I can't believe the junk on my brothers notebook computer. I could of formatted but I wanted to see the extent of difficulty it is to clean such a mess.

From vx2 so MySearchAssistant, Bloodhound etc...he had it. Damaging his Norton Security System in the process.

Used ccleaner, jv16, adaware,Search and Destroy, AVG. Finally cleaned up the mess. Would of been easier to format and much less time consuming but I just wanted to give it a try.

After this incredible frustration, I really believe there should be some sort of accountability for any application that allows these programs to run. I can't imagine how much it must cost corporations, let alone 'Joe' public to fix there system!!!.

Enough!. Electric chair would be too good for them! ;)

So, back to my rant point. Has anyone, company etc been prosecuted?

Guess not?

:rotfl: :rotfl: :rotfl:

I can't believe the junk on my brothers notebook computer. I could of formatted but I wanted to see the extent of difficulty it is to clean such a mess.

From vx2 so MySearchAssistant, Bloodhound etc...he had it. Damaging his Norton Security System in the process.

Used ccleaner, jv16, adaware,Search and Destroy, AVG. Finally cleaned up the mess. Would of been easier to format and much less time consuming but I just wanted to give it a try.

After this incredible frustration, I really believe there should be some sort of accountability for any application that allows these programs to run. I can't imagine how much it must cost corporations, let alone 'Joe' public to fix there system!!!.

Enough!. Electric chair would be too good for them! ;)

So, back to my rant point. Has anyone, company etc been prosecuted?


how long did it take?

call me lazy, but when one's that F'ed up, I format ...

I purposely infected one of my spare pc's once just to do the exact samething you did, and as you said it can be done but it takes most people less time to format and reinstall than it takes to rip out alllllllllllll the crapola exe/dlls and registry entries. I was making a vb program that did it all for the most common problem spy/adware but lost interest.

Guess not?


:rotfl:

Sorry Think, just saw your post, haven't heard of any lawsuits but we can always be the 1st.

Or we can put a finger in the computer and sue Dell :nod:

And think, I bet there is still some "leftovers" floating around.

And think, I bet there is still some "leftovers" floating around.

Not if you do it right.

Not if you do it right.


If the guys computer is that infected its been exposed for a long time, its gotta have some bitss still, i dont trust that scanners can block or catch everything.


Even after doing all that i'd probably format, or at least use spybot to check registry values and use NTRegOpt to optimize the registry.

So I had a little spare time or I'm just a freaking masochist. If my neighbor was one of these trojan curators, I'd break his nose and tell that I was trying to format his brain. :irate:

:)

I think ur overthinking think

I think ur overthinking think

:)

Just downloaded that proggie Chewbacca (NTRegOpt)

Thx :thumb:

No i wasnt saying the scanner programs can do it, they dont. They always leave some stuff behind, if you do it manually though you can get everything out, it just takes forever :)

I wonder if there is a systematic way of doing this properly. Some of you tech gentlemen must have an approach that works, other then formatting or using programs to do the work for you.

Whatever...had fun doing it but what a pain in my appendix!!!! :2cool:

No i wasnt saying the scanner programs can do it, they dont. They always leave some stuff behind, if you do it manually though you can get everything out, it just takes forever :)


can u manually go through system32 folder and know all the bad files? :D

I wonder if there is a systematic way of doing this properly. Some of you tech gentlemen must have an approach that works, other then formatting or using programs to do the work for you.

Whatever...had fun doing it but what a pain in my appendix!!!! :2cool:


at that level i format and just make it as safe as i can

can u manually go through system32 folder and know all the bad files? :D

Very VERY slowly yeap :D

Very VERY slowly yeap :D

BTTtray.exe?

well, it was kinda like a program...

I wrote a batch file to revive dieing machines on the network, was working on a way to set it up so that the deleted reg keys associated with about four of the main viruses back then and a whole huge list of other files

I've gotten pretty good at fixing these lately...my 600 employee work place gives me lots of practice. I actually look foward to the really hard ones that take some extra research and new programs.

ccleaner
avg
adaware
spybot
regscrub

Oops almost left off hijackthis

these pretty much take care of 99% of the ones i get my hands on.

most of the time you accidentally agree to install it :( who actually reads the legal agreements?

most of the time you accidentally agree to install it :( who actually reads the legal agreements?



cnet and the people making the antispyware

Sorry Think, just saw your post, haven't heard of any lawsuits but we can always be the 1st.
The problem is, who are you going to sue?

Follow the money trail? It probably leads to some net cafe in Bangkok or Moscow.

Not that I agree with spyware, but the vast majority of it is installed with the user's consent. Maybe if some people did a little reading instead of clicking through EULA's...

The problem is, who are you going to sue?

Follow the money trail? It probably leads to some net cafe in Bangkok or Moscow.

