Spyware issue.
Moderator: Moderators
- MeaCulpa, S.C.M.
- The Last Gunslinger
- Posts: 1021
- Joined: Thu May 19, 2005 12:12 pm
- Location: VERY, GOOD
Spyware issue.
No doubt my own damn fault for surfing the internet unprotected, but here's the issue.
I got this one time as I was checking for some iso files for my psx emulator-
When I click it, this happens-
I downloaded AdAware Free and ran a search, cleared out some tracking cookies, but that didn't stop the message.
Anyone have some info on this?
Thanks,
-The hopelessly illiterate
I got this one time as I was checking for some iso files for my psx emulator-
When I click it, this happens-
I downloaded AdAware Free and ran a search, cleared out some tracking cookies, but that didn't stop the message.
Anyone have some info on this?
Thanks,
-The hopelessly illiterate
VERY, GOOD
Re: Spyware issue.
Definitely not good. I'm not as technically proficient as Avwolf or other techie forumites, but it looks quite a bit like an infection I got several years back, in that it, a spyware/malware/infection, faked a Windows message to try and trick you into installing its own spyware-laden Anti-Spyware software. Nothing caught it and cured it except Spyware Sweeper; AVG, Adaware, Spybot: S&D, Norton, and just about every other software I could get didn't seem to catch it. (Subsequent infection was so bad that I had to blow out my hard drive and reinstall Windows.)
I'd say, keep throwing every good spyware, malware, and anti-virus sweeper you can get at it and see if you can find the root of it. You might get lucky and have something stick. Or, try seeing if you can Google the things it's attempting to install to see if anyone else has come across it. Because the genuine Windows warning about malware and spyware is definitely not worded like that.
Good luck.
EDIT:
Googling "WINI10~1.EXE" turns up quite a few threads on various tech help forums about similar issues. Here are a few: obviously, you follow their advice at your own risk. I just picked a few random links off the first page of results, so YMMV as to whether these work or not.
http://forums.techguy.org/malware-remov ... ite-x.html
http://www.cybertechhelp.com/forums/sho ... ?p=1042778
And yes, Av is right -- the warning and system tray icon are, in fact, malware pretending to be catching malware -- it's usually a scam to get you to buy their terrible software to fix a problem they put there in the first place.
I'd say, keep throwing every good spyware, malware, and anti-virus sweeper you can get at it and see if you can find the root of it. You might get lucky and have something stick. Or, try seeing if you can Google the things it's attempting to install to see if anyone else has come across it. Because the genuine Windows warning about malware and spyware is definitely not worded like that.
Good luck.
EDIT:
Googling "WINI10~1.EXE" turns up quite a few threads on various tech help forums about similar issues. Here are a few: obviously, you follow their advice at your own risk. I just picked a few random links off the first page of results, so YMMV as to whether these work or not.
http://forums.techguy.org/malware-remov ... ite-x.html
http://www.cybertechhelp.com/forums/sho ... ?p=1042778
And yes, Av is right -- the warning and system tray icon are, in fact, malware pretending to be catching malware -- it's usually a scam to get you to buy their terrible software to fix a problem they put there in the first place.
- avwolf
- Templar Inner Circle
- Posts: 7006
- Joined: Wed Jan 17, 2007 5:33 pm
- Location: Nebraska, USA
- Contact:
Re: Spyware issue.
Well, unless I miss my guess, that little icon itself's a bit of spyware/malware on its own. You've already run AdAware, you could also try Spybot: Search and Destroy. Those two tend to be the best anti-spyware utilities out there, and each will (or at least used to) catch a few things that the other might miss. Hit up your Windows Update too -- I see the icon's there, so you must not have run it lately, and since Patch Tuesday just hit, you'll get Microsoft's anti-malware tool running as well.
I'll leave trolling your startup programs to catch that bugger so it doesn't appear in the future (assuming you don't get it in one of the previous steps) until either after we've tried this or until one of the more ambitous forumites decides to have a go at it.
I'll leave trolling your startup programs to catch that bugger so it doesn't appear in the future (assuming you don't get it in one of the previous steps) until either after we've tried this or until one of the more ambitous forumites decides to have a go at it.
- KitWiz4687
- Merchant
- Posts: 194
- Joined: Wed Sep 17, 2008 3:27 am
Re: Spyware issue.
One point that people should realize by now....If a supposed 'System Message' contains poor Grammar or Spelling, don't interact with it at all and immediately disable your internet connection to prevent further downloads of malicious software until you can remove whatever is affecting your system.
- MeaCulpa, S.C.M.
