New posts

Fucking Goddamn Spyware

Thread starter jack
Start date Jul 8, 2007

jack

The Legendary Troll Kingdom

Jul 8, 2007

#1

I was doing a picture post this morning, and the pic site tricked me into downloading it's beacon to go to its website and download it's malware. It's only about halfway on, managing to insinuate itself into my righthand toolbar. Every couple of minutes it flashes a message and an alert saying my computer is infected with some malware bug, and then redirects me to its site, where that site becomes my home page. I don't know if it's beaconing or not, becase AVGfree and AdAware say its all good. But this icon is on my toolbar by the clock, and I cant delete the exe files in the folder, even by going into DOS and cancelling every attribute known to man. It doesn't seem to be doing anything except wanting me to download their software, but the way it's installed itself into my system (the first time I scanned it with AD aware there were 4 new registry values and a new folder, and that would be the three exe files and the .dll alert file) really bothers me.

Any ideas on how to get the folder deleted?

Blindgroping

U mad 'bro?

Jul 8, 2007

#2

Try laughing at it.
I am.

FBI parte due

Folces Weard

Jul 8, 2007

#3

Try booting up in Safe Mode. If that fails, download Spybot and try scanning and removing with that.

headvoid

Can I have Ops?

Jul 9, 2007

#4

Bitch. I use Hitman Pro for shit like this, but I've never had anything like you describe and I visit Gay Nazi Monkey porn sites so I should know.

Grammour Boy

Rebel

Jul 9, 2007

#5

Spy Sweeper is a good preventive measure.

eloisel

Forever Empress E

Jul 9, 2007

#6

can you go back to a restore point before that software was downloaded?

And, yeah, Spy Sweeper is good stuff.

The Dork Lord

Whipping Boy

Jul 9, 2007

#7

Take your computer and beat someone to death with it.

Won't solve your problem, but you'll feel better afterwards.

jack

The Legendary Troll Kingdom

Jul 9, 2007

#8

eloisel said:
can you go back to a restore point before that software was downloaded?

And, yeah, Spy Sweeper is good stuff.

I used Spybot S & D, and that deleted the folder and removed 139 trojans. I cant get the link off the taskbar next to the clock, still.

And it won't let me perviously restore, it boots itself first. But the trojans and bots are all out, and everything seems norbal.

It's booting itself during startup....is that config.sys, or autoexex bat? I forget. But it's the thing that asks you when installing if you want an icon on the taskbar.

Grammour Boy

Rebel

Jul 9, 2007

#9

msconfig

Grammour Boy

Rebel

Jul 9, 2007

#10

eloisel said:
can you go back to a restore point before that software was downloaded?

And, yeah, Spy Sweeper is good stuff.

BTW, more recent trojans are installing themselves in the system restore folder. So when you restore to an earlier point they are still there. Be careful about that. Make sure you have anti-spyware software that will scan system restore as well.

jack

The Legendary Troll Kingdom

Jul 9, 2007

#11

Grammour Boy is one of teh Good Ones imo.

Lilac

Luci ain't got nothin' on me.

Jul 9, 2007

#12

He has his uses.

Colonel Kira's Left Tit

Bearded Belly of Bajor

Jul 10, 2007

#13

Problem solved, apparently, but if you still had the icon in the systray there may still be remnants of the thing lurking around. You probably shitcanned it effectively using Spybot, but you might want to try running it in Safe Mode as well. Let us know.

Oh, and find a better browser to avoid this shit in the future.

Ishcabittle

Member

Jul 10, 2007

#14

I went through this a while back, and all of the spyware sweeping did what it was supposed to, leaving that annoying notification in the systray. That notification ended up being tied to what was later identified as a virus - expand your troubleshooting to include virus detection/removal and see if that helps at all.

I recommend Avira Antivir Personal Classic Edition - was rated number two a while back and it's free.

Lawrence Connor

New Member

Jul 10, 2007

#15

> Check THIS Out <

jack

The Legendary Troll Kingdom

Jul 10, 2007

#16

You should be shitcanned for that bullshit.

jack

The Legendary Troll Kingdom

Jul 10, 2007

#17

Colonel Kira's Left Tit said:
Problem solved, apparently, but if you still had the icon in the systray there may still be remnants of the thing lurking around. You probably shitcanned it effectively using Spybot, but you might want to try running it in Safe Mode as well. Let us know.

Oh, and find a better browser to avoid this shit in the future.

It's all fixed except for that blinking bullshit in the tray that still links to their site. What the thing did was download all this spyware to my computer, with the "solution" being forced to buy this product to get it to uninstall.

Search and Destroy (spybot) did a better job than SpySweeper.

I'm going to try the virus thing, although AVG and AdAware say it's all clean too.

jack

The Legendary Troll Kingdom

Jul 10, 2007

#18

That Virus program is fucking awesome. The bad files had renamed themselves into a temp folder and were unseen. Avira found them.

Theres this one .sys program that nothing seems to be able to touch, and I can't "see" it, even though Avira indicates it can't open it. Fucked up.

Thanks to everyone but BG for the assistance.

jack

The Legendary Troll Kingdom

Jul 11, 2007

#19

Spybot CAUGHT the fucker this morning when it tried to change the registry again

! Finally. That and Avira make the perfect one two punch.

Ishcabittle

Member

Jul 11, 2007

#20

nice! good to hear everything came up peaches.

Show hidden low quality content

You must log in or register to reply here.

Share:

Facebook Twitter Reddit Pinterest Tumblr WhatsApp Email Link

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn more…