Menu
What's new
Troll Kingdom

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Fucking Goddamn Spyware

jack

jack

The Legendary Troll King
I was doing a picture post this morning, and the pic site tricked me into downloading it's beacon to go to its website and download it's malware. It's only about halfway on, managing to insinuate itself into my righthand toolbar. Every couple of minutes it flashes a message and an alert saying my computer is infected with some malware bug, and then redirects me to its site, where that site becomes my home page. I don't know if it's beaconing or not, becase AVGfree and AdAware say its all good. But this icon is on my toolbar by the clock, and I cant delete the exe files in the folder, even by going into DOS and cancelling every attribute known to man. It doesn't seem to be doing anything except wanting me to download their software, but the way it's installed itself into my system (the first time I scanned it with AD aware there were 4 new registry values and a new folder, and that would be the three exe files and the .dll alert file) really bothers me.

Any ideas on how to get the folder deleted?
 
Bitch. I use Hitman Pro for shit like this, but I've never had anything like you describe and I visit Gay Nazi Monkey porn sites so I should know.
 
can you go back to a restore point before that software was downloaded?

And, yeah, Spy Sweeper is good stuff.
 
eloisel said:
can you go back to a restore point before that software was downloaded?

And, yeah, Spy Sweeper is good stuff.
Click to expand...

I used Spybot S & D, and that deleted the folder and removed 139 trojans. I cant get the link off the taskbar next to the clock, still.

And it won't let me perviously restore, it boots itself first. But the trojans and bots are all out, and everything seems norbal.

It's booting itself during startup....is that config.sys, or autoexex bat? I forget. But it's the thing that asks you when installing if you want an icon on the taskbar.
 
eloisel said:
can you go back to a restore point before that software was downloaded?

And, yeah, Spy Sweeper is good stuff.
Click to expand...
BTW, more recent trojans are installing themselves in the system restore folder. So when you restore to an earlier point they are still there. Be careful about that. Make sure you have anti-spyware software that will scan system restore as well.
 
Problem solved, apparently, but if you still had the icon in the systray there may still be remnants of the thing lurking around. You probably shitcanned it effectively using Spybot, but you might want to try running it in Safe Mode as well. Let us know.

Oh, and find a better browser to avoid this shit in the future. :)
 
I went through this a while back, and all of the spyware sweeping did what it was supposed to, leaving that annoying notification in the systray. That notification ended up being tied to what was later identified as a virus - expand your troubleshooting to include virus detection/removal and see if that helps at all.

I recommend Avira Antivir Personal Classic Edition - was rated number two a while back and it's free.
 
Colonel Kira's Left Tit said:
Problem solved, apparently, but if you still had the icon in the systray there may still be remnants of the thing lurking around. You probably shitcanned it effectively using Spybot, but you might want to try running it in Safe Mode as well. Let us know.

Oh, and find a better browser to avoid this shit in the future. :)
Click to expand...

It's all fixed except for that blinking bullshit in the tray that still links to their site. What the thing did was download all this spyware to my computer, with the "solution" being forced to buy this product to get it to uninstall.

Search and Destroy (spybot) did a better job than SpySweeper.

I'm going to try the virus thing, although AVG and AdAware say it's all clean too.
 
That Virus program is fucking awesome. The bad files had renamed themselves into a temp folder and were unseen. Avira found them.

Theres this one .sys program that nothing seems to be able to touch, and I can't "see" it, even though Avira indicates it can't open it. Fucked up.

Thanks to everyone but BG for the assistance.
 
Spybot CAUGHT the fucker this morning when it tried to change the registry again :D! Finally. That and Avira make the perfect one two punch.
 
You must log in or register to reply here.
Top