Sign in with
Sign up | Sign in
Your question

Spyware Attacked Me! HELP!

Last response: in Windows XP
Share
August 7, 2005 6:48:50 AM

Seems as if somthing slipped by my scanners. This one is a real biatch! No matter how many times I delete it, It replicates itself with a new name of random letters! A Squared is useless and nothing else I know of can kill it. Any ideas?

<font color=red>"Battling Gimps and Dimbulbs HERE at THGC"</font color=red>

"<font color=blue> Wusy</font color=blue> <-Professional sheep banger"

More about : spyware attacked

August 7, 2005 7:56:47 AM

SB will run, just doesnt kill this.... I realy dont want to reformat... DAMN!!!

<font color=red>"Battling Gimps and Dimbulbs HERE at THGC"</font color=red>

"<font color=blue> Wusy</font color=blue> <-Professional sheep banger"
August 7, 2005 9:53:40 PM

Contact Nancy Kerrigan's lawyer immediately if you really felt it attacked you. That's a big law suit.

You could try Microsoft's anti-spyware program or use Pandasoftware.com's online spyware/antivirus program.

What kind of problems are you having and what's the spyware you're infected with?
Related resources
August 7, 2005 9:55:03 PM

In my years of fixing computers, I've never seen a piece of spyware bad enough to require a reformat. What are your scanners identifying the spyware as? What symptoms are you getting? Where are the random-letter files located?

Give us some details and I'm sure we can fix it without a reformat.
August 7, 2005 10:18:05 PM

Regardless of how bad your system is running, I refuse to believe there is a point where the only solution is a reformat.
August 7, 2005 11:15:11 PM

The spyware resides in my C: Windows folder, but thats not my biggest problem, It seems that I have a hijacker or somthing that goes by the name of

Aorora -part of ABI network

SBm Ad-aware, and A-Squared cant seem to kill it! HELP!

Also I dont want to format, I need a new XP cd... Mine is scratched!

<font color=red>"Battling Gimps and Dimbulbs HERE at THGC"</font color=red>

"<font color=blue> Wusy</font color=blue> <-Professional sheep banger"
<P ID="edit"><FONT SIZE=-1><EM>Edited by Clob on 08/07/05 06:16 PM.</EM></FONT></P>
August 8, 2005 1:08:47 PM

It even gives you problems when you boot into Safe Mode?

Have you tried doing a system restore after you run any form of antispyware?

Run it in Safe Mode if you can.
August 8, 2005 8:44:21 PM

Sounds like a job for Hijackthis!. <A HREF="http://www.spywareinfo.com/~merijn/downloads.html" target="_new">Clicky</A>

Download it, read the quickstart info, sign up on the Tomcoyote forums and post your log there <A HREF="http://www.tomcoyote.org/" target="_new">clicky</A>. In a couple days, (usually hours) you'll have a reply with instructions... do them, post a new log.., get new instructions.. etc. Could take 3 or 4 iterations to get a clean system.

Mike.

<font color=blue>Outside of a dog, a book is man's best friend. Inside the dog its too dark to read.
-- Groucho Marx</font color=blue>
August 9, 2005 3:02:00 PM

This is your best bet:

Download the following programs-
Ad-Aware (www.lavasoft.com)
Microsoft Antispyware Beta (www.microsoft.com)
Webroot Spysweeper (www.webroot.com)
HijackThis (www.spywareinfo.com/~merijn/)

Install and run the first three, and update them all to the newest definitions. BOOT INTO SAFE MODE, then run them in this order:

Ad-Aware, Full Scan. Repair everything it finds.
Spysweeper. Repair everything it finds.
Microsoft Antispyware Beta, full scan. Generally you can remove everything it finds, but double-check to be sure. Make sure "remove" is selected beside each item, not "ignore".

Reboot into windows, run HijackThis, copy the log and post it either to the website mentioned above, or this forum. I can help you from there.
August 14, 2005 5:02:09 AM

I have used all of those above and to no avail I still have spyware rooting in my windows folder giving me a headache. I wonder when it will be less of a headache to just reinstall xp (after I buy a new cd burner)

<font color=red>"Battling Gimps and Dimbulbs HERE at THGC"</font color=red>

"<font color=blue> Wusy</font color=blue> <-Professional sheep banger"
August 14, 2005 5:17:50 AM

Sunbelt's CounterSpy is worth a shot. Their DNR techniques might just be what you're looking for.

<A HREF="http://www.sunbeltsoftware.com/CounterSpy.cfm" target="_new">CounterSpy</A>

_____________
<i>There are 10 kinds of people in the world - those who understand binary
and those who don't</i>
August 16, 2005 1:29:05 AM

I have been using Sunbelt Counterspy and there isn't much that can slip by. One of the magazines said it gets 87%.Not sure if that is true but it might be close.

Is it true that cannibals don't eat clowns because they taste funny?
August 16, 2005 9:06:18 AM

I will give that a try thanks. There was a program I once had that would bombard a file untill it gave up or somthing. Worked for somthing similar before this. I just cant remember the name...

<font color=red>"Battling Gimps and Dimbulbs HERE at THGC"</font color=red>

"<font color=blue> Wusy</font color=blue> <-Professional sheep banger"
August 18, 2005 12:07:55 AM

Try this, if you know the file/malware file name ... <A HREF="http://www.snapfiles.com/get/moveonboot.html" target="_new">MoveOnBoot</A>


<b>"The Edge - there is no honest way to explain it because the only people who really know where it is are the ones who have gone over." Hunter S. Thompson, </b><b><i>Hell's Angels, 1965</i></b>
August 18, 2005 8:30:12 AM

Counter spy did not kill it... GRR! This is getting old fast.

