-
November 8th, 2005, 04:57 AM
#1
Junior Member
Spam on the box
Hi All,
Greetings, i m having MS Antispyware, zonealarm and a couple of other safety stuff on my xp box, but as always i did visit some technical "might not waana visit" sites , and i ended up having some unwanted stuff on my box, some dialougues pop up every now and then,
some IE pages open up pointing to unwanted sites.
MS Antispyware is not able to detect nor is anti virus , but u know they are irritating.
Request any pointers or help to remove such unwanted stuff.
Regards
-
November 8th, 2005, 05:16 AM
#2
Have you tried scanning with any other spyware apps such as AdAware or Spybot? Sometimes certain adware/spyware won't be picked up by one scanner but will by another. Further, are your AV engine/DAT's and your antispyware apps fully updated?
Were you using Internet Explorer as your web browser?
-
November 8th, 2005, 06:55 AM
#3
Another thing you might want to download is the Google Toolbar, as I find it makes searching easier and has a built in pop-up blocker.
-
November 8th, 2005, 11:45 AM
#4
Junior Member
hi all,
thank you all for your time, i will try with spybot once again, but i was looking for a little indepth stuff like ...
a) is their a way to explicity determin any registry settings they make so that explicitly they can be delted.
b) any specific ports to be blocke etc.
although this is really not my domain but a little knowlege to tweak wont harm
Thank you all once again.
-
November 8th, 2005, 12:30 PM
#5
a) is their a way to explicity determin any registry settings they make so that explicitly they can be delted.
Well ... Spy and malware usually installs without you knowing it , so finding out which registry settings they perform can be difficult.
As a solution you can use some third party apps. to monitor your registry on the fly ... it will tell you when a registry setting gets altered or when a new registry setting is needed when installing a program or app. (so if you are not installing an app or program then it will tell you when there is a change in the registry requested by something).
There is also a script available on THIS SITE as a free alternative... There might be more free registry monitors available but you will have to google for them.
b) any specific ports to be blocke etc.
I'm not sure if Spyware uses any other port then port 80 (or your proxy port when you use one), but trojans and other nasty vermin use many different ports. a list can be found HERE ... But if you have a good anti-virus and a good firewall I don't think you need to worry , as any change to your ports normally gets reported by your firewall.
Hope this helps to clarify things... Anyone feel free to add comments or more recommendations.
C.
Back when I was a boy, we carved our own IC's out of wood.
-
November 8th, 2005, 01:04 PM
#6
a) is their a way to explicity determin any registry settings they make so that explicitly they can be delted
In order to keep track of Registry changes by trojans/worms etc. and clean them you may use
1. The Cleaner ( http://www.moosoft.com/products/cleaner/ )
2. A-Squared ( http://www.emsisoft.com/en/software/free/ )
For a successful technology, reality must take precedence over public relations, for Nature cannot be fooled.
Lets make Poverty a History
http://www.makepovertyhistory.org/
-
November 8th, 2005, 01:48 PM
#7
If you want real time protection against any changes, check out these two programs:
Process Guard
and Winpatrol
Also you should, seeing as how you are using IE (Get FireFox ) check out the HOSTS blocking file here:HOSTS FILE
PC Registered user # 2,336,789,457...
"When the water reaches the upper level, follow the rats."
Claude Swanson
-
November 8th, 2005, 02:46 PM
#8
I was forgetting about the free Regmon from Sysinternals to be found here.
It does live monitoring of your registry, so you could keep an eye on what gets changed.
C.
Back when I was a boy, we carved our own IC's out of wood.
-
November 9th, 2005, 05:06 PM
#9
Junior Member
Wow,
Thx buddies.. what i found was the following entries in the host files, hence not getting detected by probably any antispam softwares.
I m trying to access the admin id and replace the file. I have not been able to succedd though
127.0.0.1 www.igetnet.com
127.0.0.1 code.ignphrases.com
127.0.0.1 clear-search.com
127.0.0.1 r1.clrsch.com
127.0.0.1 sds.clrsch.com
127.0.0.1 status.clrsch.com
127.0.0.1 www.clrsch.com
127.0.0.1 clr-sch.com
127.0.0.1 sds-qckads.com
127.0.0.1 status.qckads.com
127.0.0.1 www.qoolaid.com
127.0.0.1 www.qoologic.com
127.0.0.1 www.CLKPrecision.com
127.0.0.1 www.urllogic.com
127.0.0.1 www.clkoptimizer.com
127.0.0.1 www.isearch.com
127.0.0.1 isearch.com
127.0.0.1 www.idownload.com
127.0.0.1 idownload.com
127.0.0.1 www.mytotalsearch.com
127.0.0.1 mytotalsearch.com
127.0.0.1 www.lop.com
127.0.0.1 lop.com
127.0.0.1 www.websearch.com
127.0.0.1 websearch.com
127.0.0.1 www.page-not-found.net
127.0.0.1 page-not-found.net
127.0.0.1 www.isearchhere.com
127.0.0.1 isearchhere.com
127.0.0.1 xads.offeroptimizer.comm
127.0.0.1 search.offeroptimizer.com
127.0.0.1 ximages.offeroptimizer.com
127.0.0.1 xlime.offeroptimizer.com
127.0.0.1 xadsj-o.offeroptimizer.com
127.0.0.1 xadsj.offeroptimizer.com
127.0.0.1 www.offeroptimizer.com
127.0.0.1 as.adwave.com
127.0.0.1 sr.adwave.com
127.0.0.1 www.adwave.com
127.0.0.1 adwave.com EVENT:HOST:127.0.0.1
127.0.0.1 www.pacimedia.com
127.0.0.1 www.pacimedia.com
127.0.0.1 www.pacimedia.com
-
November 9th, 2005, 05:19 PM
#10
STOP!
That looks OK to me, those are redirects to 127.0.0.1 which is your PC...............they won't go anywhere
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|