- The Last Gunslinger
- Posts: 1021
- Joined: Thu May 19, 2005 12:12 pm
- Location: VERY, GOOD
Re: Spyware issue.
update- Downloaded Spybot. For some reason, everything will run except SpybotSD.exe.
Not sure why.
Not sure why.
VERY, GOOD
-
- Templar Inner Circle
- Posts: 5841
- Joined: Wed Apr 23, 2008 11:02 pm
- Location: United States
Re: Spyware issue.
Whenever my computer becomes hopelessly infected, I always go the route of HijackThis. I'm not sure what help it would be in your situation, but it's never failed me yet, and I've used it in about 15 different situations (not all on my computer, I assure you). That first link Kinuki gave should give you the information you need. It'll probably run you through safe mode, but in all, it'll only take about 20-30 minutes to fix.
If you need an antivirus, I would suggest running boh AVG and Avast Antivirus. They conflict with each other very minimally, compared with other programs. Might slow your computer down a bit while scanning, but that's what scheduled scans are there for. And, I have a personal vendetta against Norton for their (in my case) memory-hogging program, and terrible customer service.
"A Squared" is another decent one, but never on its own.
I'm being useless, so I'm outta here. Good luck.
If you need an antivirus, I would suggest running boh AVG and Avast Antivirus. They conflict with each other very minimally, compared with other programs. Might slow your computer down a bit while scanning, but that's what scheduled scans are there for. And, I have a personal vendetta against Norton for their (in my case) memory-hogging program, and terrible customer service.
"A Squared" is another decent one, but never on its own.
I'm being useless, so I'm outta here. Good luck.
- avwolf
- Templar Inner Circle
- Posts: 7006
- Joined: Wed Jan 17, 2007 5:33 pm
- Location: Nebraska, USA
- Contact:
Re: Spyware issue.
Your little icon friend there is blocking its execution. Pretty common for a malware writer, if they know a piece of software will catch their bug. They just make it so that you can't run the program.MeaCulpa, S.C.M. wrote:update- Downloaded Spybot. For some reason, everything will run except SpybotSD.exe.
Not sure why.
- KitWiz4687
- Merchant
- Posts: 194
- Joined: Wed Sep 17, 2008 3:27 am
Re: Spyware issue.
I could see about making a script that will kill any non-essential processes and then attempt to run SpyboySD.exe, I'll need to know the filepath to what opens the software though.
- Demus
- Templar
- Posts: 386
- Joined: Thu Jul 17, 2008 3:09 pm
- Location: My own little fortress...
- Contact:
Re: Spyware issue.
That looks awfully similar to the "XPSecurityCenter" problem I encountered a few months back. A real bugger for those who have only average experience on computers
"Install [malware] to remove this threat" "[fake number] new threats detected! Status critical!"
Is there a list of programs that keep me relatively safe wherever I wander off in the 'net? I don't think I've come across a complete (or up-to-date) list.
"Install [malware] to remove this threat" "[fake number] new threats detected! Status critical!"
Is there a list of programs that keep me relatively safe wherever I wander off in the 'net? I don't think I've come across a complete (or up-to-date) list.
The shapeshifting cliché!
-
- Templar Inner Circle
- Posts: 5841
- Joined: Wed Apr 23, 2008 11:02 pm
- Location: United States
Re: Spyware issue.
Avast is the best free one I have come across. About every programmer / computer mechanic I know uses it (they are, after all, cheap [censored] ).
Just an opinion. I wouldn't try just having any one, but experiment with combinations (carefully), as they can conflict easily.
Just an opinion. I wouldn't try just having any one, but experiment with combinations (carefully), as they can conflict easily.
- MeaCulpa, S.C.M.
- The Last Gunslinger
- Posts: 1021
- Joined: Thu May 19, 2005 12:12 pm
- Location: VERY, GOOD
Re: Spyware issue.
problem fixed. Checked SpyBot forums and found that a specific virus causes SpyBot to keep from running. Found said virus manually and deleted it from my computer.
Spybot runs like a charm and I no longer get OMG INFECTED messages.
Thanks to everyone who helped.
~(\/).(.
Spybot runs like a charm and I no longer get OMG INFECTED messages.
Thanks to everyone who helped.
~(\/).(.
VERY, GOOD
- avwolf
- Templar Inner Circle
- Posts: 7006
- Joined: Wed Jan 17, 2007 5:33 pm
- Location: Nebraska, USA
- Contact:
Re: Spyware issue.
Awesome. Great to hear.MeaCulpa, S.C.M. wrote:problem fixed. Checked SpyBot forums and found that a specific virus causes SpyBot to keep from running. Found said virus manually and deleted it from my computer.
Spybot runs like a charm and I no longer get OMG INFECTED messages.
