Results 1 to 6 of 6

Thread: Slight spy ware problem. v.v

  1. #1
    Dant da da dan. No?

    Status
    Offline
    Join Date
    Nov 2006
    Location
    Alaska
    Posts
    1,317
    Rep Power
    0

    Slight spy ware problem. v.v

    My comp has been under alot of virus attacks lately. it's finally got through or unless i visited alot of spyware infested sites. <.<

    first symtom new spy ware blockers


    2. i can't access the task manager.


    Bugs bunny-What i'm trying to say is.....WE NEED YOUR HELP!!!

    I've tried "the spyware killer" a CD that i got to remove spy ware and i've tried it three times. didn't work.

    RevRun-Gods gift to u is ur talent.. what u do with it is ur gift 2 him... REAL TALK



  2. #2
    Dant da da dan. No?

    Status
    Offline
    Join Date
    Nov 2006
    Location
    Alaska
    Posts
    1,317
    Rep Power
    0

    Re: Slight spy ware problem. v.v

    think i found my problem.
    F-Secure Malware Information Pages: Trojan-Spy:W32/Small.BSL

    [Summary] | [Detailed Description]


    Name : Trojan-Spy:W32/Small.BSL
    Alias: Trojan-Spy.Win32.Small.bsl
    Type: Trojan-Spy
    Category: Malware
    Platform: W32
    Radar




    Summary
    Trojan-Spy applications are usually standalone programs that allow malicious individuals to monitor activity on infected computers.

    Trojan-Spy:Win32.Small.BSL installs a component designed to steal installed certificates.
    Back to the Top



    Detailed Description
    Creates the following registry entries:


    HKEY_CLASSES_ROOT\CLSID\{BD942DA7-96C8-4342-84C6-E2BCFE69FE11}\InprocServer32
    (Default) = "C:\WINDOWS\system32\acrobat.dll"
    ThreadingModel = "Apartment"
    (Using the name, Adobe Acrobat ActiveX Control)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
    \Explorer\Browser Helper Objects\{BD942DA7-96C8-4342-84C6-E2BCFE69FE11}
    NoExplorer = 0x00000001 (1)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    Adobe Acrobat ActiveX Control = "Rundll32 acrobat.dll,AInit"

    It attempts to create the following registry entry:


    HKEY_LOCAL_MACHINE\Software\Acrobat\
    "1" = "124.217.251.118"
    "2" = 0x00000050 (80)
    "3" = /NNN/parse.php

    It then drops a file into the following folder:


    %windir%\system32\

    The dropped file is called acrobat.dll and is 51712 bytes in size.

    The malware sets acrobat.dll with a hidden file attribute and changes its date properties to the current system time.

    Small.BSL then displays the following fake/decoy dialog message:



    When the dialog box is closed the malware will search for and terminate all running Internet Explorer processes. After this, it will launch Internet Explorer as a hidden process which has the malicious component attached.

    This malicious component acts like a Browser Helper Object (BHO).

    After the user has started Internet Explorer the malware will attempt to communicate with a server located at the following URL:


    http://124.217.[REMOVED]/NNN/parse.php

    The BHO has the following functionality:


    Steals installed certificates
    Deletes user cookie files
    Updates itself
    Deletes files from C:\Documents and Settings
    \%username%\Application Data\Macromedia\Flash Player\
    Updates registry information
    deleted it from the add/remove program. sll have a problem though.

    RevRun-Gods gift to u is ur talent.. what u do with it is ur gift 2 him... REAL TALK



  3. #3
    Your mom's boyfriend
    Jayman's Avatar

    Status
    Offline
    Join Date
    Apr 2005
    Location
    Michigan
    Posts
    6,954
    Rep Power
    2820
      Country                    us=United States

    Re: Slight spy ware problem. v.v

    You should stop looking at porn sites.

  4. #4
    Dant da da dan. No?

    Status
    Offline
    Join Date
    Nov 2006
    Location
    Alaska
    Posts
    1,317
    Rep Power
    0

    Re: Slight spy ware problem. v.v

    i wasn't looking at one the time.....
    i havn't downloaded anything the sites asked me to. <.<

    in my defence, Jayman is the hacker who knows my passwords. <.<

    RevRun-Gods gift to u is ur talent.. what u do with it is ur gift 2 him... REAL TALK



  5. #5
    Dant da da dan. No?

    Status
    Offline
    Join Date
    Nov 2006
    Location
    Alaska
    Posts
    1,317
    Rep Power
    0

    Re: Slight spy ware problem. v.v

    so it was a virus. i'm with out photoshop and everything that was on the computer. had to erase everything and start from square one. this is how bad it got. there's not even a sound device for the speakers anymore. v.v


    sorry for the bluryness. i couldn't keep my hands steady for a good picture.

    RevRun-Gods gift to u is ur talent.. what u do with it is ur gift 2 him... REAL TALK



  6. #6
    Vengeance With a Smile

    Status
    Offline
    Join Date
    May 2006
    Location
    Minnesota
    Posts
    10,907
    Rep Power
    2756
      Country                    us=United States

    Re: Slight spy ware problem. v.v

    Ask Felix imo...or SS.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •