Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware Attack


  • Please log in to reply
4 replies to this topic

#1 Leprechaun

Leprechaun

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:34 AM

Posted 23 October 2005 - 08:51 AM

Hi guys,
Came under attack last night, so quickly pulled the 'net cable, and ran adaware 3 times (it dealt with things first time, and read clear the other 2). However, when I try to ue the net offline, I get this

http://img.photobucket.com/albums/v684/Pad...irish/1stII.jpg

And when online this

http://img.photobucket.com/albums/v684/Pad...irish/2ndII.jpg
http://img.photobucket.com/albums/v684/Pad...rish/2ndIIb.jpg

It also asks me to connect to view pages, and I get that dialler window repeatedly. Also, that yellow triangle bottom right keeps telling me to install antivirus, despite me having AVG and Norton on top of ad-aware and the standard windows gubbins, and I still get random popups for casinos and porn.

Help

:thumbsup:
Fetch me another plaything, this one seems to have broken.

BC AdBot (Login to Remove)

 


#2 stidyup

stidyup

  • Members
  • 641 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:34 AM

Posted 24 October 2005 - 02:20 AM

Are you running both Norton AV and AVG together??? This is a bad idea you should only have one AV active at any one time.

If you think you are infected submit a hijackthis log here.

How to submit a hijackthis log

Download Hijackthis

Try running the following from safe mode (Getting to safe-mode) Sysclean you'll also need the virus template file from here lpt***.zip remember to extract the contents of the zip file into the same folder as Sysclean.com

or

DrWeb CureIT

If your good with the command line also try Sophos Command Line scanner this command will scan all of your hdd's SAV32CLI.EXE -F -di -remove -dn -mbr -all -zip -p=avscanlog.txt and give you a log file to review afterwards.

If you can't get into safe mode download the following - Ultimate Boot CD however you will need to update the definitions on the disk see here how to do that. Alternatively download a archive version of Public AntiVirus again this will need updating but full instructions are here.

If you want a smaller download look here for instructions on how to create your own boot CD.

Also try installing and running A2 Free and Ewido

I'd also run Spybot(Spybot Tutorial) and Adaware

If your using Win2K/XP run adaware/spybot from "safe mode with command prompt"

At the C:\ prompt type the following:-

cd\
C:\progra~1\spybot~1\spybotsd.exe /autocheck /autofix
cd\
C:\progra~1\lavasoft\ad-awa~1\ad-aware.exe

#3 Rimmer

Rimmer

  • Members
  • 2,159 posts
  • OFFLINE
  •  
  • Location:near Sydney, Australia
  • Local time:04:34 PM

Posted 24 October 2005 - 04:16 AM

Don't accept any of those warnings with a "solution" in the window - they are fakes to entice you to download more spyware.
I too think you should submit an HJT log. Please read the pinned posts 'How to use this Forum' and 'How to post a HiJack This log' at the top of the forum:
http://www.bleepingcomputer.com/forums/Hij...alysis-f22.html

Good luck :thumbsup:

Soltek QBIC, Pentium 4 3.0GHz, 512MB RAM, 200GB SATA HDD, ATI Radeon 9600XT 256MB, Netgear 54Mb/s WAP, ridiculously expensive Satellite Broadband
Windows XP Home SP2, Trend Micro Internet Security, Firefox, Thunderbird, AdAwareSE, Spybot S&D, SpywareBlaster, A-squared Free, Ewido Security Suite.

#4 Leprechaun

Leprechaun
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:34 AM

Posted 24 October 2005 - 04:47 AM

Cheers guys, once I've got the log, just post it in this forum right? If not, please redirect me. Cheers again.
Fetch me another plaything, this one seems to have broken.

#5 Rimmer

Rimmer

  • Members
  • 2,159 posts
  • OFFLINE
  •  
  • Location:near Sydney, Australia
  • Local time:04:34 PM

Posted 24 October 2005 - 06:05 AM

Read the link.

Soltek QBIC, Pentium 4 3.0GHz, 512MB RAM, 200GB SATA HDD, ATI Radeon 9600XT 256MB, Netgear 54Mb/s WAP, ridiculously expensive Satellite Broadband
Windows XP Home SP2, Trend Micro Internet Security, Firefox, Thunderbird, AdAwareSE, Spybot S&D, SpywareBlaster, A-squared Free, Ewido Security Suite.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users