nForums.net -> Spyware that won't go away!!!

nForums.net

Arcade Help Search Members Calendar

Outline · [ Standard ] · Linear+

Spyware that won't go away!!!, ... nasty stuff

Track this topic | Email this topic | Print this topic

Bearsland

Apr 19 2004, 07:53 PM

Post #1

Lightning Pool Champion!

Midi Golf Champion!

Pepsi Pinball Champion!

Pool Jam Champion!

Grumpy Old Man

Group: VIP Member
Posts: 494
Joined: 17-March 04
Tournaments Won: 2

From: London. UK
Member No.: 4

There's been a lot of talk here lately about spyware, so just keep your eyes peeled for this one. guys.

Source and full story: Driverheaven.net

Thanks to Driverheaven for this story: Check out their site folks, lots of good info there. :)

QUOTE

I've come across the ugliest spyware to date. This thing will just not go away by normal means. Adaware, Spybot, nothing will remove it at this time.

I've been working on removing this spyware infection on a customer's computer for 2 days now. Adaware has an update to find the infection but what happens is that it can not be removed. Spybot doesn't detect it either. What happens is that Adaware finds this and says it will have to reboot, even in safe mode, and when the computer restarts, this spyware kills Adaware from starting up at startup. This spyware also connects to the internet and installs other spyware. Not only that but it digs itself into the Winlogon.exe file. You do NOT want this thing on your computer. The only way to remove this thing right now is by reinstalling windows and possibly by other complicated methods. Norton Antivirus 2004 did not detect it.

Now this thing is called: VX2.BetterInternet
The file is ausmsext.cpy.dll located in your system32 folder. This thing uses different DLL files and makes copies.
There is also a registry entry going into Hkey_Local_Machine/Software/Microsoft/Windows NT/winlogon/notify/guardian

Adaware classifies this thing as a Data Miner. Now there are ways to remove this but none of them are 100% and it finds ways of getting back. So the only sure way of removing this is a format and reinstall of Windows. Adaware finds it but can not fully remove it.
You can see how ugly this thing can be at the Adaware forums Here.

To help you avoid getting this thing, avoid the sites listed at: PCSympathy.com

This seems to be the only working method for removing this thing. It did not work for me but has worked for many others if you have this thing on your computer. Read the instructions Here

There is some good news in all of this. This can be blocked from installing on your system. Spyware Blaster blocks this from ever installing on your system. You can download it from Javacoolsoftware. Remember to update after installing it.

These types of infections are only going to get worse. Laws need to be put into place to punish companies that do this.

I totally agree with the last comment. :angry: :angry:

DutchKid	Apr 19 2004, 10:24 PM Post #2
Institutionalised Nutcase Group: Admin Posts: 576 Joined: 17-March 04 From: The Netherlands Member No.: 6	It's just sickening that peeps actualy find pleasure in screwing up other PCs... -------------------- -----------------------Live The Day At Hand-----------------------

Audiyoda	Apr 19 2004, 10:35 PM Post #3
Houston, we have a problem... Group: Moderator Posts: 340 Joined: 23-March 04 From: S of Superior-E of Michigan-W of Huron-N of HERE. Member No.: 64	Wow. Looks nasty. Real nasty. Makes me glad I use Mozilla - IE is so insecure and until M$ drops ActiveX controls like a bad habit, it always will be.

Songi	Apr 20 2004, 12:02 AM Post #4
Sensei Group: Moderator Posts: 560 Joined: 18-March 04 Tournaments Won: 1 Member No.: 7	spy ware just really pisses me off. i swear if i found the guys who did it i'd do something thats not very nice to them. -------------------- Do not run away; let go. Do not seek, for it will come when least expected. - Bruce Lee

Defcon9	Apr 20 2004, 12:19 AM Post #5
MAD about nFm Group: Private Member Posts: 98 Joined: 19-March 04 Member No.: 39	Great info. No laws will ever rid us of any spyware etc. but good information can certainally help protect. With teen girls, I'm constantly removeing GAIN ware. -------------------- Mad about nFm

Wiener3	Apr 20 2004, 02:14 AM Post #6
nFm [ progressor ] Group: Private Member Posts: 103 Joined: 18-March 04 From: Canada eh! Member No.: 8	For many years, the big problem has been software viruses written by malicious teenage hackers finding their way into our personal computers to set up shop with their own agendas. But today we face a new and even more insidious threat: Internet companies, whose apparent "bussiness model" is the explotation of consumer trust and ignorance, are sneaking thier spyware systems into our machines for thier own purposes. :grrr: -------------------- "I wish I were an Oscar Myer wiener"

amourdevin	Apr 27 2004, 05:19 AM Post #7
nFm [ not leaving ] Group: Full Member Posts: 78 Joined: 26-April 04 Member No.: 93	My IE homepage was "hijacked" once. It was a real chore to figure out and eradicate. Ultimately, I found answers here for removing spyware & hijackware: Spyware Removal Help . . . not a bad idea to bookmark this before you need it! This post has been edited by amourdevin: Apr 27 2004, 05:19 AM

Jobefx	May 1 2004, 12:18 AM Post #8
nFm [ not leaving ] Group: Full Member Posts: 71 Joined: 4-April 04 Member No.: 81	There seems to be a way to remove this one now. Nasty stuff like this can only last for so long before it pisses off the right people and a fix is found. heres the link if you have are infected http://www.pchell.com/support/look2me.shtml jobefx This post has been edited by Bearsland: May 1 2004, 01:27 AM

Slace	May 2 2004, 04:45 AM Post #9
nFm [ Level 1 ] Group: Private Member Posts: 248 Joined: 21-March 04 Member No.: 52	the line between spyware and virus is closing... -------------------- bash-2.05$ cd /pub bash-2.05$ more beer

Zone55555	May 3 2004, 01:04 AM Post #10
nFm [ progressor ] Group: Full Member Posts: 134 Joined: 3-May 04 Member No.: 97	Thanks for posting that - I hate spyware almost as much as I hate spam, and the only reason I don't hate it more is that I've been suffering spam for ten years. Spammers and the asshats who write these things ought to be lined up against the wall and introduced to the business end of a 12-gauge shotgun.

mcelb1200	May 19 2004, 04:14 AM Post #11
nFm [ Level 1 ] Group: Full Member Posts: 240 Joined: 29-April 04 From: Melbourne, Australia Member No.: 94	Another case for open source... I love Firefox 0.8! -------------------- ... just let me see if I can get that log out of your eye...

« Next Oldest · Public News · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members: