Spyware cleaning gone awry

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

Hello to all. I was cleaning the TONS of spyware my 18-yr old daughter had
managed to accumulate on her D4300 and now I've gone and trashed her network
connectivity. I think I got a bit too aggressive in deleting and renaming
some suspicious files, then I turned OFF system restore to clean everything
out, and now I'm getting a message when I try to repair the network that it
can not get an IP address renewal.

I deleted ALL the entries in the hosts file, thought that might have screwed
everything up so I copied the "hosts" file from my laptop, "127.0.0.1
loacalhost", thinking that would fix me up. Obviously, it didn't because
here I am. The network icon shows the speed of 100bps with "little or no
connectivity".

I wish I could remember each and every file I "fixed" with HiJack-this and
each suspicious ".exe" file I renamed, but I cant. "rddd.exe" was one of
them and I couldn't locate any info on it. Also "lrrrar.exe"

Any help will be appreciated, all her schoolwork and such is on the machine
and I would hate to have to reinstall windows again.

Thanks in advance for any lifelines you can toss my way and regards,
Morey G.
D4300
WinXP SP2 Home Edition

 

[Taxman]

Archived from groups: alt.sys.pc-clone.dell (More info?)

On Mon, 28 Mar 2005 03:29:55 GMT, "Morey G" <moreyag@nospamfrontiernet.net>
wrote:

>Hello to all. I was cleaning the TONS of spyware my 18-yr old daughter had
>managed to accumulate on her D4300 and now I've gone and trashed her network
>connectivity. I think I got a bit too aggressive in deleting and renaming
>some suspicious files, then I turned OFF system restore to clean everything
>out, and now I'm getting a message when I try to repair the network that it
>can not get an IP address renewal.
>
>I deleted ALL the entries in the hosts file, thought that might have screwed
>everything up so I copied the "hosts" file from my laptop, "127.0.0.1
>loacalhost", thinking that would fix me up. Obviously, it didn't because
>here I am. The network icon shows the speed of 100bps with "little or no
>connectivity".
>
>I wish I could remember each and every file I "fixed" with HiJack-this and
>each suspicious ".exe" file I renamed, but I cant. "rddd.exe" was one of
>them and I couldn't locate any info on it. Also "lrrrar.exe"
>
>Any help will be appreciated, all her schoolwork and such is on the machine
>and I would hate to have to reinstall windows again.
>
>Thanks in advance for any lifelines you can toss my way and regards,
>Morey G.
>D4300
>WinXP SP2 Home Edition

This is a common problem and there are several free tools that will repair
the WinXP TCP/IP stack and fix left-over LSP's from removed
spyware/adware/malware.

Here's a few:

http://www.sofotex.com/XP-TCP/IP-Repair-download_L28107.html

http://www.xp-smoker.com/freeware.html

I noticed that somebody suggested you re-install TCP/IP. That cannot be
done on WinXP, but the tools above should be able to fix you up.



--
NewsPlex Discussion Group: http://groups.yahoo.com/group/NewsPlex/

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

Morey G wrote:
> Hello to all. I was cleaning the TONS of spyware my 18-yr old daughter had
> managed to accumulate on her D4300 and now I've gone and trashed her network
> connectivity. I think I got a bit too aggressive in deleting and renaming
> some suspicious files, then I turned OFF system restore to clean everything
> out, and now I'm getting a message when I try to repair the network that it
> can not get an IP address renewal.
>
> I deleted ALL the entries in the hosts file, thought that might have screwed
> everything up so I copied the "hosts" file from my laptop, "127.0.0.1
> loacalhost", thinking that would fix me up. Obviously, it didn't because
> here I am. The network icon shows the speed of 100bps with "little or no
> connectivity".
>

Well the first thing to try is Windows' System Restore, but if that
fails this is how I'd proceed. First I'd open the Control Panel ->
Network Connections and remove/reinstall everything (in particular
TCP/IP). From there go to DOS (Start -> Run -> CMD [OK]) and type
ipconfig /renew.

> I wish I could remember each and every file I "fixed" with HiJack-this and
> each suspicious ".exe" file I renamed, but I cant. "rddd.exe" was one of
> them and I couldn't locate any info on it. Also "lrrrar.exe"
>

Be very careful with HijackThis!, every time I recommend it here I
always tell people to be sure they know what they're doing -- this is why.

> Any help will be appreciated, all her schoolwork and such is on the machine
> and I would hate to have to reinstall windows again.
>

Saving her data is simple as long as you don't do anything irrational.
The simplest method is if she has a CD or DVD burner, simply copy all
her personal data to that. The next method is to connect an external
HDD or even a USB thumbdrive (which ought to be adequate for most word
documents, etc.). Lastly you could recover the data with a Live Linux
CD (transfer over the network to another computer).

> Thanks in advance for any lifelines you can toss my way and regards,
> Morey G.
> D4300
> WinXP SP2 Home Edition
>
>

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

"Morey G" <moreyag@nospamfrontiernet.net> wrote:

>Hello to all. I was cleaning the TONS of spyware my 18-yr old daughter had

>Any help will be appreciated, all her schoolwork and such is on the machine
>and I would hate to have to reinstall windows again.
>
>Thanks in advance for any lifelines you can toss my way and regards,

Since a half-dozen people have already responded with excellent
advice, the "belabor the obvious" task falls to me.

When you first *found* that "TONS of spyware", your first choice
should have been a complete reformat [and repartition if the
previous install was configured with multiple partitions/logical
drives/etc.] and reinstall of her Windows and apps. Granted, it
is too late for this one, but if she has younger siblings, it is
almost certain you'll face this problem again. ;-> The typical
teen-ager's firm believe that "nothing bad will ever happen to
*me*" applies equally to computers as it does to automobiles and
the other hazards they face.
--
OJ III
[Email to Yahoo address may be burned before reading.
Lower and crunch the sig and you'll net me at comcast.]

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

"Morey G" <moreyag@nospamfrontiernet.net> wrote in message
news:TSK1e.44418$rB3.8254345@twister.nyc.rr.com...
| Hello to all. I was cleaning the TONS of spyware my 18-yr old daughter had
| managed to accumulate on her D4300 and now I've gone and trashed her
network
| connectivity. I think I got a bit too aggressive in deleting and renaming
| some suspicious files, then I turned OFF system restore to clean
everything
| out, and now I'm getting a message when I try to repair the network that
it
| can not get an IP address renewal.

| Thanks in advance for any lifelines you can toss my way and regards,
| Morey G.
| D4300
| WinXP SP2 Home Edition

Try this;
http://www.snapfiles.com/get/winsockxpfix.html

"WinSock XP Fix offers a last resort if your Internet connectivity has been
corrupted due to invalid or removed registry entries. It can often cure the
problem of lost connections after the removal of Adware components...."

--
D

I'm not an MVP a VIP nor do I have ESP.
I was just trying to help.
Please use your own best judgment before implementing any suggestions or
advice herein.
No warranty is expressed or implied.
Your mileage may vary.
See store for details.

Remove shoes to E-mail.

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

On Mon, 28 Mar 2005 03:29:55 GMT, in
<TSK1e.44418$rB3.8254345@twister.nyc.rr.com>, "Morey G"
<moreyag@nospamfrontiernet.net> wrote:

>Hello to all. I was cleaning the TONS of spyware my 18-yr old daughter had
>managed to accumulate on her D4300 and now I've gone and trashed her network
>connectivity. I think I got a bit too aggressive in deleting and renaming
>some suspicious files, then I turned OFF system restore to clean everything
>out, and now I'm getting a message when I try to repair the network that it
>can not get an IP address renewal.
>
>I deleted ALL the entries in the hosts file, thought that might have screwed
>everything up so I copied the "hosts" file from my laptop, "127.0.0.1
>loacalhost", thinking that would fix me up. Obviously, it didn't because
>here I am. The network icon shows the speed of 100bps with "little or no
>connectivity".
>
>I wish I could remember each and every file I "fixed" with HiJack-this and
>each suspicious ".exe" file I renamed, but I cant. "rddd.exe" was one of
>them and I couldn't locate any info on it. Also "lrrrar.exe"
>
>Any help will be appreciated, all her schoolwork and such is on the machine
>and I would hate to have to reinstall windows again.
>
>Thanks in advance for any lifelines you can toss my way and regards,
>Morey G.
>D4300
>WinXP SP2 Home Edition

Looks like others have provided the needed help.