Not that I agree with spyware, but the vast majority of it is installed with the user's consent. Maybe if some people did a little reading instead of clicking through EULA's...
Thats the problem. They are taking advantage of this especially with the children who don't understand. They install AIM to talk to their friends and they don't understand that it also installs Weatherbug and a couple of other things unless you uncheck them.. I mean you go to install Adobe Reader now and it installs Adobe Download manager, and adobe photo album , and if you install friggin Macromedia Shockwave it wants to install Yahoo toolbar! Everyone is bundling software upon software.
I cleaned a computer today that had 3 childrens accounts (XP Multi user) and 2 adults. I logged in with the Admin account cleaned out all the spyware and relogged back in under another user and the entire system was reinfected all over again.
As good as CCleaner is guys...you need to use the custom folders options and choose each and every sub-account in Documents and settings that has a /Local settings directory and include each temp directory individually or else it just cleans out the current account of temp files. Which would be fine if its a single user system.
I just don't see anyone doing any suing over this as there is a lot of money being made from the software to keep it at bay and the security measures/hardware being sold to control it. I think spyware has surpassed its brother, the Virus, in monetary damage and profiteering at this point. These companies ARE traceable and they are well known. They are in bed with a lot of powerful corporations for Data Mining and you won't see crap done to them for a while.


Pie

So, back to my rant point. Has anyone, company etc been prosecuted?

Tis pretty hard to do, especially considering the end users brought it onto the machines themselves, by clicking "Yes I agree" without reading all of the stuff. :rolleyes:

I wonder if there is a systematic way of doing this properly. Some of you tech gentlemen must have an approach that works, other then formatting or using programs to do the work for you.



Kind of depends, I try to stay away from home/end users machines, it's simply 88 thousand times not worth my time. There's a judgement call you make, when initial scans reveal over a certain amount of infected files, usually over 500 or 750 or so, you know the machine is going to take a while. Now it's a matter of you saying to yourself "Do I want to spend several days on this, or just format and start with a clean slate?" Because in all honesty, I can't charge someone for several days of my time, they could have bought a half dozen nice PCs by that point. And if I spend several days working on a rig, and only charge them a couple of hundred bucks, I'm now reducing myself to volunteer work....and I could have been making real money doing other projects..so I'm losing money.

Going through the machines manually, by hand, it's a matter of you learn this as you go along. Using Windows Explorer and eyeballing the root of C, C:\Windows, and C:\Windows\system and system32....you learn to look for oddball files. Google is your friend here. There are a lot of files in there to look through. Also the run keys in the registry. Look at relationships between the two.

Some tools have come out recently that have helped a lot, such as the advanced tools section of Microsoft Antispyware, and some utilities and make rebuilding winsock and TCP on WinXP as simple as a double click.

So it's a judgement call you have to make based on what you see. Are you prepared to invest an unknown tremendous amount of time on this machine trying to nurse it back to health? Or do you want to invest a known amount of time, like 2-3 hours, in saving important data, wiping clean, and building fresh.

Kind of depends, I try to stay away from home/end users machines, it's simply 88 thousand times not worth my time. There's a judgement call you make, when initial scans reveal over a certain amount of infected files, usually over 500 or 750 or so, you know the machine is going to take a while. Now it's a matter of you saying to yourself "Do I want to spend several days on this, or just format and start with a clean slate?" Because in all honesty, I can't charge someone for several days of my time, they could have bought a half dozen nice PCs by that point. And if I spend several days working on a rig, and only charge them a couple of hundred bucks, I'm now reducing myself to volunteer work....and I could have been making real money doing other projects..so I'm losing money.

Going through the machines manually, by hand, it's a matter of you learn this as you go along. Using Windows Explorer and eyeballing the root of C, C:\Windows, and C:\Windows\system and system32....you learn to look for oddball files. Google is your friend here. There are a lot of files in there to look through. Also the run keys in the registry. Look at relationships between the two.

Some tools have come out recently that have helped a lot, such as the advanced tools section of Microsoft Antispyware, and some utilities and make rebuilding winsock and TCP on WinXP as simple as a double click.

So it's a judgement call you have to make based on what you see. Are you prepared to invest an unknown tremendous amount of time on this machine trying to nurse it back to health? Or do you want to invest a known amount of time, like 2-3 hours, in saving important data, wiping clean, and building fresh.

XP really helps out in the case of system32 files and other files on the drive. If you hover over them the file description give it away a lot of times. It will say either Microsoft or it could say like TODO blah blah (In which case it gets nuked) or ABETTERINTERNET (Vx/2 transponder..GONE).
Hewlett packard lately is getting on my nerves with all those wierd .exe files they load that look very similiar to spyware files.

Hewlett packard lately is getting on my nerves with all those wierd .exe files they load that look very similiar to spyware files.

Yeah they pick some oddball names for those files and processes, eh?

Yeah they pick some oddball names for those files and processes, eh?

Yes for sure.

Another thing I don't get is how microsoft went after people for distributing MSCDEX.exe a while back because of copyright laws and they couldn't distribute floppies with MSCDEX.exe on CD drive installion disk and here you have these companies routinely modifying notepad.exe and nothing has been done about that. I was under the impression that making virii was illegal. A file that is named qqruil.exe and returns as yrjij.exe when you end task on it should be considered malicious and viral.
If you add/remove the majority of these things they all come the same company and use the same .dll file for uninstallation. I love the dumb questionnaires they give you to answer on why you want to uninstall.

I love the dumb questionnaires they give you to answer on why you want to uninstall.

:rotfl: Yeah isn't that annoying? I can't stand those. I've seen a couple that make you enter a code similar to when you do a DNS lookup on registrar sites. :rolleyes:

.. and use NTRegOpt to optimize the registry.

I had never heard of this app before and I just downloaded and tried it out. It works great. I see a definite improvement in my machine.

Thanks Chewie!

Has anyone sued? If there was a EULA involved, no.

Has anyone been sued for labeling an application "spyware"? plenty of times.. :nod: