spyware.aprapose.c
Moderator: ericjon262
-
p8ntman442
- cant get enough of this site!
- Posts: 3289
- Joined: Wed Mar 30, 2005 2:37 pm
spyware.aprapose.c
ok, I got this and cant get rid of it. Norton keeps detecting it and wont remove it, and I cant boot in safe mode because of it. Help.
"I wanna make a porno starring us. Well, not just us, also these two foreign bitches."
-
jstillwell
- Posts: 288
- Joined: Thu Dec 01, 2005 2:43 pm
- Location: Salinas, California
- Contact:
I got my laptop a while ago and I asked them about good programs for antispyware and they gave me this one, Has been doing a good job for me
http://www.bulletproofsoft.com/
http://www.bulletproofsoft.com/
I probably don't have a snowballs chance in hell of communicating this clearly, but the latest rage in spyware is to have your exe install itself as a browser helper object. Whenever you fire up IE, the BHO initializes and runs code to reinstall itself elsewhere.
How do you find it?
There's no easy way. What you want to do is look at the subkeys at this location in your registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
You'll see 2 or 3 very long entries (called GUIDs). These are the 'behind the scenes' way your OS locates a file on your drive.
What you want to do is write down those GUIDs and then search the registry for each one. You'll eventually come to an key that matches one of the BHO guids.
One of subkeys of the matching entry will contain a file path. Usually something along the lines of C:\windows\system32\somename.dll.
That's where the manual work comes in. You need to look at each file. The time and date are a pretty good indicator. A good way to tell if it's legit is run it through google and see if it comes up with alot of spyware hits. If you want to post your list here I'll take a look and tell you.
Enjoy the world of manual malware cleaning. I do it every day!
-Fatz
How do you find it?
There's no easy way. What you want to do is look at the subkeys at this location in your registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
You'll see 2 or 3 very long entries (called GUIDs). These are the 'behind the scenes' way your OS locates a file on your drive.
What you want to do is write down those GUIDs and then search the registry for each one. You'll eventually come to an key that matches one of the BHO guids.
One of subkeys of the matching entry will contain a file path. Usually something along the lines of C:\windows\system32\somename.dll.
That's where the manual work comes in. You need to look at each file. The time and date are a pretty good indicator. A good way to tell if it's legit is run it through google and see if it comes up with alot of spyware hits. If you want to post your list here I'll take a look and tell you.
Enjoy the world of manual malware cleaning. I do it every day!
-Fatz
-
p8ntman442
- cant get enough of this site!
- Posts: 3289
- Joined: Wed Mar 30, 2005 2:37 pm
fatz I understood that all, just cant trace the damn thing. Norton detects mf3bjmon.exe repeatedly yet will not remove it. This articular spware creates random names and has also created ace.dll on my system, I just cant find them in the registery, and I know that deleting stuff from there isnt the best thing when you dont know what your doing.
"I wanna make a porno starring us. Well, not just us, also these two foreign bitches."