For my part I'll suggest the next time you rename suspect files
you simply add the extension "renamed" to them.

Example: suspect.exe becomes suspect.exe.renamed

Safe, but easy to reverse if necessary.

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

Thanks to ALL for the great advice and pointers. I've been up to my eyebrows
at work, so she's had to suffer with no network connectivity (serves her
right!) until I get home tonight and tackle the problem. I will post back to
let you all know how I've done.
A thanks to Jim for the "renamed" idea, that would have made life a LOT
easier and alos to Ogden for bringing a smile to my face (see below)!

.. ;-> The typical
> teen-ager's firm believe that "nothing bad will ever happen to
> *me*" applies equally to computers as it does to automobiles and
> the other hazards they face.
> --

She's a better driver than she is spyware avoider thank the Lord!

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

Well everyone, the network connectivity is back thanks to the repair
programs, and with it the random website pop-ups from the spyware. I'll
run Hijack This and instead of going on a "delete/rename binge", I'll take
the time to post the log file to the appropriate site and wait for the
experts to help me.

I really appreciate everyone's suggestions, and Ogden, just to let you
know, for some reason my younger girl has more PC sense than her older
sibling! She runs AdAware and Spybot EVERY Friday without fail and so far,
NO junkware has infested her PC.
Who said with age comes wisdom?

Regards
morey
"Morey G" <moreyag@nospamfrontiernet.net> wrote in message
news:mHh2e.2204$3T.1597@news02.roc.ny...
> Thanks to ALL for the great advice and pointers. I've been up to my
> eyebrows at work, so she's had to suffer with no network connectivity
> (serves her right!) until I get home tonight and tackle the problem. I
> will post back to let you all know how I've done.
> A thanks to Jim for the "renamed" idea, that would have made life a LOT
> easier and alos to Ogden for bringing a smile to my face (see below)!
>
> . ;-> The typical
>> teen-ager's firm believe that "nothing bad will ever happen to
>> *me*" applies equally to computers as it does to automobiles and
>> the other hazards they face.
>> --
>
> She's a better driver than she is spyware avoider thank the Lord!
>

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

Spyware Stoppers!
http://www.pcworld.com/reviews/article/0,aid,119572,00.asp

Rated #1 by PC World ($20 1st year, $10 thereafter; free two week trial):
http://www.sunbelt-software.com/CounterSpy.cfm

Try this one too (free for now):
http://www.microsoft.com/athome/security/spyware/software/default.mspx

"Morey G." <mgottesman@nospam.frontiernet.net> wrote in message
news:3cH2e.45926$rB3.8675461@twister.nyc.rr.com...
> Well everyone, the network connectivity is back thanks to the repair
> programs, and with it the random website pop-ups from the spyware. I'll
> run Hijack This and instead of going on a "delete/rename binge", I'll take
> the time to post the log file to the appropriate site and wait for the
> experts to help me.
>
> I really appreciate everyone's suggestions, and Ogden, just to let you
> know, for some reason my younger girl has more PC sense than her older
> sibling! She runs AdAware and Spybot EVERY Friday without fail and so far,
> NO junkware has infested her PC.
> Who said with age comes wisdom?
>
> Regards
> morey
> "Morey G" <moreyag@nospamfrontiernet.net> wrote in message
> news:mHh2e.2204$3T.1597@news02.roc.ny...
>> Thanks to ALL for the great advice and pointers. I've been up to my
>> eyebrows at work, so she's had to suffer with no network connectivity
>> (serves her right!) until I get home tonight and tackle the problem. I
>> will post back to let you all know how I've done.
>> A thanks to Jim for the "renamed" idea, that would have made life a LOT
>> easier and alos to Ogden for bringing a smile to my face (see below)!
>>
>> . ;-> The typical
>>> teen-ager's firm believe that "nothing bad will ever happen to
>>> *me*" applies equally to computers as it does to automobiles and
>>> the other hazards they face.
>>> --
>>
>> She's a better driver than she is spyware avoider thank the Lord!
>>
>
>

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

"Morey G." <mgottesman@nospam.frontiernet.net> wrote:

>Well everyone, the network connectivity is back thanks to the repair
>programs, and with it the random website pop-ups from the spyware. I'll
>run Hijack This and instead of going on a "delete/rename binge", I'll take
>the time to post the log file to the appropriate site and wait for the
>experts to help me.
>
>I really appreciate everyone's suggestions, and Ogden, just to let you
>know, for some reason my younger girl has more PC sense than her older
>sibling! She runs AdAware and Spybot EVERY Friday without fail and so far,
>NO junkware has infested her PC.
>Who said with age comes wisdom?

Yep. They ain't peas in a pod.

OTOH, all that means is that the younger girl will find another
way to give her daddy gray hair. That's the price men pay for
having daughters. ;->
--
OJ III
[Email to Yahoo address may be burned before reading.
Lower and crunch the sig and you'll net me at comcast.]

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

Cathy,
Thanks SO very much! I downloaded Counter Spy, ran it AFTER AdAware,
Spybot, CWS Shredder, and it found unbelieveable amounts of gop. It fixed
'em all and now her PC is running well.
I have to tell you, this girl of mine is an honor student, in the top 15 of
her graduating class, but has NO clue when it comes to these insidious
websites with all their junkware.
She said she was "just playing a few online games".......AAAAARRRRGGGGHHHH

Thanks again,
Morey


"Cathy De Viney" <NOSPAM.ccdeviney@cox.net> wrote in message
news:TCH2e.2641$Qz.1169@okepread05...
> Spyware Stoppers!
> http://www.pcworld.com/reviews/article/0,aid,119572,00.asp
>
> Rated #1 by PC World ($20 1st year, $10 thereafter; free two week trial):
> http://www.sunbelt-software.com/CounterSpy.cfm
>
> Try this one too (free for now):
> http://www.microsoft.com/athome/security/spyware/software/default.mspx
>
> "Morey G." <mgottesman@nospam.frontiernet.net> wrote in message
> news:3cH2e.45926$rB3.8675461@twister.nyc.rr.com...
>> Well everyone, the network connectivity is back thanks to the repair
>> programs, and with it the random website pop-ups from the spyware. I'll
>> run Hijack This and instead of going on a "delete/rename binge", I'll
>> take
>> the time to post the log file to the appropriate site and wait for the
>> experts to help me.
>>
>> I really appreciate everyone's suggestions, and Ogden, just to let you
>> know, for some reason my younger girl has more PC sense than her older
>> sibling! She runs AdAware and Spybot EVERY Friday without fail and so
>> far,
>> NO junkware has infested her PC.
>> Who said with age comes wisdom?
>>
>> Regards
>> morey
>> "Morey G" <moreyag@nospamfrontiernet.net> wrote in message
>> news:mHh2e.2204$3T.1597@news02.roc.ny...
>>> Thanks to ALL for the great advice and pointers. I've been up to my
>>> eyebrows at work, so she's had to suffer with no network connectivity
>>> (serves her right!) until I get home tonight and tackle the problem. I
>>> will post back to let you all know how I've done.
>>> A thanks to Jim for the "renamed" idea, that would have made life a LOT
>>> easier and alos to Ogden for bringing a smile to my face (see below)!
>>>
>>> . ;-> The typical
>>>> teen-ager's firm believe that "nothing bad will ever happen to
>>>> *me*" applies equally to computers as it does to automobiles and
>>>> the other hazards they face.
>>>> --
>>>
>>> She's a better driver than she is spyware avoider thank the Lord!
>>>
>>
>>
>
>
>

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

I have two college daughters too! They never scan anything and don't do
updates! Grrrrr!

