nForums.net -> Spyware that won't go away!!!

nForums.net

Arcade Help Search Members Calendar

[ Outline ] · Standard · Linear+

Spyware that won't go away!!!, ... nasty stuff

Track this topic | Email this topic | Print this topic

Bearsland

Apr 19 2004, 07:53 PM

Post #1

Grumpy Old Man

Group: VIP Member
Posts: 494
Joined: 17-March 04
From: London. UK
Member No.: 4

There's been a lot of talk here lately about spyware, so just keep your eyes peeled for this one. guys.

Source and full story: Driverheaven.net

Thanks to Driverheaven for this story: Check out their site folks, lots of good info there. :)

QUOTE

I've come across the ugliest spyware to date. This thing will just not go away by normal means. Adaware, Spybot, nothing will remove it at this time.

I've been working on removing this spyware infection on a customer's computer for 2 days now. Adaware has an update to find the infection but what happens is that it can not be removed. Spybot doesn't detect it either. What happens is that Adaware finds this and says it will have to reboot, even in safe mode, and when the computer restarts, this spyware kills Adaware from starting up at startup. This spyware also connects to the internet and installs other spyware. Not only that but it digs itself into the Winlogon.exe file. You do NOT want this thing on your computer. The only way to remove this thing right now is by reinstalling windows and possibly by other complicated methods. Norton Antivirus 2004 did not detect it.

Now this thing is called: VX2.BetterInternet
The file is ausmsext.cpy.dll located in your system32 folder. This thing uses different DLL files and makes copies.
There is also a registry entry going into Hkey_Local_Machine/Software/Microsoft/Windows NT/winlogon/notify/guardian

Adaware classifies this thing as a Data Miner. Now there are ways to remove this but none of them are 100% and it finds ways of getting back. So the only sure way of removing this is a format and reinstall of Windows. Adaware finds it but can not fully remove it.
You can see how ugly this thing can be at the Adaware forums Here.

To help you avoid getting this thing, avoid the sites listed at: PCSympathy.com

This seems to be the only working method for removing this thing. It did not work for me but has worked for many others if you have this thing on your computer. Read the instructions Here

There is some good news in all of this. This can be blocked from installing on your system. Spyware Blaster blocks this from ever installing on your system. You can download it from Javacoolsoftware. Remember to update after installing it.

These types of infections are only going to get worse. Laws need to be put into place to punish companies that do this.

I totally agree with the last comment. :angry: :angry:

Posts in this topic

Bearsland Spyware that won't go away!!! Apr 19 2004, 07:53 PM

DutchKid It's just sickening that peeps actualy find pl... Apr 19 2004, 10:24 PM

Audiyoda Wow. Looks nasty. Real nasty. Makes me glad I u... Apr 19 2004, 10:35 PM

Songi spy ware just really pisses me off. i swear if i f... Apr 20 2004, 12:02 AM

Defcon9 Great info. No laws will ever rid us of any spywar... Apr 20 2004, 12:19 AM

Wiener3 For many years, the big problem has been software ... Apr 20 2004, 02:14 AM

amourdevin My IE homepage was "hijacked" once. It ... Apr 27 2004, 05:19 AM

Jobefx There seems to be a way to remove this one now. Na... May 1 2004, 12:18 AM

Slace the line between spyware and virus is closing... May 2 2004, 04:45 AM

Zone55555 Thanks for posting that - I hate spyware *almost* ... May 3 2004, 01:04 AM

mcelb1200 Another case for open source... I love Firefox 0.8... May 19 2004, 04:14 AM

« Next Oldest · Public News · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members: