Winad, WebRebates, Internet Optimizer, Bullseye
Moderator: Wiz Feinberg
-
Fred Shannon
- Posts: 3363
- Joined: 27 Sep 2002 12:01 am
- Location: Rocking "S" Ranch, Comancheria, Texas, R.I.P.
Winad, WebRebates, Internet Optimizer, Bullseye
<FONT SIZE=1 COLOR="#8e236b"><p align=CENTER>[This message was edited by Fred Shannon on 06 December 2004 at 01:52 AM.]</p></FONT>
-
Donna Sherrard Williams
- Posts: 194
- Joined: 20 Nov 2000 1:01 am
- Location: Louisville, Ky.
They all sound like spies... have you run Adaware or Spybot on your pc to get rid of the critters? They are both free programs and can be downloaded from the net.<FONT SIZE=1 COLOR="#8e236b"><p align=CENTER>[This message was edited by Donna Sherrard Williams on 30 August 2004 at 07:28 PM.]</p></FONT>
-
Fred Shannon
- Posts: 3363
- Joined: 27 Sep 2002 12:01 am
- Location: Rocking "S" Ranch, Comancheria, Texas, R.I.P.
-
winston
- Posts: 1481
- Joined: 4 Aug 1998 11:00 pm
- Location: Frankfort, Kentucky 40601
-
Jeff Agnew
- Posts: 741
- Joined: 18 Sep 1998 12:01 am
- Location: Dallas, TX
Fred,
Hardly safe to surf anymore, eh? As you've found, having a firewall doesn't help if you also have a back door open. In this case, a vulnerability in your browser. Any chance it was IE? Just a wild guess.
You'll need to do several things to get rid of this spyware. First, if you're on XP or ME, turn off the System Restore feature. Let me know if you're not sure how to do that.
Next, reboot. Use this tool to remove RapidBlaster (which is causing most of your problems). Don't try to remove this manually; it morphs quickly into other forms. When you try to uninstall it or remove it, the stupid thing renames and hides itself. The Wilders tool will remove it, however.
Reboot after running the RapidBlaster Killer.
Now download the latest reference files for Ad-Aware and Spybot S&D. Run them both, being sure you set Spybot to immunize the new spyware items.
When you run Ad-Aware, use the customized scan mode and enable these settings, if they aren't already:
<ul>[*]Scan within archives[*]Scan my IE favorites for banned URLs[*]Scan my Hosts file[/list]
Actually, just select everything in the Memory/Registry section. Then, select "Activate In-depth scan" and proceed.
So, how did this happen and how can you prevent it? You were the victim on a "drive-by download". This can only happen if you have Active-X enabled. Use the Internet Options control panel to turn off all Active-X controls, signed or unsigned. If you'll search the archives, you'll note I've posted on this before. Active-X is a blight on the Internet. If you absolutely, positively have to run an Active-X control, enable the option for a signed control only, then set it to "prompt".
Next, dump IE as your browser. Get Mozilla Firebird or Opera.
Then, download and install Javacool's Spyware Blaster, which provides real-time blocking of RapidBlaster and others like it. Be sure you keep it updated at least once a week. Go to the IE and Mozilla/Firefox tabs and enable the Active-X blocking, as well as the tracking cookies.
Because you've done some Registry editing by hand, you may have difficulty completely removing all traces of spyware. First try the steps I've outlined above, then if it persists, we'll use more drastic measures.
And at the risk of being a nag, turn off Active-X and get rid of IE.
Good luck, and let us know how things turn out.<FONT SIZE=1 COLOR="#8e236b"><p align=CENTER>[This message was edited by Jeff Agnew on 31 August 2004 at 05:11 AM.]</p></FONT>
Hardly safe to surf anymore, eh? As you've found, having a firewall doesn't help if you also have a back door open. In this case, a vulnerability in your browser. Any chance it was IE? Just a wild guess.
You'll need to do several things to get rid of this spyware. First, if you're on XP or ME, turn off the System Restore feature. Let me know if you're not sure how to do that.
Next, reboot. Use this tool to remove RapidBlaster (which is causing most of your problems). Don't try to remove this manually; it morphs quickly into other forms. When you try to uninstall it or remove it, the stupid thing renames and hides itself. The Wilders tool will remove it, however.
Reboot after running the RapidBlaster Killer.
