Lavasoft Rapid Response to SpyAxe

Discussion in 'Windows Desktop Systems' started by kcnychief, Dec 9, 2005.

  1. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    I received this e-mail a few minutes ago, thought it would be good to post:

    Along with their definition file update:


     
  2. jpom

    jpom OSNN Addict

    Messages:
    166
    Too bad that it can a little to late for me, I just had to format a computer to get rid of it at the beginnning of the week. I deleted reg entries, program files, uninstalled it in various ways, tried adaware, spybot, MS, counterspy and everytime it was removed it would just come back on the next reboot. Extremely Annoying program.
     
  3. Electronic Punk

    Electronic Punk Administrator Staff Member Political User Folding Team

    Messages:
    18,590
    Location:
    Copenhagen, Denmark
    You could have always tried safe mode or using msconfig to prevent anything from loading... or was that no good? Don't know as I have never been infected by it myself.
     
  4. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    What is your IP address, I can take care of that ;)
     
  5. jpom

    jpom OSNN Addict

    Messages:
    166
    EP, nope no good either, it wouldn't load in safe mode and I'd go an delete everything and it would still come back when I rebooted again. My only thought is that it cached some files some obscure place and along with some sort of hidden reg entry or some such that installed/ran those files at bootup. I don't know how feasible the theory is but it's the only one I can come up with. All i know is that it was one hell of an SOB to get rid of.

    I'll get right on that kcnychief :)
     
  6. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    I've seen viruses that do similar things to that, I believe I refered to them as "droppings"

    Basically, your scanner or other software will pick up a virus, but it will only be a piece of it, and it will re-spawn after a reboot. Common places the droppings tend to hide are c:\windows\prefetch or the c:\windows\system32.

    Sometimes they are a bit tricky, did you loose any data in the format?
     
  7. muzikool

    muzikool Act your wage. Political User

    127.0.0.1

    What's yours? :p
     
  8. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    DUH - see my siggy

    there's no place like 127.0.0.1 :nervous:
     
  9. Mastershakes

    Mastershakes Moderator

    Messages:
    1,721
    Location:
    Montreal
    It's your Local Host

    :)

    No place like Local Host
     
  10. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    :rolleyes: