spyware..
Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: spyware..

  1. #1
    Member
    Join Date
    Dec 2003
    Posts
    83

    spyware..

    recently my com got some spyware....the website it pop up is a porn web. it only appear once a day.and it happened anytime in a day.


    the website for the porn is http://204.177.92.193.....
    the title of the web is xxx....

    can anyone tell me wat is this. is the web a virus or a spyware? pls help mi solve the problem..thx..and i am using ad-aware6 n spysweeper.


    is the virus/spyware call teenxxx(tinybar) ?

  2. #2
    Senior Member
    Join Date
    Jun 2002
    Posts
    311
    Is ad-aware updated?

    If you dont have a anti virus running, I suggest you get one now.

    http://www.grisoft.com/us/us_index.phpAvg Antivirus <-- Free anti virus

    And if you dont have a firewall running, you should get one also.

    Sygate Personal Firewall

    Zone Alarm

    Both are free.

    Good luck

  3. #3
    Senior Member Wazz's Avatar
    Join Date
    Apr 2003
    Posts
    288
    Check your Host file...(Do a search in Windows (assuming that's what you're running), and open the file with Notepad. If there are any IP Addresses listed at the bottom of the text other that the loopback, delete them (unless you added them yourself). This is a common solution that AdAware and similar proggies miss. Hope this helps.......
    "It is a shame that stupidity is not painful" - Anton LaVey

  4. #4
    Senior Member Wazz's Avatar
    Join Date
    Apr 2003
    Posts
    288
    The name of the file is Hosts, I made a typo up top....so sorry
    "It is a shame that stupidity is not painful" - Anton LaVey

  5. #5
    Member
    Join Date
    Dec 2003
    Posts
    83
    where is the hosts files?? Wazz?? wat do i do after finding the file?? i cant find the file..

  6. #6
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    Originally posted here by Wazz
    Check your Host file...(Do a search in Windows (assuming that's what you're running), and open the file with Notepad. If there are any IP Addresses listed at the bottom of the text other that the loopback, delete them (unless you added them yourself). This is a common solution that AdAware and similar proggies miss. Hope this helps.......
    Hrm...... I'm going to have to question this... Deleting entries in your hosts file is an adware solution? This is the first time I've heard of that. There are virii/spyware/adware out there that modify this file, however they actually edit the registry entry on where the file is stored and create a new file located elsewhere on the drive that is now referenced as the hosts file. You would have to find the new location in your registry and edit the hosts file in that location not the default file, also this is for a very small number of pieces of malware, in these cases you will find your nameservers have been changed and common pages -- google being a big on are being redirected. The hosts file is actually a very useful file and I would never tell someone to just go delete all the entires other than the loopback. This file stores local, for lack of a better term, dns entries. It allows you to add references for your LAN so you can refer to them by name rather than by address (yes you can use computer name, but this allows for other names, more logical ones), also it allows you to save yourself some bandwidth. For a home computer this might not be a thing, however if you have 5000 computers and they're all hitting your DNS server because the users use the name instead of the IP, you could easily push out a hosts file to all the systems with the set-up for some of the more commonly used ones. It is also a way to restrict the websites that a user visits. You can, in a cheesy way, block access to certain domains. You can also use it as a defence against pop-ups and built in ads, Spybot does a great job of updating this file to stop ads and pop-ups. However saying just aimlessly go in and delete all but your loopback entry is just bad advice.

    Samueltoon:

    As for your problem I'd suggest you check out www.safer-networking.org - Spybot S&D tends to usually be a bit ahead of AdAware and find a few more problems.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  7. #7
    Senior Member
    Join Date
    Aug 2001
    Posts
    267
    Try Spybot Search & Destroy. It cleans them out, protects IE & Hosts files & "immunizes" the registry.

    Just found an XXX site that removes the security from IE and adds itself into the 'restricted sites'.

  8. #8
    Member
    Join Date
    Dec 2003
    Posts
    83
    huh dcongram??Just found an XXX site that removes the security from IE and adds itself into the 'restricted sites'.??
    how to i do?

    i think i the spyware is teenxxx(tinybar).
    but spy sweeper does not seem to be able to clear the adware out..
    i scaned the fist timeand i deleted the teenxxx(tinybar) away.
    but the second time i try again after restarting my computer.. the teenxxx(tinybar) was found again..
    can anybody tell me how to remove teenxxx(tinybar) ?
    thx

  9. #9
    Senior Member Wazz's Avatar
    Join Date
    Apr 2003
    Posts
    288
    You are correct HTRegz, that is why I asked him if he made any entries to the Hosts file himself. To clear up my post a bit.....What I'm talking about is actually a "false" redirect that is caused by "malicious" entries in the Hosts file. I have however come across redirects that I would consider adware....I hope this clears this up a bit.
    "It is a shame that stupidity is not painful" - Anton LaVey

  10. #10
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Just a question of clarification PLease..

    The "Pop-Up" we are discussing here is a web page.. not a message box type popup? ie are we discussing a popup that could be activated on certain webpages that samueltoon is visiting.. in this case all the spyware removal in the world won't stop it.. a popup/under blocker a step towards a solution.. If it is just a message display (ie Net Send Messenger - popup) and Assuming that it is Win 2k or XP then disabling the Messenger Service is a good move..

    samueltoon: when posting messages for help.. the telling what your operating system is helps us to help you..
    And can I repeat (I think I am the third one) Get Spybot S&D (HTRegz gave a link) download the updates as well.. and give it a run around your system.. ..
    I was going to as for a screen shot of one of these popups.. later perhaps.. not in pervert mode just yet..

    Cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •