Jump to content

What kind of demonic spyware is this?

Evil_inc

By Evil_inc
in Software

 Share

Recommended Posts

Evil_inc Newbie

Evil_inc

Posted
Posted

I seemed to have picked up a bug that I can't shake. It delivers pre programed popup messages through "Messenger Service" and... well I will let you all check this out. These are the variants of all the messages I have been getting.

 

demond6.jpg

 

demond5.jpg

 

demond4.jpg

 

demond3.jpg

 

demond2.jpg

 

demond1.jpg

 

I have preformed full scans with norton and adaware and turned up the usual junk but nothing out of the ordinary.

Share this post

Link to post
Share on other sites
shatteredsteel Newbie

shatteredsteel

Posted
Posted

that would be a variation of the winfixer spyware/virus...I actually just had to take it off a dell at the shop. Its a pain in the @$$ to remove but it is possible, reboot into safe mode and run a free ewido scan. if that doesn't get rid of it on reboot, rerun th escan and take note of what registry entries are being infected...you can guess where this is going. open up your registry and remove the invalid entries.

 

Vuvundo fix may also work (Google it)

 

Linky goodness.

http://www.ewido.net/en/onlinescan/

 

Hope this helps,

 

Barry Benton

(AKA shatteredsteel)

Share this post

Link to post
Share on other sites
red930 Newbie

red930

Posted
Posted

Go into your Registry and look into your RUN and delete what you know it's not suppose to be there. If you're using I.E. make sure you clean out all of your cookies, temps, temp. Internet Folders. Run Ad-Aware, Spybot, and maybe do SPYWAREGUIDE.com first. It's an ACTIVE-X application that scans on-line which has been working great for me unless you get something really really bad. So no more pron sites okay? :)

Share this post

Link to post
Share on other sites
Evil_inc Newbie

Evil_inc

Posted
Posted

My system has crashed many times and I have reinstalled windows 4 times. Sp2 screws with my printer so I do not have it installed. I had had messenger disabled but it was enabled when I checked it so I disabled it again. I am also running symantec's Trojan.Vundo remover to see if I can scrape up any mess. I also ran Vundofix but that turned up nothing. I haven't gotten a message since I disabled messenger again.

Share this post

Link to post
Share on other sites
jm76 Newbie

jm76

Posted
Posted

I've always liked using HiJackThis for these problems...

 

Give it a try in safemode if you haven't gotten rid of the problem yet and then search online for a parser for the log file and you will be able to clean up a lot of crap on your system.

 

Jim

Share this post

Link to post
Share on other sites
Guest nibs

Guest nibs

Posted
Posted

I've found that Hosts Secure and a properly configured CORE FORCE help to prevent spyware from functioning even if you manage to become infected. Good luck.

Share this post

Link to post
Share on other sites
red930 Newbie

red930

Posted
Posted

You know what you can do is install Ad-Aware and use it's tool to perm. disable Messanger. You did disable it through the services, correct? You should try out my suggestions as well, you'll notice a nice boost in your hd. :)

Share this post

Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...