Sunday, September 05, 2004

Adware/Spyware attack

Oh man, what an ordeal. I've been battling with a sudden, overwhelming, system-crippling adware attack with random pop-ups essentially keeping me from blogging all day. AOL Tech Support was great, but their Spyware-stopping software only did half the job. Now I've downloaded Ad-Aware SE and I think everything's OK. If anybody has some additional advice, I'd surely appreciate it.

5 comments:

Anonymous said...

I run both Ad-Aware and Spybot routinely (once a week) and have never had any problems.

Eric said...

Thanks! I did a full scan with Ad Aware before logging on tonight and, except for one brief pop-up, things have been cool. Pages are loading MUCH faster.

Dusty said...

Eric,
Do you use a proxy server? I have used proxomitron for over two years and I cannot remember the last time I had a pop-up. SDB uses it.
http://www.proxomitron.info/index.shtml

I second the motion on Spybot S&D and using it in combination with Adaware. I update and run once a week.
http://www.safer-networking.org/index.php?lang=en&page=download

Another item to use is HijackThis to check that processes, etc don't change. And a great site for help is Spywareinfo forums. They have been a great help to me and has a HijackThis forum and will review your HT log for problems. ( I can't find the HT site for DL but Spyware has it.)
http://forums.spywareinfo.com/

Another good forum is at Wilders Security.
http://www.wilders.org/index.htm

At Gibson Research can check your security with Shields Up! and DL Leak test.
http://grc.com/default.htm

Good luck and if you have a specific problem, give a rattle and I'll see if I can help.

Anonymous said...

Just switch to mac, and everything will be okay. No adware, spyware, viruses, or anything (to my knowledge) exists for mac. Neither I nor any other mac users have ever had the kind of problems the poor windows users of the internet have.

Anonymous said...

It sounds like you got hit with Ncase, and interstitial ad app by 128Solutions. The bitch of it is that it doesn't even require your browser to be open in order for those annoying popups to intrude. I believe Ncase exploits Windows Messenger (not to be confused with the numerous IM variations) to open and display the popup ads. I had to disable Windows Messenger and clean Ncase from my work machine(using AdAware) before I could get any work done. Every 5 minutes a new ad would pop up and sit in front of the app I was using, making it impossible to work. At one point my employer threatened to take 128Solutions to court for the cost of lost productivity and the time needed to clean it from the corporate systems.

Of course it doesn't help that Ncase exploits holes in IE. At least Mozilla seems to be immune (so far).

-DCE