I bought System Mechanic at Wally world and use its registry cleaner, it hasn't caused any problems and seems to keep it cleaned out. The antispyware that came with it sucks, it has never found anything, even when I was infected. Alot of these malwares install a trojan "Zlob" that will reinstall the crap after you delete it. The bad thing is the same people that sell you the clean-up program are the ones that infected your system. Time to get a rope. I ran my AVG for days and it never found anything then after an update it found Zlob.FD. Good luck Pablo you have done all I know.
My PC has been attacked and need help
- Thread starter Pablo
- Start date
- Status
1sttruck, I'll recommend the registry cleaner in Crap Cleaner, which is a free utility that ToyotanSaturn recommended. It is the BOMB; best freeware I've used. It's the safest registry cleaner I know of. Also, the program will be upgraded to secure file shredding in the near term.
Another great antispyware program is the Bazooka Spyware scanner. It scans in under a second and then tells you how to manually delete the offendors. Works well as a backup to see if your main line of defense is getting stuff. It also can create a log file like Hijackthis.
This is a long read but has some great info on spyware.
http://www.spywarewarrior.com/rogue_anti-spyware.htm
http://www.spywarewarrior.com/rogue_anti-spyware.htm
It can't be to hard to catch and prosecute (decapitate?) people who actually cause problems and then sell the fix. (No I'm NOT talking about MS or GM)
Quote:
4. Microsoft updates.
5. Hardware router.
6. Check for 'stealth' at places like 'Shields Up'.
7. Uninstalled MS Messenger.
Ditto, with number 5 being very important. Let that viral code attack the routers IP. AND change the default password on the router. Any hacker worth a darn knows the default password from manufacturers. Make it complex, caps, lower case, and numbers, then write it down. Also, I like Kerio Personal Firewall. Messenger can be a regular source of virus'. Obviously, don't open any e-mail's from unknown sources. Good luck!
4. Microsoft updates.
5. Hardware router.
6. Check for 'stealth' at places like 'Shields Up'.
7. Uninstalled MS Messenger.
Ditto, with number 5 being very important. Let that viral code attack the routers IP. AND change the default password on the router. Any hacker worth a darn knows the default password from manufacturers. Make it complex, caps, lower case, and numbers, then write it down. Also, I like Kerio Personal Firewall. Messenger can be a regular source of virus'. Obviously, don't open any e-mail's from unknown sources. Good luck!
simple is right, dont tinker with that drive as a bootup. in fact you should make a disk image of it and work with that to get your datta. Never work with the original, you may make it worse..
my .02
my .02
can't believe nobody thought of this : http://www.lavasoftusa.com/software/adaware/
Free updates and everythign.. i use this alot and its very effective.
Free updates and everythign.. i use this alot and its very effective.
T-keith recommended it earlier. Ad aware is terrible IMHO. Catches nothing of significance.
I hate to say it but this attack was malicious and directed at me, and I believe it came from a server in Canada, but it can be difficult to tell.
I hate to say it but this attack was malicious and directed at me, and I believe it came from a server in Canada, but it can be difficult to tell.
Canada? Hmmm. Who have you offended from there?
No one I know of. People have a real hatred for Amsoil and sick minds and no life......
first shut off the Windows restore and reboot the 'puter. Use the hijack this and copy/paste waht it finds here. DO NOT delete anyhting until directed....
Way too late for that now.
You reformat already?
yes but I saved all content files
seems like the only files I lost were by my stupidity (see Thunderbird post) and old stuff that won't work in Win2000.
seems like the only files I lost were by my stupidity (see Thunderbird post) and old stuff that won't work in Win2000.
I see, sorry I was too late...I have fought those kind of 'attacks' plenty of times..I can say I somewhat have 'experience' with it! they suck, and can be very hard to remove, but wehn It happens, I simply refuse to reformat!!
Well it was great excuse to get rid of Win ME.
Can I report those bad web sites to the authorities? It's just so blatant. How can they get away with it for long?
The other peever is that the only thing that killed it- was me deleting the suspicous files via autoruns. I don't trust those spyware killer programs too much anymore. None of them found this thing. Neither did the AV programs, but I didn't try Macaffee.
Oh well the only drive I reformatted was the old drive that I moved to be my D: slave (it's 80 gig) and the main reason to format was to make it NTFS (not FAT32!!). It's not really thinking it's a slave because I didn't change the jumper, but it works great.
[ January 16, 2006, 11:52 AM: Message edited by: Pablo ]
Can I report those bad web sites to the authorities? It's just so blatant. How can they get away with it for long?
The other peever is that the only thing that killed it- was me deleting the suspicous files via autoruns. I don't trust those spyware killer programs too much anymore. None of them found this thing. Neither did the AV programs, but I didn't try Macaffee.
Oh well the only drive I reformatted was the old drive that I moved to be my D: slave (it's 80 gig) and the main reason to format was to make it NTFS (not FAT32!!). It's not really thinking it's a slave because I didn't change the jumper, but it works great.
[ January 16, 2006, 11:52 AM: Message edited by: Pablo ]
Boy, this whole spyware thing just keeps getting more and more of a pita. Seems like running windows at all is becoming more trouble than its worth..
Have you tried traceroute to trace which ISP was used? I am Joe Greenhorn when it comes to this stuff but if I understand correctly the 2nd to last entry is the ISP they use.
http://www.traceroute.org/
This may be like trying to find a golf ball at the bottom of a lake though...
http://www.traceroute.org/
This may be like trying to find a golf ball at the bottom of a lake though...
FWIW I filed a complaint with the U.S. FTC
On Saturday Jan 14, 2006 for the first time ever my computer was infested with some sort of bug/spyware. It basically killed my my PC. I am very cautious and use a firewall, several spyware detectors and antivirus software, yet this "program" got onto my hard drive. After it slowed everything down - I tried running all kinds of new detectors, but nothing would remove the program. Then these pop-ups started, they basically said (with misspelled words - so maybe foreign) that I had a registry error and only their software would cure the problem. Each pop-up would have a web address like:
http://www.registry
cleanerxp.com]
http://registry
cleaner32.com/
http://www.myregistry
cleaner.com/
(or some variant)
PCSecurityShield
7601 N. Federal Highway - Suite 200A
Boca Raton, FL 33487
tel: (561)994-8184 fax: (561)994-8185
I NEVER downloaded their program. This to me is very criminal, to create a nasty problem (killed my PC) and then sell a "cure".
Please investigate.
[ January 16, 2006, 04:47 PM: Message edited by: Pablo ]
On Saturday Jan 14, 2006 for the first time ever my computer was infested with some sort of bug/spyware. It basically killed my my PC. I am very cautious and use a firewall, several spyware detectors and antivirus software, yet this "program" got onto my hard drive. After it slowed everything down - I tried running all kinds of new detectors, but nothing would remove the program. Then these pop-ups started, they basically said (with misspelled words - so maybe foreign) that I had a registry error and only their software would cure the problem. Each pop-up would have a web address like:
http://www.registry
http://registry
http://www.myregistry
(or some variant)
PCSecurityShield
7601 N. Federal Highway - Suite 200A
Boca Raton, FL 33487
tel: (561)994-8184 fax: (561)994-8185
I NEVER downloaded their program. This to me is very criminal, to create a nasty problem (killed my PC) and then sell a "cure".
Please investigate.
[ January 16, 2006, 04:47 PM: Message edited by: Pablo ]
- Status
Similar threads