<font color=red>"Battling Gimps and Dimbulbs HERE at THGC"</font color=red>

"<font color=blue> Wusy</font color=blue> <-Professional sheep banger"
August 18, 2005 8:43:07 AM

IT WORKED! I LOVE YOU I LOVE YOU I LOVE YOU!



<font color=red>"Battling Gimps and Dimbulbs HERE at THGC"</font color=red>

"<font color=blue> Wusy</font color=blue> <-Professional sheep banger"
August 18, 2005 8:45:49 AM

SCRATCH THAT! IT DIDNT WORK! GRRRRAAAAAA!!

Look like im forking up $$ for a new dvd drive... Ill make a post in the correct forum.

<font color=red>"Battling Gimps and Dimbulbs HERE at THGC"</font color=red>

"<font color=blue> Wusy</font color=blue> <-Professional sheep banger"
August 19, 2005 11:34:57 PM

Please ... don't say you love me ever again ...


<b>"The Edge - there is no honest way to explain it because the only people who really know where it is are the ones who have gone over." Hunter S. Thompson, </b><b><i>Hell's Angels, 1965</i></b>
August 20, 2005 7:24:22 PM

Clob ... if you promise not to say you love me, I'll give you another suggestion ... <A HREF="http://www.pcworld.com/downloads/file_description/0,fid..." target="_new">Force Delete</A> ...

Quote:
Have you ever tried to delete a file or folder, only to get a Windows error message saying no can do? Maybe you're having a bad hair day, but more likely the file is being used by a program. Try downloading ForceDel, a utility that works with all Windows versions to force delete the stubborn file. The program runs from a DOS command window (click Start, Run, and type "cmd"). Enter forcedel filename to give the file the boot for good.


<b>"The Edge - there is no honest way to explain it because the only people who really know where it is are the ones who have gone over." Hunter S. Thompson, </b><b><i>Hell's Angels, 1965</i></b>
August 21, 2005 9:00:55 AM

Quote:
No matter how many times I delete it, It replicates itself with a new name of random letters!

Now that I've thought about it, I'm thinking that it's NOT spyware.

It sounds like a virus/trojan/worm. Here are some things you can try:
1. <A HREF="http://www.housecall.trendmicro.com" target="_new">Housecall</A>
2. <A HREF="http://sophos.com/support/knowledgebase/article/3251.ht..." target="_new">SAV32CLI from Sophos</A> - Be sure to read the instructions on the site. The scan is actually performed in Safe Mode at the command prompt to make it more difficult for the trojan/virus/worm to do its thing.
3. <A HREF="http://eset.com/download/trial.htm" target="_new">NOD32</A> - Before installing, you will need to uninstall your current antivirus application and reboot.

I'm guessing that your current AV scanner isn't cutting it since it hasn't found anything, so the above scanners could help. Also, are you using a firewall? If not, download <A HREF="http://www.download.com/ZoneAlarm/3000-10435_4-10421033..." target="_new">ZoneAlarm</A>.

Good luck!

_____________
<i>There are 10 kinds of people in the world - those who understand binary
and those who don't</i>
August 21, 2005 11:32:30 AM

LOL.. Thanks guys... I Will give them a try.

BTW- Its forum love (a kind of pat you on tha back thing)... I dont swing that way buddy!

<font color=red>"Battling Gimps and Dimbulbs HERE at THGC"</font color=red>

"<font color=blue> Wusy</font color=blue> <-Professional sheep banger"
August 21, 2005 11:36:30 AM

I kinda bit the bullet and did the Format thing... I't didnt hit me that I dont have the problem anymore.. Ive only ben up 30hrs... Gotta excuse me lol

<font color=red>"Battling Gimps and Dimbulbs HERE at THGC"</font color=red>

"<font color=blue> Wusy</font color=blue> <-Professional sheep banger"
August 21, 2005 3:56:43 PM

lol ... I was just joking with you dude ... ;) 


<b>"The Edge - there is no honest way to explain it because the only people who really know where it is are the ones who have gone over." Hunter S. Thompson, </b><b><i>Hell's Angels, 1965</i></b>
August 21, 2005 6:57:20 PM

Hey, it's actually true that many computer repair shops end up reformatting the machine over 60% of the time due to time restraints and the high level of spyware and virus infections. Of course, that may be an underestimation.

At least you got the problem wiped away! :D 

_____________
<i>There are 10 kinds of people in the world - those who understand binary
and those who don't</i>
August 21, 2005 8:15:10 PM

I was jokeing too! JEEZE! GRR!

Computer shops around here charge between $50 and $70 benchtime and charge around $30 for spyware/virus clean and optimization.

Then they charge like 20% over newegg prices for parts then they charge labor!

<font color=red>"Battling Gimps and Dimbulbs HERE at THGC"</font color=red>

"<font color=blue> Wusy</font color=blue> <-Professional sheep banger"
August 22, 2005 2:13:04 PM

Newegg doesn't have to keep a store front open.. 15-20% market is standard on anything you purchase anywhere, even in automobiles.

They have to pay their bills, plus they're a little more convenient than shipping you PC back to IBM to have it fixed.

They work off people who don't know what they're doing.. $30 for spyware.. which normally will take 30 minutes to clean a PC up if you had it in front of you, depending. Sometimes it could take longer.. I had a laptop in my office from a co-workers friend. Took me 3 days, about 6-7 hours to get to cleaned up and running better. Never saw a 1.8ghz laptop run like a 200mhz after it was cleaned up and everything.

Everyone needs to make their money, rent is expensive. Used to have a ton of home computer shops around, now we have 3 because the people get things cheaper, but then they lack the same day or next day support.
!