K
Kirrie2001
Guest
I found this on the Langalist today. Hope it is of some use.
SPYWARE WARNING - Level: HIGH RISK!
Last night, I got a phonecall from a friend that wanted me to have a look at his PC. Thinking it was going to be an easy job, was an understatement! Internet Explorer would run but not access websites at all. I spent a total of 4hrs trying to get it up and running and failed!
It seems there is a new serious spyware component that can download itself and install, without your knowledge. The last advertising company that I can remember using this technique was RealNames, last year - no longer in operation. Now, there is one originating from the link below.
w.w.w.i.g.n.k.e.y.w.o.r.d.s..c.o.m <<<------ DO NOT CLICK ON THIS ADDRESS!!!!! (I have disabled this link for security reasons!!) - Currently, there is no known cure for this parasite. Ad-aware, Pest Patrol or any other spyware checker will not alert you or disable it. If you can 'BLOCK' this domain, then do so NOW! The uninstaller this company has on their website does not remove the spyware, browser functionality is still affected after using their removal tool.
The parasite will add 3 files to your system, and enter Registry entries. The main culprits come in the form of bho.dll and winstart.exe. The winstart.exe will execute upon restarting under msconfig. Deleting these files, does not get rid of this problem. Even un-installing your browser and re-installing will not cure this infection.
Many reports worldwide, concerning this spyware are growing. Some people have even gone to reformatting their systems. Their have been reports that it affects the search page of Internet Explorer and MSN Messenger.
Some ways of prevention are:
Do not trust a 'Certificate from IGN' as trusted - should you ever receive a dialogue of this description.
Be very careful of ActiveX Control downloads.
Do not click Yes to any popups asking for permission to download.
Make sure your Security settings are set to at least Medium or Higher.
Remember this is not a virus, so your Antivirus program will not detect it, nor will it show as an attack on a firewall program - this parasite comes directly through your browser, and render it useless!
L8rs...
H
P.S. - It looks like I will need to reformat my friends drive!
Link edited, we don't want someone elses computer getting messed up - Jewelzz
SPYWARE WARNING - Level: HIGH RISK!
Last night, I got a phonecall from a friend that wanted me to have a look at his PC. Thinking it was going to be an easy job, was an understatement! Internet Explorer would run but not access websites at all. I spent a total of 4hrs trying to get it up and running and failed!
It seems there is a new serious spyware component that can download itself and install, without your knowledge. The last advertising company that I can remember using this technique was RealNames, last year - no longer in operation. Now, there is one originating from the link below.
w.w.w.i.g.n.k.e.y.w.o.r.d.s..c.o.m <<<------ DO NOT CLICK ON THIS ADDRESS!!!!! (I have disabled this link for security reasons!!) - Currently, there is no known cure for this parasite. Ad-aware, Pest Patrol or any other spyware checker will not alert you or disable it. If you can 'BLOCK' this domain, then do so NOW! The uninstaller this company has on their website does not remove the spyware, browser functionality is still affected after using their removal tool.
The parasite will add 3 files to your system, and enter Registry entries. The main culprits come in the form of bho.dll and winstart.exe. The winstart.exe will execute upon restarting under msconfig. Deleting these files, does not get rid of this problem. Even un-installing your browser and re-installing will not cure this infection.
Many reports worldwide, concerning this spyware are growing. Some people have even gone to reformatting their systems. Their have been reports that it affects the search page of Internet Explorer and MSN Messenger.
Some ways of prevention are:
Do not trust a 'Certificate from IGN' as trusted - should you ever receive a dialogue of this description.
Be very careful of ActiveX Control downloads.
Do not click Yes to any popups asking for permission to download.
Make sure your Security settings are set to at least Medium or Higher.
Remember this is not a virus, so your Antivirus program will not detect it, nor will it show as an attack on a firewall program - this parasite comes directly through your browser, and render it useless!
L8rs...
H
P.S. - It looks like I will need to reformat my friends drive!
Link edited, we don't want someone elses computer getting messed up - Jewelzz