Home | Community | Message Board


This site includes paid links. Please support our sponsors.


Welcome to the Shroomery Message Board! You are experiencing a small sample of what the site has to offer. Please login or register to post messages and view our exclusive members-only content. You'll gain access to additional forums, file attachments, board customizations, encrypted private messages, and much more!

Shop: PhytoExtractum Maeng Da Thai Kratom Leaf Powder   Kraken Kratom Red Vein Kratom

Jump to first unread post Pages: 1
OfflineViveka
refutation bias
 User Gallery

Registered: 10/21/02
Posts: 4,061
Last seen: 7 years, 3 months
Infuriating piece of malware
    #5570076 - 04/29/06 12:43 PM (17 years, 8 months ago)

Hey guys, what happened to the days when you could scan with Adaware and Spybot , maybe run your antivirus and be done with it?

I've got this malware that Adaware and Spybot S&D couldn't remove. My antivirus couldn't remove (Symantec Corporate), clearing cookies/history/temp files and temp folders couldn't remove, and of course there's no uninstall for it anywhere.

It does several things. One, it causes pop ups for porn, even when I'm not browsing (I use firefox). The pop up is usually for adultfriendfinder and "find a local fuck buddy" type of thing. (Yeah, I got this pop up from browsing porn. I'll have to use P2P or my imagination from now on, haha).

Second, it creates an item in my taskbar that randomly appears and disappears. The icon is an ! in a yellow triangle. It randomly produces a text window that reads:
"Your computer is infected with spyware managing pop-up advertisements (OHPE ver 4.12_23). Click the icon to learn more on what you can do about pop-up windows and other unwanted software."

Yeah, no shit!! You!

Third, it periodically brings up a window labeled "Critical System Error!" with a yellow !. The text in the window says:

"Please read this message carefully.
Yor PC is infected by spyware. SPyware and other unwanted software refers to programs that perform certain tasks on your computer, typically without your consent. This can include installing pop up advertising or collecting your personal information. Anti-spyware tools can only help rid your computer of spyware.
CLick "ok" to get software and special offers on antivirus software."

If I click on this text window it brings up the webpage adpunisherdotcom or pestpatrol or one of many other supposed antispyware product sites. The irony is staggering.

It also changes my IE homepage (although I do not use IE) to wwwdot safetydefender.com or some other site trying to sell me anti-spyware software. All of the pop up windows and window alerts and web pages that are triggered change each time. It's the most dynamic piece of spyware I've seen.



I hope one of you guys has seen this before and has a suggestion cause I have no clue. I've seen some troubleshooting forum logs on this and it always involves installing a bunch of other software that, at this point, I don't trust in the least. Thanks.


Extras: Filter Print Post Top
OfflineDarcho
PhysicallyDetermined

Registered: 07/26/04
Posts: 426
Last seen: 11 years, 7 months
Re: Infuriating piece of malware [Re: Viveka]
    #5570315 - 04/29/06 01:36 PM (17 years, 8 months ago)

Maybe try using eWido. I find that it picks up things that AdAware misses.


Extras: Filter Print Post Top
OfflineViveka
refutation bias
 User Gallery

Registered: 10/21/02
Posts: 4,061
Last seen: 7 years, 3 months
Re: Infuriating piece of malware [Re: Darcho]
    #5570661 - 04/29/06 03:13 PM (17 years, 8 months ago)

Hey thanks man. That seems to have found something the other apps didn't. Unfortunately the little fucker is still there, tenacious. It changes the files it creates on every boot. It's just annoying because if I'm running something like a game the pop us will interrupt the game or the taskbar info box will obscure part of my screen. What a piece of crap.

Anybody seen this bastard before?


Extras: Filter Print Post Top
InvisibleRandalFlagg
Stranger
Registered: 06/15/02
Posts: 15,608
Re: Infuriating piece of malware [Re: Viveka]
    #5570677 - 04/29/06 03:22 PM (17 years, 8 months ago)

Man...I have had the same thing.  Ironically, I just got another one today.

Basically, it's malware/spyware that masquerades as something useful.  It says stuff like, "Click here to protect your computer from Spyware!!".  It tries to direct you to a website where they try to sell you stuff.  These companies do sometimes sell real anti-virus programs that work (believe it or not).  But, the way these programs worm their way onto your comp is so unseemly and disgusting.

Whenever I get one of these I send the offending company a very nasty e-mail.  The only way I have found to get rid of them is to format the fucking computer.  :shrug: 

Damn...I have a little icon that just popped up saying "You are in danger of Spyware infection!!".  You can tell it's not a legitimate software package because there are misspellings all through the messages that keep popping up.  :lol:

Fucking spyware/malware.


Extras: Filter Print Post Top
OfflineViveka
refutation bias
 User Gallery

Registered: 10/21/02
Posts: 4,061
Last seen: 7 years, 3 months
Re: Infuriating piece of malware [Re: RandalFlagg]
    #5570711 - 04/29/06 03:31 PM (17 years, 8 months ago)

Yeah, it's fuckin' sinister. "Warning! Your computer is infected with pop-up generating spyware!" Yeah, no shit. That's a bit like someone coming into your house at night and saying "Hey! There's someone outside your house about to break in. If you give me $40 bucks, I'll make them go away!"

I'm gonna dig in and do my best to root this fucker out. I'll keep you updated.


Extras: Filter Print Post Top
Offlinemorphius2661
Basic Psychonaut
Male

Folding@home Statistics
Registered: 02/10/06
Posts: 551
Loc: NC
Last seen: 8 years, 2 months
Re: Infuriating piece of malware [Re: Viveka]
    #5571181 - 04/29/06 05:43 PM (17 years, 8 months ago)

Try getting the Microsoft anti-spyware software they offer on their website. I've never used it but apparently it's pretty decent.

Also try this:
go to Start > run > type in 'msconfig' and press enter > click the startup tab at the top

This shows all the stuff that will start when you start your computer. Look around for anything that looks out of the ordinary or something you jsut dont want to slow down your computer on startup, it may help, may not. You also may find some things in the Services tab, but be careful turning those off because it could disable some things like printing and shit.


--------------------
"It is dangerous to be right in matters on which the estabilished authorities are wrong."


Extras: Filter Print Post Top
OfflineViveka
refutation bias
 User Gallery

Registered: 10/21/02
Posts: 4,061
Last seen: 7 years, 3 months
Re: Infuriating piece of malware [Re: morphius2661]
    #5571234 - 04/29/06 06:02 PM (17 years, 8 months ago)

Yeah, this thing is still aactive in a selective startup. I'm working right now to hunt it down, more info to come...


Extras: Filter Print Post Top
OfflineBigGameHunter
Tech
Registered: 04/14/05
Posts: 164
Last seen: 45 minutes, 10 seconds
Re: Infuriating piece of malware [Re: Viveka]
    #5571499 - 04/29/06 07:15 PM (17 years, 8 months ago)

What I have been doing a lot lately on the machines that I repair is using a bootable cd (Bart PE or UBCD4Win). It has a lot of utilities on it & it allows you to repair your operating system & repair your registry & to delete those harmful files just to name a few. You can use it from a GUI or a command line interface. What I usually do is use the antivirus, spyware, adware programs in safe mode in Windows & whatever they can't get rid of I write it down & then boot to my bootable CD & delete or rename those files.


Extras: Filter Print Post Top
Invisiblecosmicpirate
Doppelganger

Registered: 08/07/05
Posts: 43
Re: Infuriating piece of malware [Re: BigGameHunter]
    #5571788 - 04/29/06 08:37 PM (17 years, 8 months ago)

Look for a program called 'hijack this' to remove any malware. There are instructions how to use it if you do a google search.

It gives you the opportunity to change or delete the registry keys which these spyware alter, so they can't be removed with adware, spybot, etc..

H.T. works like a charm, and does it's job no matter what you got, but you have to be careful because if you delete the wrong key, your whole system will need to be reinstalled. But after using it a few times myself, i don't need to use anything else and don't need to worry about screwing up my system.

good luck


Extras: Filter Print Post Top
InvisibleBoom
just a tester
Male
Registered: 06/16/04
Posts: 11,252
Loc: Cypress Creek
Re: Infuriating piece of malware [Re: cosmicpirate]
    #5571823 - 04/29/06 08:45 PM (17 years, 8 months ago)

Heh.. I like Hijack This -- I always picture some angry dishevelled guy grabbing his package with one hand, while the other flips me off as he says "Hijack THIS


Extras: Filter Print Post Top
Offlinesupra
computerEnthusiast
Registered: 10/26/03
Posts: 6,446
Loc: TEXAS
Last seen: 12 years, 9 months
Re: Infuriating piece of malware [Re: Viveka]
    #5571911 - 04/29/06 09:05 PM (17 years, 8 months ago)

your browser has been hijacked, there is a forum on the net somewhere, some tech site, wehre if you put your hijack this log on there, they will show you howt o fix it

peace


Extras: Filter Print Post Top
OfflineViveka
refutation bias
 User Gallery

Registered: 10/21/02
Posts: 4,061
Last seen: 7 years, 3 months
Re: Infuriating piece of malware [Re: supra]
    #5572953 - 04/30/06 01:58 AM (17 years, 8 months ago)

Yeah, HijackThis is the shit! I was getting help on one of those forums but they kinda left me hangin. I've gotten rid of all the pop up behavior. The only thing that still happens is that when I click the double arrow to expand my taskbar icon area, it opens for a second, then closes again. Annoying, but much better than before. Hopefully I can clear that up too. Thanks for the advice people.

The SmitFraudFix tool actually seemed very useful for this particular malware. You might want to give it a shot Randal. Run the test, option 1 to see if it detects anything. Then boot into safe mode to run option 2 to clean. http://siri.geekstogo.com/SmitfraudFix.zip


Extras: Filter Print Post Top
Offlinesupra
computerEnthusiast
Registered: 10/26/03
Posts: 6,446
Loc: TEXAS
Last seen: 12 years, 9 months
Re: Infuriating piece of malware [Re: Viveka]
    #5573587 - 04/30/06 09:54 AM (17 years, 8 months ago)

Quote:

EvilEye? said:
Yeah, HijackThis is the shit! I was getting help on one of those forums but they kinda left me hangin. I've gotten rid of all the pop up behavior. The only thing that still happens is that when I click the double arrow to expand my taskbar icon area, it opens for a second, then closes again. Annoying, but much better than before.




that is normal windows behavior as afar as i know

mine does it anyway

peace


Extras: Filter Print Post Top
OfflineViveka
refutation bias
 User Gallery

Registered: 10/21/02
Posts: 4,061
Last seen: 7 years, 3 months
Re: Infuriating piece of malware [Re: supra]
    #5573813 - 04/30/06 11:49 AM (17 years, 8 months ago)

Sweet. I was thinking maybe it was, thanks for confirming.

SmitFraudFix resolved this issue.


Extras: Filter Print Post Top
OfflineEvesApple
civillydisobedient
Female

Registered: 04/18/06
Posts: 27
Last seen: 16 years, 11 months
Re: Infuriating piece of malware [Re: Viveka]
    #5573903 - 04/30/06 12:29 PM (17 years, 8 months ago)

Sweep and clear. Format C: and reinstall your OS. Or just install Linux and never worry about it again.


--------------------
Turn off your mind, relax and float down stream
It is not dying...It is not dying
Lay down all thought, surrender to the void
It is shining...It is shining
That you may see the meaning of within
It is being...It is being


Extras: Filter Print Post Top
OfflineViveka
refutation bias
 User Gallery

Registered: 10/21/02
Posts: 4,061
Last seen: 7 years, 3 months
Re: Infuriating piece of malware [Re: EvesApple]
    #5574108 - 04/30/06 01:39 PM (17 years, 8 months ago)

No need. SmitFraudFix resolved the issue.

I refuse to format C: because of some little rat bastard piece of shit spyware.


Extras: Filter Print Post Top
Offlinesupra
computerEnthusiast
Registered: 10/26/03
Posts: 6,446
Loc: TEXAS
Last seen: 12 years, 9 months
Re: Infuriating piece of malware [Re: Viveka]
    #5575014 - 04/30/06 07:14 PM (17 years, 8 months ago)

a refusal that cannot last forever, windows is extremely vunerable to this kind of crap, one day you will have to, i do about once a year

peace


Extras: Filter Print Post Top
OfflineViveka
refutation bias
 User Gallery

Registered: 10/21/02
Posts: 4,061
Last seen: 7 years, 3 months
Re: Infuriating piece of malware [Re: supra]
    #5577071 - 05/01/06 12:08 PM (17 years, 8 months ago)

Dude, I actually just formatted my PC two weeks ago. And this is after getting nailed with a virus that wrecked my NTFS table, only about a week after building this new system. So believe me, I'm well aware of the necessity of formatting at times and I'm prepared to do it. But in this case I refused to give in to something so dishonorable and my perserverence paid off, I found SmitFraudFix!


Extras: Filter Print Post Top
OfflineALHOFF177A17
DoWn RU?

Registered: 01/23/02
Posts: 241
Last seen: 10 years, 2 months
Re: Infuriating piece of malware [Re: Viveka]
    #5577766 - 05/01/06 04:01 PM (17 years, 8 months ago)

Sometimes you can see it in the task manager under process. Just end the process. Helps me somtimes.

My computer still has the sasser virus, Eh what you going to do?


--------------------
www.DoWnClothing.COM


Extras: Filter Print Post Top
Jump to top Pages: 1

Shop: PhytoExtractum Maeng Da Thai Kratom Leaf Powder   Kraken Kratom Red Vein Kratom


Similar ThreadsPosterViewsRepliesLast post
* No Desktop Or Taskbar fireworks_godS 1,141 13 12/27/05 05:16 AM
by Taskenti
* killing a particular piece of spyware BrAiN 3,450 19 02/06/05 07:22 PM
by BrAiN
* Microsoft Says Recovery from Malware Becoming Impossible Vvellum 1,123 13 04/05/06 10:45 PM
by rawtoxic
* taskbar mouse over glitch snoot 400 3 03/11/10 03:27 PM
by snoot
* help with trojan or malware. Artnotwar 597 5 02/04/09 01:59 AM
by Artnotwar
* Circumcision Helps Prevent HIV Infection DiploidM 2,193 13 08/11/13 08:08 PM
by ChuangTzu
* Sigh, Computer Infected..What should i do?
( 1 2 all )
Catalysis 3,777 29 11/24/04 10:24 PM
by Vvellum
* Infected by evildoers dorkus 660 5 02/22/06 08:41 AM
by dorkus

Extra information
You cannot start new topics / You cannot reply to topics
HTML is disabled / BBCode is enabled
Moderator: trendal, automan, Northerner
2,925 topic views. 1 members, 1 guests and 2 web crawlers are browsing this forum.
[ Show Images Only | Sort by Score | Print Topic ]
Search this thread:

Copyright 1997-2024 Mind Media. Some rights reserved.

Generated in 0.026 seconds spending 0.007 seconds on 14 queries.