Thanks to everyone who helped.
~(\/).(.
Re: Spyware issue.
In terms of software that protects you while browsing, I've found that Firefox and NoScript are excellent. If you really want to go further, checkout running your browser in a sandbox like sandboxie.Demus wrote:Is there a list of programs that keep me relatively safe wherever I wander off in the 'net? I don't think I've come across a complete (or up-to-date) list.
Personally, I don't use a sandbox unless I'm going to a known bad site. Even then, I'm more likely to use Ubuntu (a version of Linux) than use a sandbox. Ubuntu has a good installer known as Wubi that will install Ubuntu on your hard drive without blowing away Windows. Alternatively, use Ubuntu as a live cd, so no matter what nothing will happen to your computer (no changes are made to the hard drive, everything is lost when you reboot.)
As for actual programs like anti-viruses and the like, I personally use Avast, though I've set my brother and mother up with AVG, which is a bit more userfriendly than avast. If you're not scared of config menus, go with avast over AVG IMO. I also use Spybot S&D and Adaware Plus, but they don't run in the background - I run them every second week or so just to make sure nothing's happened. If you can only use one of them, go with Spybot S&D - Adaware has been going downhill compared to Spybot. A firewall is up to you - I bring my laptop to school and use the school's network, so I get more than a few viruses trying to spread over the network there, thus I found that a firewall is necessary. Usually, a firewall can't hurt, but it would be of limited use if you're behind a router (which usually has a hardware firewall integrated into it) and you don't have any other computers connecting to your network. Anyway, I use Comodo's Personal Firewall. Another free firewall that might work for you would be Zonealarm's Free Firewall. Not as customizable as Comodo's, but you might not need it anyway. (Comodo's firewall also comes with an integrated HIPS engine that I use, but is probably a bit overkill for most people.)
Above all, common sense is the most important thing to use. All the anti-virus/spyware/etc software in the world can't do anything to protect you if you run programs from an untrusted source despite all warnings. Similarly, I know some people have survived without anti-virus/spyware software simply because they only go to trustworthy sites (though that may be changing nowadays) and the like.
This isn't an exhaustive list (I'm sure there are numerous other programs out there that are more advanced/do other things), but I've found that the programs here are a good starting point for protection - I consider them a basic minimum. Good luck with you internet travels then.
y̸̶o͏͏ų̕ sh̡o̸̵u̶̕l̴d̵̡n̵͠'̵́͠t͜͢ ̀͜͝h̶̡àv̸e͡ ̛d̷̨͡o͏̀ne ̶͠͡t҉́h̕a̧͞t̨҉́.̵̧͞.͠͞.͟avwolf wrote:"No dating dog-girls, young man, your father is terribly allergic!"
- Demus
- Templar
- Posts: 386
- Joined: Thu Jul 17, 2008 3:09 pm
- Location: My own little fortress...
- Contact:
Re: Spyware issue.
Thanks. I already had NoScript and ZoneAlarm, but better to play safe, no?
I've been relying on Avira Antivir so far, but I keep hearing so much about Avast that I might even change..
I've been relying on Avira Antivir so far, but I keep hearing so much about Avast that I might even change..
The shapeshifting cliché!
Re: Spyware issue.
The fact that you already have NoScript makes you about 97% more protected than most people I know. (Random-ish number, but it's probably somewhere over 90%.) I'm serious. Example: The 2 attacks the forums had previously had no effect on those running NoScript.Demus wrote:Thanks. I already had NoScript and ZoneAlarm, but better to play safe, no?
I've been relying on Avira Antivir so far, but I keep hearing so much about Avast that I might even change..
And, yes, better to play it safe. (Not as safe as encasing your computer in concrete, dumping it into the Marina Trench, and sealing it shut with a nuke, thereby ensuring that no spyware/viruses will get onto it though. )
As for Avira Antivir, for what I've seen of it, it's OK. I think it comes down to what you like. Quite honestly, as long as you're careful, you could probably get away without having antivirus software.
For those who want to run 2 anti-viruses, make sure you turn the on-access scanning of one of them off, and only schedule scans or even only run scans manually, while letting the other do the on-access scan. Lower possibility of conflicts that way. It's not recommended, but if you want the 'extra' (dubious) protection, you can try it.
y̸̶o͏͏ų̕ sh̡o̸̵u̶̕l̴d̵̡n̵͠'̵́͠t͜͢ ̀͜͝h̶̡àv̸e͡ ̛d̷̨͡o͏̀ne ̶͠͡t҉́h̕a̧͞t̨҉́.̵̧͞.͠͞.͟avwolf wrote:"No dating dog-girls, young man, your father is terribly allergic!"