Help with Spyware

Chat about anything and everything... (well almost anything) Whether it be the front porch or the pot belly stove or news of interest or a topic of your liking, this is the place to post it.

Moderator: S2k Moderators

Message
Author
AsHtRaY
Tropical Low
Tropical Low
Posts: 11
Joined: Mon Jun 14, 2004 6:21 pm
Location: Orlando FL

Help with Spyware

#1 Postby AsHtRaY » Mon Jun 14, 2004 7:15 pm

Hello everyone, I am friends with chadtm80 in FL. Chad and I were talking about spyware and he mentioned some of you from time to time run into some nasty ones. I help with a site called http://spywaredata.com we are devoted to killing spyware, or doing the best we can! The site is related to a product called SSI, or System Spyware Interrogator. It is free, and does not remove spyware it only detects it. You may ask yourself what good is that? Well most of you already have a spyware remover product, if you dont you should get one. Suppose you run your remover and after it detects and removes everything you still have spyware on your computer. How would you know. The answer is SSI, use it to make sure that your computer really is spyware free. We have the largest database of spyware, and if you have something on your computer we suspect might be spyware you can upload the files and we will look at them. The more people that send us files, the better our detection gets. We currently have one of the largest public lists. We also keep a list of good items, so if there is an application we dont know about, and you dont mind uploading the file information please do so. If you aren't comfortable with that, then just use the program as an auditing tool.

I know this was a long email, but I figured it, and or I may be able to help if you run into any more spyware related issues.
Also if any of you have comments on SSI we would love to hear them.
Enjoy hurricane season.

-AsHtRaY
0 likes   

chadtm80

#2 Postby chadtm80 » Mon Jun 14, 2004 7:23 pm

Im chadtm80 and I approve this message.. hehehe

Hows it going bud? Ashtray has been a very good friend of mine for years. We grew up together :-) Database is getting HUGE. Swing on by guys. I cant STAND spyware and if we upload the files we will be able to get these jerks out of our puters ;-)
0 likes   

AsHtRaY
Tropical Low
Tropical Low
Posts: 11
Joined: Mon Jun 14, 2004 6:21 pm
Location: Orlando FL

#3 Postby AsHtRaY » Mon Jun 14, 2004 7:49 pm

Doing great Chad. Storm2k has come a long way! Unbelievable.

-AsHtRaY
0 likes   

ColdFront77

#4 Postby ColdFront77 » Mon Jun 14, 2004 7:53 pm

It could be better to a group of people, but we shouldn't get into that.
Last edited by ColdFront77 on Mon Jun 14, 2004 8:23 pm, edited 1 time in total.
0 likes   

User avatar
breeze
Category 5
Category 5
Posts: 9110
Age: 63
Joined: Sat Feb 08, 2003 4:55 pm
Location: Lawrenceburg, TN

#5 Postby breeze » Mon Jun 14, 2004 8:11 pm

Now, Tom, I TRY to be good, every chance
I get - er, ok...occasionally...well, maybe,
sometimes...:eek:

Thanks, AsHtRaY! Question - I just downloaded
Spybot, this past weekend. Your saying, if that
program didn't get it all removed, you can detect
what's left on my PC?
0 likes   

User avatar
Lindaloo
Category 5
Category 5
Posts: 22658
Joined: Sat Mar 29, 2003 10:06 am
Location: Pascagoula, MS

#6 Postby Lindaloo » Mon Jun 14, 2004 8:20 pm

I was wondering the same thing breeze. And also, if you detect more after we run spybot then how do we remove it?
0 likes   

AsHtRaY
Tropical Low
Tropical Low
Posts: 11
Joined: Mon Jun 14, 2004 6:21 pm
Location: Orlando FL

#7 Postby AsHtRaY » Mon Jun 14, 2004 8:20 pm

breeze, yes that is correct. If we say it is an identified parasite then most likely you still have spyware on your computer. Let me know if you need anything else, I would be glad to help.

AsHtRaY
0 likes   

User avatar
breeze
Category 5
Category 5
Posts: 9110
Age: 63
Joined: Sat Feb 08, 2003 4:55 pm
Location: Lawrenceburg, TN

#8 Postby breeze » Mon Jun 14, 2004 8:22 pm

Thanks so much - I appreciate your help!
0 likes   

AsHtRaY
Tropical Low
Tropical Low
Posts: 11
Joined: Mon Jun 14, 2004 6:21 pm
Location: Orlando FL

#9 Postby AsHtRaY » Mon Jun 14, 2004 8:26 pm

Lindaloo, we are working on removal instructions for all the different types, in the mean time I can help you here, or in the spywaredata message boards. You can also post the url for the results page and others can learn as well.
Example:http://www.spywaredata.com/analyze/analyze_data.php?uniqueid=2388&chk_tbl=10110011110

Thanks for your interest I will be happy to help anyone remove the pesky buggers.

-AsHtRaY
0 likes   

User avatar
southerngale
Retired Staff
Retired Staff
Posts: 27418
Joined: Thu Oct 10, 2002 1:27 am
Location: Southeast Texas (Beaumont area)

#10 Postby southerngale » Mon Jun 14, 2004 8:31 pm

ColdFront77 wrote:It could be better to a group of people, but we shouldn't get into that.


What group of people Tom?



Thanks AsHtRaY!
0 likes   
Please support Storm2k by making a donation today. It is greatly appreciated! Click here: Image

Image my Cowboys Image my RocketsImage my Astros

chadtm80

#11 Postby chadtm80 » Tue Jun 15, 2004 6:13 am

Ashtray why dont you explain to everyone what spyware is, who puts it where and why. And what the negative effects are on your puter
0 likes   

Guest

#12 Postby Guest » Tue Jun 15, 2004 12:11 pm

Hey hows it going Ashtray? Just wanted to let ya know I've idownloaded SSI. One more person trying to combat spyware. ;) Thanks for the info!
...Jennifer...
0 likes   

User avatar
breeze
Category 5
Category 5
Posts: 9110
Age: 63
Joined: Sat Feb 08, 2003 4:55 pm
Location: Lawrenceburg, TN

#13 Postby breeze » Tue Jun 15, 2004 7:26 pm

Another question, AsHtRaY - is your program going
to be compatible with my Adaware and Spybot?
(I know that Adaware gets a bit uncomfortable
with Spybot)...I just want to make sure that I
don't have programs being fussy about other
programs.
0 likes   

ColdFront77

#14 Postby ColdFront77 » Tue Jun 15, 2004 7:30 pm

ColdFront77 wrote:It could be better to a group of people, but we shouldn't get into that.

southerngale wrote:What group of people Tom?

Some of us definately know, others do not.

I think (and I believe you [and others that know]) would think it best that we not get into it.

My sincere apologes for bringing it up.
0 likes   

User avatar
nystate
Category 5
Category 5
Posts: 1207
Joined: Tue Mar 11, 2003 2:58 pm
Location: Fayetteville, NC

#15 Postby nystate » Tue Jun 15, 2004 9:26 pm

Just got my computer back from the shop yesterday. Had over 2,200 spyware and adware files on it. Thankfully, both spybot and adaware were installed and it runs just fine now.
0 likes   

AsHtRaY
Tropical Low
Tropical Low
Posts: 11
Joined: Mon Jun 14, 2004 6:21 pm
Location: Orlando FL

#16 Postby AsHtRaY » Tue Jun 15, 2004 9:50 pm

Hello again everyone. First off SSI will not effect any spyware remover, we have tested it with 9 of the major removers and have seen no problems. We designed it to be compatible with just about any windows program.

Here is a breif description of SSI, spyware/adware, and it's related technologies. Hopefully this explains a lot.

We gather system information from your computer to help determine what operating systems or browsers spyware seems to attack more. We gather your memory and the amount your using to aid us in determining how much of an effect spyware is having on your computer resouces. We also gather your version of Internet Explorer and your Internet connection type to determine if spyware is prying on broadband users as much as dialup users and what versions of Internet Explorer are being affected.

Browser Helper Objects (BHO)

A Browser Helper Object is a small program that runs automatically every time you start your Internet browser. Usually, a BHO is installed on your system by another software program. BHOs are typically installed by toolbar accessories and can track your internet usage and collect other information that is used on the internet.

ActiveX Controls

ActiveX is Microsoft's technology for signing plug-ins that add additional software to your computer when a web page is accessed.

Programs that start when your computer starts...

Your computer has several programs that startup when your computer starts. Most of these programs serve a good purpose such as an Anti-Virus program or maybe your favorite music software. However, spyware also forces itself to start when your computer starts. Removing spyware from here will prevent it from reinfecting your machine. We use this data to educate you on what Spyware is starting up when your computer starts.

Homepage and Searchpage Hijacker information...

Hijackers are applications that attempt to take control of the user's home page and reset it with the site of the hijacker's choosing. This site is almost always loaded with ads, pop - ups, and/or other make-money-fast portals. They are a low security threat, however annoying they may be. Many hijackers use stealth techniques or misleading dialogue boxes to perform installation. Hijacker programs will put a reference to themselves in the StartUp or Registry, so that the hijacker reinstalls itself every time the computer is started. If the user tries to change any of these settings, the hijacker then changes them back upon reboot

Add / Remove Programs List

Your Add / Remove program lists contains a wealth of information on what programs are 'registered' as installed on your computer. Quite a few spyware applications will not 'register' themselves with your Operating System because they do not want to be installed. Spywaredata.com can tell you what spyware programs have 'Registered' on your computer and how to remove them.

Programs that are running right now

right now your computer is probably running several dozen programs that you can't see. You can view some of them using the built in task manager of windows; However, each program running uses 'Dependency' programs. Dependency programs are little helper applications that help. Spyware comes in this form quite often. It can hide here with the security of knowing it will be very hard to find. SSI and spywaredata.com can grab this information and immediately alert you to these hidden spyware programs.

Host file information

Your Hosts file is like an address book. When you type an address like http://www.google.com into your browser, the Hosts file is consulted to see if you have the IP address, or 'telephone numbe' for that site. If you do, then your computer will 'call it' and the site will open. If not, your computer will ask your ISP's (internet service provider) computer for the phone number before it can 'call' that site. Normally you would not have that address in your Hosts file. Spyware will change your Host file and put in a different 'Phone Number' then the one you need to contact. This prevents you from accessing the correct web page and also redirects you to another site.

Toolbar registry enteries

Toolbars are helper programs that attach themselves to your Internet Explorer or Windows Explorer programs. Most toolbars are innocent and are made for convience. other toolbars track everything you do on the Internet and even pop advertisements up based on your searches. In addition, they can also deliver to you the search results they want, which are generally paid results and not necessarily what you searched for.

Distribution registry keys

Distrubtion units are a method of installing software over the Internet. Generally website will prompt you to install a certain 'Control' which then loads software needed for proper viewing of that webpage. Spyware has the ability to install these 'Distribution Units' on your computer through various websites, pop-ups and pop-under webpages. They can generate pop up advertisement, hijack homepages and monitor your Internet Activity. Spyware is NOT required to view a webpage.

Shell Extension registry keys

Shell Extensions are an integral part of the operating system. And example of a shell extension is the menu you receive when you left click on a folder in Windows Explorer. Spyware will attach to the shell extensions of your computer to help hide itself. This type of spyware is hard to find and can generate pop-up advertising.

URLHook registry keys

Spyware that monitors what you type in the address bar of Internet Explorer and then hijacks that data is known as a 'URL Hook'. This type of spyware can take you to Portals which deliver paid ad's, pop-ups and even adult content.

Winsock enteries, also known as the LSP layer

LSP or Layered Service Providers play a very important part in your Internet connection. All Internet traffic flows through the LSP like a chain. Each file is a link in this chain. If a file is deleted the chain breaks and you have no more Internet connection. Spyware that resides on this layer of your computer can monitor all Internet surfing and activities.

Keep the questions coming:)

-AsHtRaY
0 likes   

ColdFront77

#17 Postby ColdFront77 » Tue Jun 15, 2004 10:36 pm

nystate wrote:Just got my computer back from the shop yesterday. Had over 2,200 spyware and adware files on it. Thankfully, both spybot and adaware were installed and it runs just fine now.

Of all places to have your computer back from with that many Spyware and Ad-aware files...
0 likes   

snoopj
Category 2
Category 2
Posts: 530
Joined: Wed Sep 10, 2003 9:46 pm
Location: KCMO
Contact:

#18 Postby snoopj » Tue Jun 15, 2004 11:50 pm

I've used a combination of Ad-aware and Spybot Search and Destroy and I've had my home machines free of that junk for quite sometime now. Even my work PC support teams recommend using that combination. Sad that you have to use applications like that just to make the internet actually browsable, but combine that with the Google Toolbar for pop-up suppression (well, for IE...I use Mozilla Firefox 95% of the time) and you are pretty well on your way to getting back online without too much worry from silent installers and such.

Now, if only I could do something about those damn virus writers....ugh.

--snoopj
0 likes   

AsHtRaY
Tropical Low
Tropical Low
Posts: 11
Joined: Mon Jun 14, 2004 6:21 pm
Location: Orlando FL

#19 Postby AsHtRaY » Wed Jun 16, 2004 2:35 am

snoopj, have you run SSI to see if there is still spyware after using all of those removers?

I am very interested to know.

Thanks
-AsHtRaY
0 likes   

snoopj
Category 2
Category 2
Posts: 530
Joined: Wed Sep 10, 2003 9:46 pm
Location: KCMO
Contact:

#20 Postby snoopj » Wed Jun 16, 2004 7:41 am

ash....

None.

I think a lot of the reason why I don't have anything is due to the fact I have moved away from IE and it's gaping holes for spyware delivery. Sure, getting some pages to function might be a pain and most plug-ins aren't written for Firefox yet, but it does the basics and I don't really do a whole lot of advanced web surfing.

--snoopj
0 likes   


Return to “Off Topic”

Who is online

Users browsing this forum: No registered users and 6 guests