Windows XP 2008 antivirus spyware

Rackhir · Aug 25, 2008

This nasty piece of work was covered in detail in The Register recently.

http://www.theregister.co.uk/2008/08/22/anatomy_of_a_hack/

They are quite clever about how they go about tricking you if you aren't very careful.

For this reason, if you get something like this popping up.

Close the window, don't click on cancel or something like that.

Those buttons can be made to say what ever it is they want. Rather than what they actually do.

StreamOfTheSky · Aug 25, 2008

Thanks for the link, Rackhir! It was very imformative, though some of those things never happened to me (and I never chose 'yes' to anything, though apparantly that's part of the scam), and some other things happened to me not in the article. Including the blue screen of not-death, which happened any time I let my computer go idle. This guy talks about it, and his comment in general intrigued me:

[sblock]Posted by "Chris"
It gets worse
i have been inundated with these things at the university where i work.

they come in thru bad blog spam, myspace bot spam, phishing emails, the works.

some of them pop up phony bluescreens, complete with fake restarts of windows, either via fullscreen animated GIFs, or by using a BSOD screen saver.

the only way i was able to spot one infection was that the "bluescreen" completed it's dump of physical memory and "restarted" windows. think about that for a minute. it's called the blue screen of death because it's the last action your computer takes before it locks up solid. there is no coming back.

someone has poured a lot of time and energy (and presumably money) into these scams.

these are not students playing a prank. this isn't some lonely guy in his mom's basement. these are real programmers at work, and they are probably backed by someone with money. this is not an automated attack that you can fix with automated tools. new versions are hitting every day, manually re-engineered to slide past anti-virus and anti-spyware tools. this is a human powered attack and it requires a human powered counter attack.

this isn't crime. this isn't a random act by an individual or a group. this is a coordinated attack by a growing group of motivated professionals. this is a war.[/sblock]

As for me, my friend didn't need to reinstall everything. He got the root kit out with SDfix, then multiple scans with other programs got all the hidden system files. He left me with SuperAntispyware, Malwarebytes, and Spybot S&D, telling me to scan with Spybot and then download/install Avast at home. I've done so, Spybot caught 7 items, and got rid of all except a keyboard hacker, which multiple reboots and retries have failed to remove. I'll have to ask him later today, kinda worrying me. Other than that, everything's fine now.

Bront · Aug 29, 2008

If you can find the process of the spyware, you can usually shut it down and then get it with spybot.

I had to remove Antivirus 2008 from my step-daughter's PC. Required several registry edits and manual file removals, but wasn't too hard once i killed the process.

Energy Recruitment · Sep 7, 2008

enworld forum

Except there are several other powers that use the same mechanic. If that ranger also has Sweeping Whirlwind (Enc 7), Swirling Leaves of Steel (Daily 9), Cheetah's Rake (Enc 17), and Clearing the Ground (Stormwarden Enc 11) they are now benefitting from an oversized weapon on several attacks, typically with multiplied [W]. (Note: Two other similar attacks - Wounding Whirlwind and Cold Steel Hurricane - have the requirement for two weapons and target a close burst 1, but they specify one attack with each hand on each target, and so avoid this issue. And every other power that specifies that they must have two weapons also specifies an attack with each weapon.).

Calico_Jack73 · Sep 8, 2008

Try Sunbelt Software's CounterSpy. You can download a free, fully functioning demo and use it for 15 days. It has found and removed stuff that AdWare, Norton, and McAfee have missed.

http://www.sunbeltsoftware.com/Home-Home-Office/Anti-Spyware/

StreamOfTheSky · Sep 10, 2008

Energy Recruitment said:
Except there are several other powers that use the same mechanic. If that ranger also has Sweeping Whirlwind (Enc 7), Swirling Leaves of Steel (Daily 9), Cheetah's Rake (Enc 17), and Clearing the Ground (Stormwarden Enc 11) they are now benefitting from an oversized weapon on several attacks, typically with multiplied [W]. (Note: Two other similar attacks - Wounding Whirlwind and Cold Steel Hurricane - have the requirement for two weapons and target a close burst 1, but they specify one attack with each hand on each target, and so avoid this issue. And every other power that specifies that they must have two weapons also specifies an attack with each weapon.).

Welcome to ENWorld, I believe you posted to the wrong thread.

Dr. Talos · Sep 12, 2008

Try malwarebytes...worked great when i got this pest

Geoff Watson · Sep 13, 2008

I got the AntiVirus Spyware, it was very annoying (screwed up a lot of websites that I tried to use to find information on how to get rid of it).

I used HijackThis! to get rid of the main program, then Avast to get rid of the remnants.

Be very careful when using HijackThis, you can easily remove stuff you don't want to.

Geoff.

Windows XP 2008 antivirus spyware

Rackhir

Explorer

StreamOfTheSky

Adventurer

Bront

The man with the probe

Energy Recruitment

First Post

Calico_Jack73

First Post

StreamOfTheSky

Adventurer

Dr. Talos

First Post

Geoff Watson

First Post

Similar Threads