Previous Thread
Next Thread
Print Thread
Rate Thread
#547 10/31/04 09:47 PM
Joined: Mar 2002
Posts: 384
Defcon Offline OP
Member
OP Offline
Member
Joined: Mar 2002
Posts: 384
Well, I've now seen one of the most pain in the [censored] virus/malware/spyware [censored] I have ever dealt with.

The first symptoms were that my start page for any of my webbrowsers was changed to some search site, after running spybot the problem seemed like it was cleared up, but later it came back. This thing also caused a lot of random pop ups telling me I have spyware on my system, and wanting me to pay for their spyware remover. Also it's interesting to note that after a half hour I'm getting low virtual memory warnings and my computer is slow and laggy, So much so that programs would close all on there own and refuse to open because of lack of memory. A Virus scan reveilled a ton of infected system files so I know something was buggy there too.

This goes on for a few days, partially due to lack of time to sit down and deal with it, and I download Hijackthis! and start clearing house on my Add/Remove Programs. I find a ton of nasty little buggers and clean those off, but I still had lag and the homepage take overs. I find this program called WebPatrol. Within moments it alerts me to some random .dll file, I run Hijackthis to see if it sees it too, it id's itself as an IE Addon btw, and it does, it also sees it spawned a BHO. Looking at my logs I see that on two other occasions a randomly named dll in C:\Windows\System32 have also been spawned and created BHO's, and these are the guys hijacking my homepage. I think I got this thing cornered but I can't seem to find the main bug spawning these dll's. Anyone experiance anything similar or have any idea where this thing could be hiding?

Here are the programs I've been using
Lavasoft Ad-aware 6
latest version of Spybot
Trendmirco online virus scanner and Antivir XP
WinPatrol
Hijackthis!

Thanks, I so wanna kill this [censored]!


"Remember how much fun you had shooting spitwads at the teacher in seventh grade? Imagine applying that kind of attitude to actually [censored] with Mitsubishi!"
- Jello Biafra
#548 11/01/04 06:28 AM
Joined: Oct 2002
Posts: 955
UGN Super Poster
Offline
UGN Super Poster
Joined: Oct 2002
Posts: 955
I have a lot of service calls pertaining to such problems. There was a nasty one similar to what you were talking about, it was one of my few service calls that lasted over 1hr. Lasted about 3 I think, and it was a huge PITA to get rid of.

Could you give the names of what the programs found it as, and also the filenames of DLLs (unless random). Seems one of those programs usually has a manual removal link if they can't remove it, and that is what I have had to do a few times.

If anything google the virus/spyware name along w/ say "manual removal" and follow instructions.

#549 11/01/04 06:10 PM
Joined: Mar 2004
Posts: 419
S
UGN Member
Offline
UGN Member
S
Joined: Mar 2004
Posts: 419
Have you tried going through regedit to remove any keys that have the name of your probelm?


D, world destruction
Over and overture
N, do I need
Apostrophe T, need this torture?-They Might Be Giants
#550 11/02/04 01:23 AM
Joined: Nov 2002
Posts: 1,146
Likes: 1
Ice Offline
UGN News Staff
Offline
UGN News Staff
Joined: Nov 2002
Posts: 1,146
Likes: 1
that happened to my Gateway computer, i think my problem was a nasty virus. It removed My Computer so i couldnt access it.

Had to reformat smirk I hate people that write this [censored].


Good artists copy, great artists
steal.

-Picasso
#551 11/02/04 03:45 AM
Joined: Mar 2002
Posts: 384
Defcon Offline OP
Member
OP Offline
Member
Joined: Mar 2002
Posts: 384
Well I cleaned up everything but I'm still infested with the deadly Win32.netsup.A Bug and I can't find any free virus stuff that will help put the son of a [censored] down.


"Remember how much fun you had shooting spitwads at the teacher in seventh grade? Imagine applying that kind of attitude to actually [censored] with Mitsubishi!"
- Jello Biafra
#552 11/02/04 01:14 PM
Joined: Mar 2004
Posts: 419
S
UGN Member
Offline
UGN Member
S
Joined: Mar 2004
Posts: 419
PestPatrol

I'm sure you tried this but here it is anyway.


D, world destruction
Over and overture
N, do I need
Apostrophe T, need this torture?-They Might Be Giants
#553 11/02/04 02:42 PM
Joined: Jan 2004
Posts: 908
Likes: 1
G
UGN Super Poster
Offline
UGN Super Poster
G
Joined: Jan 2004
Posts: 908
Likes: 1
I had that problem awhile back, I think this is what I used to finally get rid of it. PcdocRX


boys lie.

<sintax>
No we do not!!!!
</sintax>
#554 11/02/04 03:04 PM
Joined: Nov 2002
Posts: 1,146
Likes: 1
Ice Offline
UGN News Staff
Offline
UGN News Staff
Joined: Nov 2002
Posts: 1,146
Likes: 1
the thing that i hate the most is when your computer is about to die and needs a reformat.

You search the internet for free tools that help remove the viruses and worms.

You find one that seems very promising and you download it. You open it and figure out its not really free and all it does is scan the computer, find the viruses, but the remove and quarantine are blocked and you need to purchase a full version to remove what the program found.


Good artists copy, great artists
steal.

-Picasso
#555 11/02/04 05:41 PM
Joined: Mar 2004
Posts: 419
S
UGN Member
Offline
UGN Member
S
Joined: Mar 2004
Posts: 419
I use Avast Antivirus on my laptop, it's free and updated regularly. It is full featured.


D, world destruction
Over and overture
N, do I need
Apostrophe T, need this torture?-They Might Be Giants
#556 11/10/04 04:11 PM
Joined: Nov 2004
Posts: 2
E
Junior Member
Offline
Junior Member
E
Joined: Nov 2004
Posts: 2
I posted something simalar to this in the cool web search thread.
Go to the http://www.nod32.com and download the free trial version of it and run it. It will detect and remove 95% of the trojan/virus's out today.
If you do not want to install the program there are seperate removal tools there you can download for free.
Good luck.


Link Copied to Clipboard
Member Spotlight
Posts: 43
Joined: November 2002
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
unreal 1
Crime 1
Ice 1
Dartur 1
Powered by UBB.threads™ PHP Forum Software 7.7.5