Subcultural engagement for the 21st Century...
Barbelith is a new kind of community (find out more)...
You can login or register.

Underground > Conversation >

Help (see it as a challenge)

All Acting Regiment

08:35 / 09.05.05

Right- I'm sending this from one of teh local college computers as my one at home (win 98)is mullered.

Since the 1st May it's had some kind of virus or spyware or who knows what on it. Basically, everytime at startup, IE starts itself and displays a search page with the search field filled in with something like "condoms" or "spyware". Below this, many links to simmilar.

This is before i'm connected to the net, so this page must be stored on my computer somewhere. The name for the page is just "about:blank".

I can't get any details about it, either by looking up its prperties in IE or by searching for it using "Find" from the start menu...also, everytime I reset my homepage from "about:blank" to "www.barbelith.com" this thing sets it back.

And, there seem to be at least a hundred small .exe files been created in my Windows and System folders, each created on the 1st may or after, although these may be gone now I've deleted them. Some of them have come back in the past though.

And there's no dial tone when I try and connect to the net. I got on once on the day after this all started, but it was way slow and all the words on the 'lith turned into links. Since then, I can't get on.

The saddest thing is, just before all this shite happened I was about to get rid of IE and get on firefox or somesuch. Perhaps it's some kind of evil last swing of IE's poisoned tail.

Does anybody know how I can get rid of this? As a start, how can I tell windows what programs to run/not run at startup?

10:33 / 09.05.05

Hokay, here we go again. Firstly you have been infected - at the very least - by a CWS (Cool Web Search) variant. That's what's causing your page to always default to about:blank. Depending on the version you've contracted, it can be a stubborn little bastard to kill, but that's a purely academic point if you're going to be changing to firefox anyway...

...however, before you do, we need to clean out your PC. The first stage is for you to get a copy of Hijack This!. Download it from that site, unzip it, and run the main program. Do not try to fix anything yourself, as using Hijack This improperly can wipe out valuable parts of your system. Instead, please select the 'Scan and Save Log' button, then copy/paste the notepad file with the log either to this thread, or, if you'd rather conserve space, to a PM addressed to me.

From there I can tell you everything infecting you, and how to fix each individual problem. Once you're clean, you can install firefox.

Oh, and incidentally, it's up to you, but I'd sincerely advise ditching Windows 98 in favour of 2000. 98 is no longer spported, and, as I have stated in this thread, it is riddled with security holes. If you don't have a copy of Windows 2000, give me your postal address and I'll arrange for one to reach you.

10:36 / 09.05.05

just reformat and install Linux, it'll save you an awful lot of time

10:39 / 09.05.05

It sounds like your machine has become, as toksik so eloquently put it in his thread title, a "Trojan Mary". You've probably got anywhere between two and a baker's dozen diallers fighting over who gets to hijack your telephone connection, plus a whole horde of other mal-, spy- and adware crap buggering up everything else. I'd disconnect the telephone line from the computer, as some diallers make calls without your knowledge (and turn the modem speaker off so you can't hear the call being made) and your phone bill skyrockets.

Tezcatlipoca posted a good list of software (in addition to Spybot) that should help you repair stuff in toksik's thread, to be found here. Although in all honesty if things are as bad as you describe, I'd advocate formatting your drive and reinstalling your operating system. Then install Firefox, Thunderbird and the software that Tez recommended and use it on a regular basis.

11:02 / 09.05.05

Although in all honesty if things are as bad as you describe, I'd advocate formatting your drive and reinstalling your operating system

To be honest, I'm inclined to agree. It's more than possible for systems to get so riddled with infection that it's kinder, and certainly quicker, to just nuke them from orbit with the trusty 'format C:' option.

If, for whatever reason, you'd rather not reformat the entire drive, then follow the directions in my first post and I'll tell you what's wrong and how to fix it. But don't discount the ease of just backing up your important documents/files and just blitzing everything.

11:24 / 09.05.05

Should really start a Wiki page for this.

Edit: I did, here. If anyone can fill in the gaps please do, I'm lazy.

All Acting Regiment

12:13 / 09.05.05

Thanks for all this, guys...at the moment I feel as if Barbelith does more for me than I do for Barbelith.

So if you ever want my, like, Pasta 'n' Pepperami bake recipes, just ask. It's the least I can do.

16:02 / 09.05.05

Edit: I did, here. If anyone can fill in the gaps please do, I'm lazy

I've just finished updating that page, so should be fairly comprehensive now. The only thing missing is information regarding internet threats on the Mac, which isn't an area I know a whole lot about. If somebody wants to write a similar page for Mac, that would be great.

18:07 / 09.05.05

...a blank page, I can do that...

I'll put in a bit saying "no known Mac viruses or spyware at this moment in time so don't worry" at the top. This is also something that people ask.

There are OS X virus checkers but they cause far more trouble than they prevent. (Well, they don't prevent any trouble, apart from macro viruses when you're using Virtual PC, maybe.)

13:34 / 10.05.05

Can I chip in with my PC problem? I'm running an ancient PC and Windows 98. For some reason my mouse has stopped working when I use the PS/2 port, but it works fine through the serial port. I've checked the hardware wizard but it reports that the mouse is working fine. However I'm sure it's not the mouse itself as it works fine until windows boots. Any ideas?