Here are two more to help with spyware...

http://www.javacoolsoftware.com/spywareblaster.html
and
http://www.javacoolsoftware.com/spywareguard.html



"Morey G." <mgottesman@nospam.frontiernet.net> wrote in message
news:cII2e.45931$rB3.8687536@twister.nyc.rr.com...
> Cathy,
> Thanks SO very much! I downloaded Counter Spy, ran it AFTER AdAware,
> Spybot, CWS Shredder, and it found unbelieveable amounts of gop. It fixed
> 'em all and now her PC is running well.
> I have to tell you, this girl of mine is an honor student, in the top 15
> of her graduating class, but has NO clue when it comes to these insidious
> websites with all their junkware.
> She said she was "just playing a few online games".......AAAAARRRRGGGGHHHH
>
> Thanks again,
> Morey
>
>
> "Cathy De Viney" <NOSPAM.ccdeviney@cox.net> wrote in message
> news:TCH2e.2641$Qz.1169@okepread05...
>> Spyware Stoppers!
>> http://www.pcworld.com/reviews/article/0,aid,119572,00.asp
>>
>> Rated #1 by PC World ($20 1st year, $10 thereafter; free two week trial):
>> http://www.sunbelt-software.com/CounterSpy.cfm
>>
>> Try this one too (free for now):
>> http://www.microsoft.com/athome/security/spyware/software/default.mspx
>>
>> "Morey G." <mgottesman@nospam.frontiernet.net> wrote in message
>> news:3cH2e.45926$rB3.8675461@twister.nyc.rr.com...
>>> Well everyone, the network connectivity is back thanks to the repair
>>> programs, and with it the random website pop-ups from the spyware. I'll
>>> run Hijack This and instead of going on a "delete/rename binge", I'll
>>> take
>>> the time to post the log file to the appropriate site and wait for the
>>> experts to help me.
>>>
>>> I really appreciate everyone's suggestions, and Ogden, just to let you
>>> know, for some reason my younger girl has more PC sense than her older
>>> sibling! She runs AdAware and Spybot EVERY Friday without fail and so
>>> far,
>>> NO junkware has infested her PC.
>>> Who said with age comes wisdom?
>>>
>>> Regards
>>> morey
>>> "Morey G" <moreyag@nospamfrontiernet.net> wrote in message
>>> news:mHh2e.2204$3T.1597@news02.roc.ny...
>>>> Thanks to ALL for the great advice and pointers. I've been up to my
>>>> eyebrows at work, so she's had to suffer with no network connectivity
>>>> (serves her right!) until I get home tonight and tackle the problem. I
>>>> will post back to let you all know how I've done.
>>>> A thanks to Jim for the "renamed" idea, that would have made life a LOT
>>>> easier and alos to Ogden for bringing a smile to my face (see below)!
>>>>
>>>> . ;-> The typical
>>>>> teen-ager's firm believe that "nothing bad will ever happen to
>>>>> *me*" applies equally to computers as it does to automobiles and
>>>>> the other hazards they face.
>>>>> --
>>>>
>>>> She's a better driver than she is spyware avoider thank the Lord!
>>>>
>>>
>>>
>>
>>
>>
>
>

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

> Spyware Stoppers!
<snip>

Remember to check they any product you try is not bogus though

http://spywarewarrior.com/rogue_anti-spyware.htm

--
Please add "[newsgroup]" in the subject of any personal replies via email
--- My new email address has "ngspamtrap" & @btinternet.com in it ;-) ---

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

Morey G. wrote:
> Cathy,
> Thanks SO very much! I downloaded Counter Spy, ran it AFTER AdAware,
> Spybot, CWS Shredder, and it found unbelieveable amounts of gop. It fixed
> 'em all and now her PC is running well.
> I have to tell you, this girl of mine is an honor student, in the top 15 of
> her graduating class, but has NO clue when it comes to these insidious
> websites with all their junkware.
> She said she was "just playing a few online games".......AAAAARRRRGGGGHHHH
>
> Thanks again,
> Morey
>
>
Does she run Mozilla/Firefox? That alone makes quite a difference.
Actually you may want to create a regular user account
(non-administrator) so that nothing too critical can be written by any
programs she's running.

