self-replicating, self refreshing, refreshing from caches and recycle bins, registry entries that are LOCKED and refreshed every 10 seconds, tasks that hide other tasks from the control panel.... etc etc etc.

All of this for the purpose of blasting ads at me and hijacking my browser and system. It's pretty clear who stood to benefit, as I was repeatedly referred to 'spyware removers' and 'virus searches' originating from the scam artists running these sites:

sidefind.com
searchmiracle.com
popupblocker.com
spywareavenger.com
rb37.com
toprebates.com

 

[iBizStart]

I forgot what thread I clicked on and saw the list of domains. I was about to write SOLD for all of them

Spent the last 24 hours dealing with the most aggressive set of viruses I've ever seen. Every trick in the book running... self-replicating, self refreshing, refreshing from caches and recycle bins, registry entries that are LOCKED and refreshed every 10 seconds, tasks that hide other tasks from the control panel.... etc etc etc.

All of this for the purpose of blasting ads at me and hijacking my browser and system. It's pretty clear who stood to benefit, as I was repeatedly referred to 'spyware removers' and 'virus searches' originating from the scam artists running these sites:

sidefind.com
searchmiracle.com
popupblocker.com
spywareavenger.com
rb37.com
toprebates.com

 

[Mr Webname]

Who should be ashamed?
I have a number of pop-up crushers and I usually get a warning if any are crushed - I haven't had any warnings recently.

 

[JuniperPark]

Who should be ashamed?
I have a number of pop-up crushers and I usually get a warning if any are crushed - I haven't had any warnings recently.

The owners of the sites I named should be ashamed. They are installing viruses, then trying to sell virus removers, or hijacking Google searches to point to their own web pages.

 

[mole]

Yes, I think you should be ashamed if :-

1. You don't have Norton Internet Security installed and constantly updated
2. You don't have Windows SP2 security patch installed
3. You actually download and install those popup blockers, or any software for that matter, from those sleazy outfits.

Be VERY careful of FREE software downloads.

 

[seeker]

you should always have some spyware/adware removal program in your computer.

There ARE siters that download these to your computer WITHOUT you seeing anything.

 

[mole]

There ARE siters that download these to your computer WITHOUT you seeing anything.

'

Not if your IE Advanced Options is set to prevent that without signature verification.

 

[Zinc]

The only software you need to install is listed below, I personally don't get any problems. Then again, I am using Win XP which has that amazingly useful 'restore' function for the occasional major headache.

Zone Alarm - Free Personal Firewall.
AdAware - Free Spyware/Cookie Removal.
AVG - Free Virus Protection.

---

Spent the last 24 hours dealing with the most aggressive set of viruses I've ever seen. Every trick in the book running... self-replicating, self refreshing, refreshing from caches and recycle bins, registry entries that are LOCKED and refreshed every 10 seconds, tasks that hide other tasks from the control panel.... etc etc etc.

All of this for the purpose of blasting ads at me and hijacking my browser and system. It's pretty clear who stood to benefit, as I was repeatedly referred to 'spyware removers' and 'virus searches' originating from the scam artists running these sites:

sidefind.com
searchmiracle.com
popupblocker.com
spywareavenger.com
rb37.com
toprebates.com

 

[Bender]

I can recommend Microsoft AntiSpyware -it's beta, FREE

 

[Vivvy]

It's really sad that we blame the victim ... it's like saying, yeah, it's your own fault if you get mugged and robbed on the street ... when the truth is it's the robbers fault, no matter what the circumstances.

BTW, it's still possible to get viruses and hijackers even if you're running all the doodads mentioned above and all your updates are up-to-date. The criminals who create such things take great satisfaction in being ahead of the security wave.

Vivvy

 

[eSology]

What I think is pathetic is that we had a member here asking for help locating revenue generating pop-ups that pop-up blockers "can't" block. That makes my blood boil. Hope you get it under control Juniper...a jacked up PC = decreased productivity.

 

[Vivvy]

it's worse than pathetic ... we need to think of these people as criminals because that is exactly what they are... they invade, steal, and destroy. There's this romanticized view of hackers, scammers and quick click get rich schemers, that gives tacit approval to what they do and it's only going to get worse.

Vivvy

 

[fatter]

I dont no who is worse doamin hijackers or computer hijackers, pretty soon people will start getting so mad, (especially those who rely on computers for their business)that they will start killing the offenders, ive seen people killed for less

 

[mole]

I dont no who is worse doamin hijackers or computer hijackers

The only thing to do nowadays is to throw away your computer every 6 months and start clean with a new one :cheeky:

If you like to download things from the Internet to try them out, especially the FREE stuff, except from very reliable providers like Google, its like inviting every and any mischevious program to invade, hide in and play with your OS like it was Microsoft Office itself.

 

[stevey]

i have zone alarm security suite and spybot, and ive never had 1 problem in all of the time of being online, 3 or 4 years

 

[Duke]

Spent the last 24 hours dealing with the most aggressive set of viruses I've ever seen. Every trick in the book running... self-replicating, self refreshing, refreshing from caches and recycle bins, registry entries that are LOCKED and refreshed every 10 seconds, tasks that hide other tasks from the control panel.... etc etc etc.

All of this for the purpose of blasting ads at me and hijacking my browser and system. It's pretty clear who stood to benefit, as I was repeatedly referred to 'spyware removers' and 'virus searches' originating from the scam artists running these sites:

sidefind.com
searchmiracle.com
popupblocker.com
spywareavenger.com
rb37.com
toprebates.com

Hi Dale:

I recently had the same problem despite running firewalls, antivirus software etc. There is a very nasty trojan called Cool Web that does this kind of stuff and is almost impossible to get rid of manually - the authors alter it frequently to combat programs that try to stamp it out. I finally researched it on the internet and found a guy in Europe had declared all out war on Cool Web and developed a legit program called CWShredder that is a free download (it is small and easy to install) and it completly eradicated the Cool Web virus, ads etc that I had had no luck getting rid of before. You can find the program with a Google search if you want to try it.

 

[Mr Webname]

Norton Popup Blocker
Ad-Aware
Ad-Watch
Spybot Search & Destroy

Crazy that all this is necessary!

 

[JuniperPark]

Wow... Vivvy posted exactly what I was going to post! I was just about to jump on the blame the victim post.

I'm running everything in my office behind a firewall and always have, and I'm running Windows 2000 server, which EXCLUDES running most anti-virus packages. Many say they will run on Windows 2000, but not the Server version (you find this out 3 hours into the tech support call). I'm never more than a few says behind on the service patches.

The server was hit last week, which was odd because the server is ONLY a server; it has no email and I never ever browse the web on it. Passwords are 'strong' on both firewall and computer. Yet someone was able to get in and install port redirectors (to allow other programs to work through port 80), IRC, and Serve-U FTP. That mess only took a few hours to fix and was tame compared to what hit my other machine this week.

These attacks each had a clear purpose: the server was running IRC communications (an interesting read) and trying to scan other machines (and failing for some reason... tried 300,000 times in 3 days). It was attaches to the most critical Windows task, SERVICES.exe, and could not be removed except by running from the CD in console mode and replacing the file. Dangerous stuff. All network machines scanned clean when I was done, so I am certain the 2 attacks are not related.

The desktop machine attack was trying to make the browser send my searches ONLY to the search engines listed, and sell me pop-up blockers and virus removers.... a purely financial attack, which ticks me off more than the first one, hence my 'shame' post, and the reason I listed the cuplrits.

Ron, I'll check out the program, I did read about it.

 

[Vivvy]

I run ad-aware, spybot, norton (2005), trendmirco's housecall, and the popup blockers from google and my isp. They're all always up to date.. and yet a machine on my network has two viruses and a hijacker I can't get rid of...

The entire goal of those who create these malicious pieces of crapola is to get around any and all of your defenses... even with the best, latest, most up-to-date you're still vulnerable because that's exactly what they're working to break through. Maybe it hasn't happened yet, but it is most likely you'll be infected eventually. Which is why I have never understood why those within our industry don't make a bigger louder fuss about these scammers. Not only that but we hold in awe those who can defeat our defenses. ARGH! It's crazy making...

Vivvy

 

[seeker]

I have to disagree with some people here that say that this and this software is enough.
For example, although I have a myriad of software installed, from firewalls, to NAV, to adaware, and spybot, I recently acquired giant anti spyware software which was bought the very next wek by MS and is now given out for free as a beta, and I can tell you thet each version 'catches' something that the other does not.
and to mole.
There are sites that can doenload adware through IE if one is not using a multi combination of this software, even if all IE options are checked correctly.