Now download the latest reference files for Ad-Aware and Spybot S&D. Run them both, being sure you set Spybot to immunize the new spyware items.
When you run Ad-Aware, use the customized scan mode and enable these settings, if they aren't already:
<ul>[*]Scan within archives[*]Scan my IE favorites for banned URLs[*]Scan my Hosts file[/list]
Actually, just select everything in the Memory/Registry section. Then, select "Activate In-depth scan" and proceed.
So, how did this happen and how can you prevent it? You were the victim on a "drive-by download". This can only happen if you have Active-X enabled. Use the Internet Options control panel to turn off all Active-X controls, signed or unsigned. If you'll search the archives, you'll note I've posted on this before. Active-X is a blight on the Internet. If you absolutely, positively have to run an Active-X control, enable the option for a signed control only, then set it to "prompt".
Next, dump IE as your browser. Get Mozilla Firebird or Opera.
Then, download and install Javacool's Spyware Blaster, which provides real-time blocking of RapidBlaster and others like it. Be sure you keep it updated at least once a week. Go to the IE and Mozilla/Firefox tabs and enable the Active-X blocking, as well as the tracking cookies.
Because you've done some Registry editing by hand, you may have difficulty completely removing all traces of spyware. First try the steps I've outlined above, then if it persists, we'll use more drastic measures.
And at the risk of being a nag, turn off Active-X and get rid of IE.
Good luck, and let us know how things turn out.<FONT SIZE=1 COLOR="#8e236b"><p align=CENTER>[This message was edited by Jeff Agnew on 31 August 2004 at 05:11 AM.]</p></FONT>
-
Fred Shannon
- Posts: 3363
- Joined: 27 Sep 2002 12:01 am
- Location: Rocking "S" Ranch, Comancheria, Texas, R.I.P.
-
richard burton
- Posts: 3854
- Joined: 23 Jan 2001 1:01 am
- Location: Britain
-
Jon Light (deceased)
- Posts: 14336
- Joined: 4 Aug 1998 11:00 pm
- Location: Saugerties, NY
I'm not an expert and I don't play one on TV. So I can never know about cause/effect vs. coincidence but....
I used to run Ad-Aware daily and would consistently sweep & clean a half dozen or more bits of trash. I installed Mozilla Firefox and have been using it exclusively for a number of weeks now and my Ad-Aware sweeps are coming up empty. Literally. Nothing, zip. I also went to one of these computer testing sites where they try to find vulnerabilities in your rig and I scored A++ across the board--it declared my computer all but invisible to a hacker, which I suppose I can credit to Mozilla but I'm over my head here. Anyway, I'm impressed. Unfortunately I can only assume that hackers will get bored and look for and find holes in Mozilla soon enough.
I used to run Ad-Aware daily and would consistently sweep & clean a half dozen or more bits of trash. I installed Mozilla Firefox and have been using it exclusively for a number of weeks now and my Ad-Aware sweeps are coming up empty. Literally. Nothing, zip. I also went to one of these computer testing sites where they try to find vulnerabilities in your rig and I scored A++ across the board--it declared my computer all but invisible to a hacker, which I suppose I can credit to Mozilla but I'm over my head here. Anyway, I'm impressed. Unfortunately I can only assume that hackers will get bored and look for and find holes in Mozilla soon enough.
-
Gary Shepherd
- Posts: 2490
- Joined: 3 May 2004 12:01 am
- Location: Fox, Oklahoma, USA
Ditto on FireFox. I like the tabbed browsing too. One windo for all you web sites instead of a new Internet Explorer for each site plus all the pop-ups that are blocked by FireFox. I have had a downloading issue on one site however. Not sure if it's related to FireFox or not.
------------------
Gary Shepherd
Sierra Session 12
www.16tracks.com
------------------
Gary Shepherd
Sierra Session 12
www.16tracks.com
-
Don Walters
- Posts: 1355
- Joined: 4 Aug 1998 11:00 pm
- Location: Saskatchewan Canada
Get it <a href="http://www.mozilla.org/>here</a>
If you don't love it, I'll buy you a Canadian (and that's real beer!
)
If you don't love it, I'll buy you a Canadian (and that's real beer!
)-
Don Walters
- Posts: 1355
- Joined: 4 Aug 1998 11:00 pm
- Location: Saskatchewan Canada