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

On Thu, 31 Mar 2005 00:08:31 GMT, "Morey G."
<mgottesman@nospam.frontiernet.net> wrote:

>Who said with age comes wisdom?
>
"With age comes wisdom...but sometimes, age likes to travel alone."
--
<<<SgtRich>>>
Desktop: Dimension 8400
Notebook: Dimension 8600
Both running Microsoft Windows XP Home Edition

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

Cathy De Viney wrote:

> I have two college daughters too! They never scan anything and don't do
> updates! Grrrrr!
>
> Here are two more to help with spyware...
>
> http://www.javacoolsoftware.com/spywareblaster.html
> and
> http://www.javacoolsoftware.com/spywareguard.html
>
>
Have you considered enabling remote assistance? You can log on and do
the updates yourself. Be sure to set a stong (use at least 3 of the
following: one capital, lowercase, number, or punctuation mark in an 8+
character password) or else the computer can be easily owned. If they
live on campus, the school's firewall may pose some issues; but there's
ways around it (SSH tunneling). It may be worth looking into if you're
concerned.

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

I just want to take a moment to thank everyone for their help, suggestions,
good humour, and most of all their generosity of time. It never ceases to
amaze me that every time I (or anyone else) place a post here there's always
a rush of people to help.
I know I'm not supposed to get all soft but I truly appreciate the
assistance.

And to Ogden.....boy are you on the money! The only thing i have in my favor
is there's NO hair left to turn gray! It's already long gone....

see you all in the posts,
morey


"SgtRich" <UseNewsgroup@NotEmail.invalid> wrote in message
news:gsen41t7hm0bdp569mpu90q91lo2iqpiuu@4ax.com...
> On Thu, 31 Mar 2005 00:08:31 GMT, "Morey G."
> <mgottesman@nospam.frontiernet.net> wrote:
>
>>Who said with age comes wisdom?
>>
> "With age comes wisdom...but sometimes, age likes to travel alone."
> --
> <<<SgtRich>>>
> Desktop: Dimension 8400
> Notebook: Dimension 8600
> Both running Microsoft Windows XP Home Edition

 

[Guest]

Archived from groups: alt.sys.pc-clone.dell (More info?)

I have 3 daughters, so I know where you are coming from. So do they.
They gave me a Fathers Day Card a few years ago that read:

"We know we do somethings that turn your hair grey, but we did not
mean to make it fall out ... Really! "

Mike
On Thu, 31 Mar 2005 11:16:38 GMT, "Morey G"
<moreyag@nospamfrontiernet.net> wrote:

>I just want to take a moment to thank everyone for their help, suggestions,
>good humour, and most of all their generosity of time. It never ceases to
>amaze me that every time I (or anyone else) place a post here there's always
>a rush of people to help.
>I know I'm not supposed to get all soft but I truly appreciate the
>assistance.
>
>And to Ogden.....boy are you on the money! The only thing i have in my favor
>is there's NO hair left to turn gray! It's already long gone....
>
>see you all in the posts,
>morey
>
>
>"SgtRich" <UseNewsgroup@NotEmail.invalid> wrote in message
>news:gsen41t7hm0bdp569mpu90q91lo2iqpiuu@4ax.com...
>> On Thu, 31 Mar 2005 00:08:31 GMT, "Morey G."
>> <mgottesman@nospam.frontiernet.net> wrote:
>>
>>>Who said with age comes wisdom?
>>>
>> "With age comes wisdom...but sometimes, age likes to travel alone."
>> --
>> <<<SgtRich>>>
>> Desktop: Dimension 8400
>> Notebook: Dimension 8600
>> Both running Microsoft Windows XP Home Edition
>