Working on a computer that set a new record for ad/spy/malware

[YeOldeStonecat]

Get a call from an old client, kid came home from college with computer "running slow"

His older sister who knows something about computers gave up working on it...and the mom called me.

So plug it in, boot up, 2 year old Dell Dimension 8200 with a P4, WinXPp. Yup...running painfully slow soon as desktop draws in.

Shortly after, desktop goes active, and VirginsLovers pages start launching everywhere. Tons of porn popups.

Look at Run in registry...wow, chock full of nuts.

Antivirus subscription expired over a year ago

Off to antivirus.com for quick online scan,
troj.revop.f
troj.winfavs.a
troj.agent.l
java.bytever.a
troj.mscache.a
bkdr.thunk.e
troj.agent.r
bkdr.jeemp.a
troj.golid.a
troj.small.ez
troj.small.eu
troj.banker.af
troj.startpag.eg
troj.small.li
troj.dyfuca.m
troj.agent.ea

Also caught eye of New.Net and Search Enhancement

Now for the crazy part.....go get AdWare, update it, and scan....

1,182 suckers found!!!

Oh boy is this one gonna be fun!

[mnosteele52]

LOL I know what you will be doing for the rest of the evening.

[mmione]

LOL. Good luck, I cleaned up my cousins computer, not as bad. Had 560 found in Ad-aware and 3 trojans. I hope all goes well.

[CableDude]

Amazing.

[YeOldeStonecat]

LOL I know what you will be doing for the rest of the evening.

Initially I just want to save a weeks time and format C.....but man...over a thousand problems from AdAware alone! Not to mention I haven't even run SpyBot, or Hijackthis, or any other AV app yet.

It's like a challenge I can't resist even though I'll be losing a lot of billable hours this week if I tinker with this thing.

And at least that one pr0n popup has some quality pics!

[mnosteele52]

I know what you mean, sometimes I like the challenge plus it's a learning experience, then other times it's easier just to Format C:\

[CableDude]

I'll be winders wasn't updated as well.

[Jstyr]

1,182 suckers found!!!

Oh boy is this one gonna be fun!

Damn!! I'm surprised you were even able to install and run Ad-aware with that much garbage.

You should just bill him for that job

[blebs]

I know what you mean, sometimes I like the challenge plus it's a learning experience, then other times it's easier just to Format C:\

Anymore with that many items, I don't consider it a challenge nor educational. I call that a migraine and frustration.

[mnosteele52]

Anymore with that many items, I don't consider it a challenge nor educational. I call that a migraine and frustration.

I've seen over 4,500 items with Ad-aware alone before.

When I have the time I don't mind sitting down and figuring out how to remove and fix things so that when I come across the same thing again I know exactly what to do. It's just that all of this spyware/malware evolves so much daily that it's hard to completely keep up with things, thank goodness for these forums.

[Debbie]

Get a call from an old client, kid came home from college with computer "running slow"

His older sister who knows something about computers gave up working on it...and the mom called me.

So plug it in, boot up, 2 year old Dell Dimension 8200 with a P4, WinXPp. Yup...running painfully slow soon as desktop draws in.

Shortly after, desktop goes active, and VirginsLovers pages start launching everywhere. Tons of porn popups.

Look at Run in registry...wow, chock full of nuts.

Antivirus subscription expired over a year ago

Off to antivirus.com for quick online scan,
troj.revop.f
troj.winfavs.a
troj.agent.l
java.bytever.a
troj.mscache.a
bkdr.thunk.e
troj.agent.r
bkdr.jeemp.a
troj.golid.a
troj.small.ez
troj.small.eu
troj.banker.af
troj.startpag.eg
troj.small.li
troj.dyfuca.m
troj.agent.ea

Also caught eye of New.Net and Search Enhancement

Now for the crazy part.....go get AdWare, update it, and scan....

1,182 suckers found!!!

Oh boy is this one gonna be fun!

Yep. I sent my sis the links for spybot and adaware. She had one of those fake spyware proggys.

The day before yesterday, she ended up with a sasser worm. She managed to get the removal tool and get rid of it. I told her I would do some serious maintenance on her system this weekend.

[Shinobi]

YOSC:

Oh boy is this one gonna be fun!

Once my Dad wanted my help in building a sheet metal type shed out in the backyard. This kit had over a 1000 pieces to it,
and it was late afternoon, and almost raining.

He read the first line of the instructions.
"Start early in the day...."

