Windows spyware problem: automatically closing certain windows

[mikeymike]

Perhaps a "listen to me or I don't fix your computer problems anymore" ultimatum is in order?

Admittedly I've never had any problems getting my family to do as they're told wrt using computers.  I think they understand that they do things like I suggest, or they have loads of problems.

Also, I'd remove at least MSNM (and any other messaging apps, as they're evil and full of security holes), as well as OE.  Install Firefox and Thunderbird (recent builds).

[KennyR]

Well Mike, I'm not the system admin. If I locked off their ability to install stuff completely then I'd have to install things whenever they wanted something installed - which is often. I don't have the time or the inclination to do that. And I don't want the computer's functionality crippled like that. They paid a lot of money for it, they need to use it. I clean the mess sometimes.

It's a learning curve. My sister uses the computer most and installs most crap on it. I teach her what not to install and what to do if something breaks. Hopefully in time she'll learn. Hopefully.

I'd just like to know who at Microsoft had the bright idea of merging Explorer and Internet Explorer. As far as ideas go, that ranks closely to peeing on an electric fence, invading Russia, or clicking any button that says "Click here for TOTALLY FREE porn!"

[JKD]

I recently had similar problem with my XP machine..considering blocking all access it has to outside world at my router to avoid these issues and caching the content on I want on my LAN...k'in nightmare it is.

Even my sister got smart and ditched the spyware MSN type stuff...

Next time your family buy a computer....make sure they get a Mac, problems gone in an instant :-) I'm certainly recommending this to the less computer literate members of the family (and the stupid ones who install crap on a daily basis)..

Steve

[Glaucus]

Well...  Some tips for ya Kenny...

Install PestPatrol, and let it run in real time. It will zap spyware in real time (it has a neat feature where it beeps everytime it zaps one, and while you surf the web you hear it beeping constantly, with some pages going berzerk. Kinda creepy, so I turn off the beeping feature).

Since you'll most certainly be back there next week cleaning up their system, you may want to install HijackThis, TCPView, Process Explorer and AutoRuns from SysInternals, NetInfo, PacketMon, and perhaps a personal firewall which grants internet access only to apps the user approves like ZoneAlarm (MikeyMike may suggest others). These tools should help diagnose and track down any "rogue" software.

Just last week I too was cleaning up a buddy's XP box. His was infected with a spybot and a nasty virus. I managed to clean both up nicely. Interestingly, the spybot was trickier to track down and used several spybot removers, and did a lot of the work myself. I first noticed it when I had his machine "idling" and noticed the LEDs on my router going crazy. I did a netstat and it scrolled off the page! So I installed most of the software I listed above, and when I ran TCPView I noticed that one particular instance of svchost.exe had over 50 live connections with IP addresses throughout the world! Using Process Explorer I was able to kill the right svchost.exe (it's normal to have several instances of svchost.exe running as it is a generic "host" process for most standard services). Anyway, I eventually tracked it down to something called "hotbar", which had some aliases (check for hbinst.exe on your HD & registry). HotBar is basically a browser extension much like the yahoo/google bars are, except it supposedly links to "Free XXX" and "Horny Teen Sluts", etc... Not sure how he got that?!?  ;-) But anyway, this nasty little bugger installed itself multiple times all over the place, also calling itself SuperBrowser or something like that. I also found it in the "Install and Remove Software" control panel, and when I clicked on "Remove", it in fact re-installed it self!!! So I manually "removed" that app from the registry with RegEdit. Good times!

  - Mike

[mikeymike]

Well Mike, I'm not the system admin. If I locked off their ability to install stuff completely

Where did I suggest you should do that?

And I don't want the computer's functionality crippled like that.

Crippled like what?

I'd just like to know who at Microsoft had the bright idea of merging Explorer and Internet Explorer.

Turn to page 1005 of "How To Force Out All Competitors in the IT Industry".  It's under "screwing both customers and competitors for fun and profit".

[cecilia]

a word to the wise: Never use IE.
Like, NEVER.

in my ZoneAlarm settings I have IE totally blocked - BIG [color=CC0000]RED[/color] Crosses - preventing IE from going out to the interent or being a "server'.

IT'S JUST NOT ALLOWED TO DO ANYTHING.

so, even if another program accidentally starts it, it does nothing but sit there until i turn it off.

and i do!
quickly
 :lol:  :flame: