• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

god damn spyware

lancer

There is no answer!
Political User
#1
Please read and be astonished, i just formatted and reinstall xp pro at work and within 5 mins my computer was ransacked by spyware, i updated it fully sp2 etc.. then antivirus norton. Then i downloaded both ms antispyware and spybot ran both, and they found about 50 instances between them, now there are a few sons-a-bi'atches still clinging on, anyone have any suggestions about which programs to use to get all the spyware out. oh and yes it was ms internet explorers fault, as i opened it for the updates, now i'm using firefox again.

please help, i'm on my 5 scan and its still finding the buggers.:cry:
 

Perris Calderon

Moderator
Staff member
Political User
#3
you should run the spybot resident to have real time protection against spyware

if you want to post a highjack this log, there are some people here that will try to help you clean the computer

as far as what happened being ie's fault, I don't think this happens while getting updates.
 

VenomXt

Blame me for the RAZR's
#5
i dont see how you can get spyware within 5 mins after reformatting. are you sure you formatted it?
why i asked if he zero the drive out? or just uses a quick formate. Have seen weird thinsg happen with a quick formate. (IE files that shoudnt be there show up) and how many drives you have any chance you installed something to another drive laced with spyware?
 

muzikool

Act your wage.
Political User
#6
Hard to believe that spyware could even hold on with a quick format.

There has to be something you're doing to have that junk showing up after 5 minutes. It's not like you plug a network cable in and all the bugs on the internet run straight toward you! :p In all my reformat/reinstalls, I never plugged into the network before loading my antivirus, firewall and spyware programs. I always kept those installers available on a disk so that I wouldn't have to get online to download them first.
 
#7
VenomXt said:
why i asked if he zero the drive out? or just uses a quick formate.
Both A Quick format and a non quick format will erase all files on the drive. The only difference is wether or not the hard disk will be scanned for bad sectors or not.
 

lancer

There is no answer!
Political User
#9
yeah i know all this thats why its so strange, the spyware attached itself when i went onto msn, not during the updates, just to clarify.

i did a full format, so no chance old stuff could ave stayed. heres a hijack log
 

Attachments

#12
I'm not sure yet, but this may be what cruised in:

http://securityresponse.symantec.com/avcenter/venc/data/adware.elitebar.html

Fix these:

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = //searchmiracle.com/sp.php
F2 - REG: system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O4 - HKLM\..\Run: [tF4f3nS] pifupapi.exe
O4 - HKLM\..\Run: [xchgil] c:\windows\system32\otgbctq.exe
O4 - HKCU\..\Run: [covpRhe3W] penecsnp.exe

oh, and do this in safe mode. then run adaware, anti-spyware, and spybot in safe mode.
 
Last edited:

muzikool

Act your wage.
Political User
#13
Nail.exe is a bad one. It adds randomly generated files into the Prefetch folder. Not easy to get rid of the traditional way.
 

zeke_mo

(value not set)
Staff member
Political User
#14
If you downloaded a key thingy for norton, sometimes they come with something called crack.exe....when you open it you will have 50+ spyware files to deal with. Its worth it to format again
 
#15
muzikool said:
Nail.exe is a bad one. It adds randomly generated files into the Prefetch folder. Not easy to get rid of the traditional way.
disable prefetch. done. am I wrong Muzi? I could be... ;)

From command prompt: del c:\windows\prefetch\*.* /q
then head into regedit -


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters

Change the value of EnablePrefetcher to 0

Possible settings:

0—Disable
1—Application Launch Prefetch
2—Boot Prefetch
3—Prefetch everything
 

Members online

No members online now.

Latest posts

Latest profile posts

Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,961
Messages
673,239
Members
89,014
Latest member
sanoravies