After 10 years later, I've used that saying, to many people... and even myself... in regards to any computer troubleshooting / fixing.

"Start early in the day" YOSC.

Be Happy Today,
Shinobi - Currently in CT.

[W_I_Z_K_I_D]

Man how many times do people have to say it , those porn sites are filled with spyware , trogans , worms , bad coockies and mutch mutch more.
Any SECURITY CONSIOUS PERSON would know to stay clear of them.
Im a man , i know its hard LOL but think of the safety and respect for your PC

[greEd]

Man how many times do people have to say it , those porn sites are filled with spyware , trogans , worms , bad coockies and mutch mutch more.
Any SECURITY CONSIOUS PERSON would know to stay clear of them.
Im a man , i know its hard LOL but think of the safety and respect for your PC

There are safe/spyware free places to get free pr0n from ... thank god

[W_I_Z_K_I_D]

There are safe/spyware free places to get free pr0n from ... thank god

LoL greEd...Show me the way pal..~
Not litrally ofcoarse..LoL

[mmione]

Why dont you just get Pest Patrol and set Memory Check and COokiePatrol on and that should keep you safe :P

[AMPLIFRIER]

Get a call from an old client, kid came home from college with computer "running slow"

His older sister who knows something about computers gave up working on it...and the mom called me.

So plug it in, boot up, 2 year old Dell Dimension 8200 with a P4, WinXPp. Yup...running painfully slow soon as desktop draws in.

Shortly after, desktop goes active, and VirginsLovers pages start launching everywhere. Tons of porn popups.

Look at Run in registry...wow, chock full of nuts.

Antivirus subscription expired over a year ago

Off to antivirus.com for quick online scan,
troj.revop.f
troj.winfavs.a
troj.agent.l
java.bytever.a
troj.mscache.a
bkdr.thunk.e
troj.agent.r
bkdr.jeemp.a
troj.golid.a
troj.small.ez
troj.small.eu
troj.banker.af
troj.startpag.eg
troj.small.li
troj.dyfuca.m
troj.agent.ea

Also caught eye of New.Net and Search Enhancement

Now for the crazy part.....go get AdWare, update it, and scan....

1,182 suckers found!!!

Oh boy is this one gonna be fun!

the guy i work with had a macine come in yesterday that had 2200 objects found in adaware.

untill then the worst one i had seen had like 1200 as well.



AMP

[Sava700]

8months ago.. Adaware check on moms new computer over 1500.. she couldn't get into her Email from the ISP she said it kept sticking at 1% (on 56k) also. I log in at home and download over 2400emails with various virus and crap to go along with it.. I spent 3 hours cleaning that computer. I then wrote down detailed instructions on what to run on a daily bases or at least once a week. Iput alot of stuff on auto update and run to save time.
But as these numbers are impressive others I'm sure will beat that out

[Roody]

800+ has been the most I found on one machine at my new job..needless to say it took awhile to get cleaned up.

[rcnoweis]

Wow. How many spyware instances were Porn related?
nevermind, I already know

Has anyone figured out why Spy-Bot is free.
Come on, I am a nice guy too but Pete, you gots to draw the line
somewhere? You could have built the Spy Bot Mansion with spy gadgets and stuff.

Ok I am tired that was bad

[mnosteele52]

Just finished one that had almost 2,600 files infected with all the variants of the Netsky virus along with 4 other trojans and well over 1,500 pieces of spyware. The pc wouldn't even boot into XP, I had to remove the hard drive and put it in my pc (I have a slot in the front for this) to scan it just to get it to boot.

It was the worst I've seen, but it runs like a champ now.

[YeOldeStonecat]

Yeah NetSky has to be one of the most prolific viruses I've seen...that sucker went through the entire alphabet in its varieties.

Cleaned this machine up by the 2nd day. Hopefully they'll listen to my advice, get the kid a router when he goes back to the college dorm next year. Kids who plug into most college networks without a firewall are just asking for trouble. Plugging into a college network without antivirus, or in this case long outdated antivirus, plus zero windows updates...LOL.

The guy who lives next door to me is director of IT for a big college in my area. All students are now given antivirus, since they bought a site license for Symantec Corp Edition. The routers will not let the kids out to access the intranet/internet without passing the check for having this installed, and updated.

[Roody]

Smart move by the Director of I.T. that is for sure.

[CableDude]

Smart move by the Director of I.T. that is for sure.