Help - Search - Members - Calendar
Full Version: In need of help...big time.
iGrandTheftAuto.com Forums > GTA4.TV/GTA-SanAndreas.com Archive > Old Forum Archive (Read Only) > General > Geek Central
Zen
Hey guys.

Earlier on, I seem to have caught a bit of spyware/adware.. Basically, the problem is, my comp has all these anti-spyware things being installed on it (which are obvious spyware) which I can't get rid of. When I try to uninstall it, it comes up with that error message where you can send a report.. I ended the processes and deleted the folder and it's apparently gone but I'm faced with another problem.

It seems to have messed with my browser also: Every time I click a link on Google, it takes me to an advertisement website. I'm restricted from downloading Microsoft Windows Defender and Ad-Aware and it's stopping AVG and Microsoft Update from updating.

Earlier on I also stopped a file called a.exe from accessing the net.

I'm in a real horrible situation here because it's using up 100% of my CPU and my computer's going as slow as anything...not to mention everything on the net is now malformed. I don't really know what to do.

Quick solution would be very much appreciated, thanks.
Qdeathstar
thats not spyware, thats a virus. Your best bet is to download the stuff from another computer and install it on your computer via CD or something.

I would run a virus scan first though as a.exe is registered as the W32.Ahlem.A@mm worm
Zen
Have ran a virus scan and no threats other than the 255 tracking cookies it's found on my computer..
Severus Snape
Have you updated your virus definitions lately?

This is interesting because this morning I detected a new virus on my PC that, in essence, does the same thing that you described. I went to CA's website and searched for the virus (pripecs.akb), and their information only lists it as Trojan.zlob. Went to Symantec's site and searched for this, but the information there conflicts with what my anti-virus program is telling me. Symantec gives a few different keys in the registry to delete, but my anti-virus software is giving me 1 key, and it doesn't match any of the keys that Symantec is giving me.

This must be a new virus as nobody has any information on it yet. Anybody out there have a clue on this?
Zen
Have got this:

http://ask-leo.com/what_are_lsass_lsassexe...do_if_i_am.html
Nec
Sasser is a worm that Microsoft issues a tool for every month, so if you update Windows it should take care of it.

If you do not want to do that (or can't for some reason), find out what the dll and exe files are, go into safe mode and delete them. Then delete all the crap in your Prefetch folder. that is in your Windows folder. You will have to enable the "show hidden files and folders" thing to see it. Then, try a registry cleaner to get rid of the entries. You may have to do it manually, but there are sites that will walk you through it. http://housecall.trendmicro.com/ Trend Micro is great. Slow, but great. They should have a page on it, and also Panda Software should have a removal description, though their online scanner really sucks balls these days. F-Secure and Trend Micro are the only ones I actually trust these days. Give all this a try. Hopefully it helps.

ETA: Booting into Safe Mode will only allow required programs to run. If you do it with networking, you will be able to access the internet. You can also do this (booting normally) by going to start...run, type in msconfig, select Diagnostic Startup, reboot, then it will also load only the required files.

Prefetch, btw, anticipates the programs that run the most and pre-loads them so it goes faster. That folder will always refresh itself, so deleting the files from there will not cause you any issues. It will, however, show you which files are suspect if you open it and watch what files load there as you are trying to use your browser.
Zen
Thanks for all the help guys, it's sorted now.

Basically, I used Ares to access the net since Sasser had blocked me from accessing any anti spyware/update/antivirus sites (so I couldn't update windows, nec) and downloaded Malwarebytes' Anti-Malware and that did the trick.

Thanks once again for taking your time out to help, it's appreciated.
Severus Snape
Ok, so I figured out what my problem was. Everybody listen up - this is good information for you all.

A couple days ago I apparently contracted a virus that attacked Internet Explorer (my bad for not using Firefox) and Windows Explorer (my bad for not having a Mac). This thing had all the characteristics of a virus:

1. When navigating on the internet, a "genuine-looking Windows" page would pop up with the message

"Insecure Internet activity. Threat of virus attack
Due to insecure Internet browsing your PC can easily get infected with viruses, worms and Trojans without your knowledge, and that can lead to system slowdown, freezes and crashes.
Also insecure Internet activity can result in revealing your personal information.
To get full advanced real-time protection for PC and Internet activity, register WinSpywareProtect.
We recommend you to protect your PC now and continue safe Internet browsing.
Click here to get full advanced real-time protection and continue browsing.
Continue to this website unprotected (not recommended).

2. When navigating the internet OR windows explorer, the following message would pop up:

"Attention [name]! Some dangerous viruses detected in your system. Microsoft Windows XP files corrupted. This may lead to the destruction of important files in C:\WINDOWS. Download protection software now!

Click OK to download the antispyware. (Recommended)"

3. When navigating the internet OR windows explorer, the pop up message "Get rid of Malware now!" would display.

In every case, no matter what action I took, I was being redirected to a third party website that would attempt to scan my entire computer and download/install a spyware program. The program is nothing more than a keylogger and hijacker. Don't ask me for the website - I never stayed on it long enough for it to do anything. That said - I had updated my virus definitions earlier that day (thankfully), so I ran a virus and spyware scan. Think a moment what the results were before I tell you.

Nothing. Nothing detected other than the tracking cookies on my pc. No viruses, no spyware. Nothing. I went through every single process that showed up in Task Manager, and none of them was suspicious or violent. And this thing would activate itself every 30 seconds while on the internet or in windows explorer. My last resort (before wiping my entire hard drive) was a system restore. I found a restore point about a week and a half prior to the current date, clicked ok, and hoped for the best.

After my system was restored, I immediately updated my virus definitions and windows updates and such. And then went on the internet. Nothing happened. No messages. Windows explorer? Same thing - gone. I finally got rid of it.

So to all out there - be careful of this. It does not show up as a virus, but it acts like one.
Mattay
Almost three years ago I had contracted SurfSideKick from some misleading ActiveX downloading prompt (>_>). I had tried everything. Norton Antivirus didn't do shit, Ad-Aware, Spyware S&D, nothing worked. I eventually had wiped my hard drive. And soon after I think to myself...restore point...damnit.

For an anti-virus I use Eset Nod32. It takes a bit of time to scan my entire computer, but it's great at catching viruses/spyware and deleting them with no problem. I usually get an attack by some shitty spyware daily, and it does an excellent job at catching and quarantining it. I heard Trend-Micro was good as well though.
FrankCastle
QUOTE(Mattay @ Aug 23 2008, 10:28 PM) [snapback]1460873[/snapback]
Almost three years ago I had contracted SurfSideKick from some misleading ActiveX downloading prompt (>_>). I had tried everything. Norton Antivirus didn't do shit, Ad-Aware, Spyware S&D, nothing worked. I eventually had wiped my hard drive. And soon after I think to myself...restore point...damnit.

For an anti-virus I use Eset Nod32. It takes a bit of time to scan my entire computer, but it's great at catching viruses/spyware and deleting them with no problem. I usually get an attack by some shitty spyware daily, and it does an excellent job at catching and quarantining it. I heard Trend-Micro was good as well though.


Yup, Trend Micro actually has a really decent, free online anti - virus/spyware scanner. It will remove the threats as well.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2014 Invision Power Services, Inc.