GetDotted Domains

At GetDotted, a 1 year .co.uk, .uk, .me.uk or .org.uk registration is now just £1.95 ex VAT.

Search Domains Now

Viewing Thread:
"Virus/Mallware problem - HELP please!"

The "Freeola Customer Forum" forum, which includes Retro Game Reviews, has been archived and is now read-only. You cannot post here or create a new thread or review on this forum.

Tue 04/10/05 at 20:16
Regular
"Long time no see!"
Posts: 8,351
Right, since I don't know an awful lot about this sort of thing and I have no idea as to where exactly this thing has spawned from it may be quite difficult to explain. But I'll give it a go:

It seems to be one of these things that tries to change your homepage and connection settings to a dial-up of its own; presumabley something that would greatly benefit the koont behind it ripping hundreds out of my own back pocket (...okay, my mum's, actually!).

After a certain amount of time connected - I don't know if it's set on a timer or whether it's to do with which pages you visit - a box of (Spanish?) text pops-up with a 'Yes/No' option at the bottom, after my computer tells an attempt to change my home page has been blocked.
Despite NEVER clicking on "Ci" my connection is disconnected (there's something in the text about 30 minutes?) and when you attempt to re-connect through Internet Explorer it comes up with a different homepage, get the idea?

The box with Spanish text is titled "Internet Private Zone".

Sometimes, after this, a warning comes up through my anti virus software (Avast) to say Mallware has been detected.


Not only that, but this sod leaves a number of shortcuts for "explorer", "exsplorer" and "WinMovePlugIn" spread across the desktop, start menu, my documents - and possibly others I've yet found.

I reckon these things are likely to have no effect unless of course you actually open them up.
So, first things first, I set about deleting each and every one of these things, including the alternate connection available in the Internet Options/Connections window.
I also empty my Temporary Internet Files folder ASAP.

...And it'll still come back. Not immediatly, not on the same day. Perhaps not even in the same WEEK - but it will return, for whatever reasons and however this thing works.

-----

Now, hopefully, there's enough information above for perhaps one of you to be able to assist me - I'd like to think that, to someone out there, resolving this would be like "Child's Play", as they say. If you do need any more information, and can point me in the direction as to where to get it, then please, do ask, I'll be happy to help.

I'd presume very little of my private information is at threat here, but just in case, I'm keeping all secure access (well, banking etc.) out of the way 'til this things' hopefully sorted.


Thanks very much, I'd really appreciate your help on this matter.

I have already tried searching Google but I can't find anything, so I'm probably not searching correctly. That process worked with something before, "Spy Sherrif", which actually had some similarities to this.
Wed 05/10/05 at 09:56
Moderator
"Are you sure?"
Posts: 5,000
WkieeMn wrote:
> There's also AdAware, which used to be free for personal use, but it
> seems isn't any more:
> [URL]http://www.lavasoft.de/default.shtml.en[/URL]

Ad-Aware SE is still free - the site pushes you in the direction of the non-free products. Use the links bottom right on the home page to download the free version...
Tue 04/10/05 at 23:17
Regular
"NULL"
Posts: 1,384
Never ever click any buttons on any popup messages - not even the "Non" option! Either right click on the taskbar icon and click Close, or use Ctrl+Alt+Del to close it.
Tue 04/10/05 at 23:07
Regular
"bing bang bong"
Posts: 3,040
This is a pretty good page to read up about your problems: http://www.io.com/~cwagner/spyware/
Tue 04/10/05 at 22:32
Regular
"High polygon count"
Posts: 15,624
Niddle wrote:
> Used to be one of the best pieces of free software around

Yup. I still use the free version.
Tue 04/10/05 at 22:30
"slightlyshortertagl"
Posts: 10,759
WkieeMn wrote:
> There's also AdAware, which used to be free for personal use, but it
> seems isn't any more:
> [URL]http://www.lavasoft.de/default.shtml.en[/URL]

whatthefook!!?!?!! :(:(:(

Used to be one of the best pieces of free software around
Tue 04/10/05 at 21:47
Regular
"High polygon count"
Posts: 15,624
Spybot: [URL]http://www.safer-networking.org/en/download/[/URL]

Spyware Blaster: [URL]http://www.javacoolsoftware.com/spywareblaster.html[/URL]

Bazooka: [URL]http://www.kephyr.com[/URL]

Microsoft Anti-Spyware: [URL]http://www.microsoft.com/athome/security/spyware/software/default.mspx[/URL] (Windows XP or 2000 only)

There's also AdAware, which used to be free for personal use, but it seems isn't any more: [URL]http://www.lavasoft.de/default.shtml.en[/URL]
Tue 04/10/05 at 21:41
Moderator
"Are you sure?"
Posts: 5,000
Sounds like you may have Chivio-B a dialer virus. Have a read of this from Sophos [URL]http://www.sophos.com/virusinfo/analyses/dialchiviob.html[/URL]


If you need more then google "chivio-B"

Hope that helps...
Tue 04/10/05 at 21:38
Regular
"tinycurve.gif"
Posts: 5,857
Oswaldo! wrote:
> No, where can I get that from?

[URL]http://www.download.com/Spybot-Search-Destroy/3000-8022_4-10401314.html?tag=pop[/URL]
Tue 04/10/05 at 21:13
Regular
"the burning sky"
Posts: 4,984
Try all the spyware removal programs including the Microsoft one, and if none pick it up, a format is probably the best option.
Tue 04/10/05 at 21:05
Regular
"Long time no see!"
Posts: 8,351
No, where can I get that from?

Freeola & GetDotted are rated 5 Stars

Check out some of our customer reviews below:

Excellent
Excellent communication, polite and courteous staff - I was dealt with professionally. 10/10
LOVE it....
You have made it so easy to build & host a website!!!
Gemma

View More Reviews

Need some help? Give us a call on 01376 55 60 60

Go to Support Centre
Feedback Close Feedback

It appears you are using an old browser, as such, some parts of the Freeola and Getdotted site will not work as intended. Using the latest version of your browser, or another browser such as Google Chrome, Mozilla Firefox, or Opera will provide a better, safer browsing experience for you.