I got this fuking spyware program trying to install itself on my computer and it has taken over my desktop wallpaper and I cant remove the wallpaper now?
I deleted 2 separate programs already but there must be another one?
here is a screen shot. I dont see anything odd running in the processes
http://www.ls1gto.com/forums/attachment.php?attach mentid=26950&stc=1&d=1136929102

These dam things can be anywhere. You must run several spyware programs many times to clean your system.
Ad-aware
Microsoft Beta Spyware
Spysweeper
search and destroy
Go to Komando.com to get most if not all of these for free.
I am also running epest which I get free from Roadrunner. Trust me, you'll
need several programs to be sure your clean. Hope this helps.

well its a spyware program that is installing itself trying to tell me I have spyware and I know I dont......

well its a spyware program that is installing itself trying to tell me I have spyware and I know I dont......

Well that program that's doing that is spyware. You need to find the right spyware remover. It can be very frustrating to track it down, but keep trying
various programs. One of them will find it and send that little fuker to the moon!

Here are a couple more free spyware apps to try:

Adaware :

http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10045910.html?part=dl-ad-aware&subj=dl&tag=top5

Spybot Search and Destroy:

http://www.safer-networking.org/en/download/index.html

I find these to be among the best, and recommend them to all my clients.

Don't forget to update the definition files before running the scan. I think that Adaware does it automatically the first time, but I am not sure. Once you get your system cleaned, you should then run the scans once a week.

Regards,

Gary

hahahahaha

I think it might be something called smitfraud. Had something similar happen to my computer. Try this link, it worked for me:
http://www.bleepingcomputer.com/forums/How_to_remo ve_the_Smitfraud_Quicknavigate_VirtualMaid-t17258.html

hahahahaha
:fawkdance

http://i30.photobucket.com/albums/c329/drowssapma/ DBowned.jpg

I use Panda antivirus which does a spyware check also. It found stuff that Norton and MacAfee couldnt. You can download a free 30 day version of it at DOWNLOADS.com I think. Or do a serach for Panda Anti-virus and see what comes up.

Dblue, I had the same thing. If you are running XP boot off of the boot disk, an option will come up that will ask you if you want to replace the corrupted files, click yes, and it should fix itself.

I use Panda antivirus which does a spyware check also. It found stuff that Norton and MacAfee couldnt. You can download a free 30 day version of it at DOWNLOADS.com I think. Or do a serach for Panda Anti-virus and see what comes up.

Not to mention Norton and MacAfee are pigs and take up a ton of resources. Not to mention all the problems they can cause with some applications.

I just fixed a friend's computer that had this. Woudn't even let her use IE, so I had to get creative.
1) Download Spybot (http://www.safer-networking.org) onto a USB thumbdrive from an uninfected PC.
2) Press F8 on boot to start Windows in safe mode.
3) Uninstall the program (should be called Spy Sheriff)
4) Run a complete virus scan
5) Reboot. If the program is not gone, reboot back into safe mode, install Spybot from your thumb drive and fix all problems.
6) If the program is gone, then Install and run Spybot, fix all problems.

If that doesn't work, try this link. (http://www.bleepingcomputer.com/forums/How_to_rem ove_SpySheriff_Winstallexe_Spysheriffexe-t22402.html)

Ad-Aware-SE-Personal-Edition form download.com I have also found to work best

Hey that looks a little like a program called SpyAxe, Spytracker and a bunch of other little niceties.
Like others have said - Adaware, Spybot, www.trendmicro.com (try their free virus\adware scan).
I've had a nice battle with SpyAxe on my friends computer. It was so entrenched it was the hardest program to get rid of. I was able to rip most of its guts but some how even after searching on the internet for other advice on the specific spywar i was able to get rid of all of the functioning parts except the annoying pop up where the clock was. But i was able to disable the icon.

Advice go into safe mode when you computer starts to load, hit F8.
It will ask you if you want to be in safe mode, like you some how held the F8 button without knowing it. This should prevent the spyware programs from running at all (not always true). Run all of the Ad-Aware and Spybot programs. If you picked safe mode with network support then you can run the Trendmicro.com virus scan (it now works in either Firefox (any java based browser or MS IE 6.0). Good luck.

I just fixed a friend's computer that had this. Woudn't even let her use IE, so I had to get creative.
1) Download Spybot (http://www.safer-networking.org) onto a USB thumbdrive from an uninfected PC.
2) Press F8 on boot to start Windows in safe mode.
3) Uninstall the program (should be called Spy Sheriff)
4) Run a complete virus scan
5) Reboot. If the program is not gone, reboot back into safe mode, install Spybot from your thumb drive and fix all problems.
6) If the program is gone, then Install and run Spybot, fix all problems.

If that doesn't work, try this link. (http://www.bleepingcomputer.com/forums/How_to_rem ove_SpySheriff_Winstallexe_Spysheriffexe-t22402.html)
Spy sheriff huh, i really am starting to hate these bullshit programmers ****ing with shit. I think we should start killing them.:The_Villa Might lessen crap like this.

Symantec Antivirus, ZoneAlarm, and Microsoft Spyware program work great for me, I am always clean :).

Spy sheriff huh, i really am starting to hate these bullshit programmers ****ing with shit. I think we should start killing them.:The_Villa Might lessen crap like this.

I'm a programmer...but I don't do things like that.

DB, that's a bad one. It killed my laptop. Got on it somehow through a hotel high-speed access.

Alas, I can't remember the name right now - Google on the name of whatever anti-spyware program it's trying to sell you, that should be it. Removal involved editing the Registry, a bunch of start up programs, multiple reboots in SafeMode, and so on. It hijacks Windows Media Player, Explorer, all sorts of stuff.

I ended up reformatting and reinstalling WinXP and restoring from a back up.

Save what data you can now.

Padre

razespyware is the name

I ran spybot and it cleaned everything including spysherriff......allowed me to change my desktop back to a plain black screen, so I think I am good to go then
BOOM its back only RED this time.......MOTHERFUKER!!!!!!

Formatting takes all the fun out of riping your hair out of your head just to fight the stupid adware programs. Although its the faster way. But i see datatree on DB's pc and that means you work on this PC. :slap: Hope you back up everything.

BOOM its back only RED this time.......MOTHERFUKER!!!!!!
hahahahahahaha

:gr_jest:

razespyware is the name

I ran spybot and it cleaned everything including spysherriff......allowed me to change my desktop back to a plain black screen, so I think I am good to go then
BOOM its back only RED this time.......MOTHERFUKER!!!!!!
Download this Zone Alarm Free Firewall (http://www.zonelabs.com/store/content/catalog/pro ducts/sku_list_za.jsp;jsessionid=DEsCquBp6m2lYyd2D ipQlJ9fFE9g62F0TfArVAtcIKmLaI4bCldy!1315392515!-1062696903!7551!7552!NONE?dc=12bms&ctry=US&lang=en&lid=dbtopnav_zass)
With this software it will allow you to decide which programs have access to the internet or not. It will also prevent any program from downloading anything at all so you will need to run each program you wish to use and allow access either permenantly or temporarily. Its easy to use once you get used to it.

:bewarespa
http://www.ls1gto.com/forums/attachment.php?attach mentid=26985&stc=1&d=1136946434

Download this Zone Alarm Free Firewall (http://www.zonelabs.com/store/content/catalog/pro ducts/sku_list_za.jsp;jsessionid=DEsCquBp6m2lYyd2D ipQlJ9fFE9g62F0TfArVAtcIKmLaI4bCldy!1315392515!-1062696903!7551!7552!NONE?dc=12bms&ctry=US&lang=en&lid=dbtopnav_zass)
With this software it will allow you to decide which programs have access to the internet or not. It will also prevent any program from downloading anything at all so you will need to run each program you wish to use and allow access either permenantly or temporarily. Its easy to use once you get used to it.
i used to have that but since ......I never have had any problems i didnt save it...now this piece of shit keeps launching itself and pretending to be a windows component.

I find this program in the processes
mswin32b.exe
locate it in windows/system32 and delted it.......amazingly it finds its way back in there

I run msconfig all the time and deselect this stupid shit from starting up but this thing is not listed in there........

Formatting takes all the fun out of riping your hair out of your head just to fight the stupid adware programs. Although its the faster way. But i see datatree on DB's pc and that means you work on this PC. :slap: Hope you back up everything.
yeah this is my main work puter

Dell XPS
2gig ram
160gig hd
XP pro
$4000 when I bought it couple years ago

all the bells and whistles

i cant afford for it to be fuked up

hahahahahahaha

:gr_jest:
:madsign3: suck it bursty:fawkdance

Try some of these links as they have already gone through the same thing...

http://www.dslreports.com/forum/remark,13413938

http://www.annoyances.org/exec/forum/winxp/1132492 244

This next one is step by step on how to eliminate RazeSpyware...
http://www.help2go.com/Tutorials/Protect_Your_PC/R azeSpyware_Removal_%3A_A_How-To.html

I'll keep adding to this post.
Whats really interesting is that all of these programs all fall back to the SpyAxe program which i noted before because it looked so similar. For the most part they don't appear to do anything other then annoy the shit out of you. They may also spam your contacts if you have an e-mail client, but i haven't found anything conclusive. Another reason to have a software firewall. I've stopped many viruses and adware programs just by eliminating their internet connection.

try using regseeker to eliminate the startup programs in question . http://www.hoverdesk.net/freeware.htm

then use its find in registry app to delete all references to razespyware in the reg .

next reboot and run the clean registry app in the program / regseeker

try using regseeker to eliminate the startup programs in question . http://www.hoverdesk.net/freeware.htm

then use its find in registry app to delete all references to razespyware in the reg .

next reboot and run the clean registry app in the program / regseeker
And be sure to backup the registry just incase you F* something up. I use Microsoft Antispyware, AVG Antivirus, and Sygate personal firewall(much better than Zone Alarm). The best thing is, they are all free and work just as good as any other program out there. I never have any problems. Sygate lets you monitor how much bandwidth each process is taking. You can also see total upsteam and downstream in real time and it keeps a running total for each process.

If you want to see if Microsoft antispyware works, go download kazaa and try to install it. You will laugh you ass off at the number of things that pop up.

well I ran spybot, ewido anit malware and hijack this all in safe mode, and thought everything was ok........
BUT THIS BITCH IS STILL HERE.

I have figured out the program launching this is mswinb32.exe which ewido says is spyware however after I delete it somehow it comes back......and I deleted it in safe mode but somehow it still comes back

FUKING COMPUTER!!!!!!!!!!!!

http://img203.imageshack.us/img203/2485/appleicon6 kq.gif > http://i30.photobucket.com/albums/c329/drowssapma/ DBowned.jpg

That sounds like a bitch man, I always just use hijack this on all the office computers and that usually works. Shitty....

I've had good luck with the scan at trendmicro.com. Good luck.

DB the program may be a root installed application which is why you can't get rid of it even though it is completely deleted from your viewable space. Its really just dumped somewhere on your hard drive where the Computer can't see it, but it know to copy itself when the computer starts up.

www.sysinternals.com/utilities/rootkitrevealer.htm l

or

www.f-secure.com/is/ (this one has a rootkit tool within it)

Try these although do not that many cases of root kits require the formating of the drive. You can thank Sony for making this a more popular method.

http://img203.imageshack.us/img203/2485/appleicon6 kq.gif > http://i30.photobucket.com/albums/c329/drowssapma/ DBowned.jpg
I could infect your computer in 1 minute whether it be Apple, Linux (any build), Windows based. OS/2 or any other operating system. Most spyware on computers is the result of people opening things from e-mail attachments. If you have a router before your internet connection then you are protected from 99% of the viruses in the world. Any computer connected directly to the internet is suseptable to viruses and will eventually get comprimised if you do not update it and keep ahead of the action with a software firewall. Don't fool yourself thinking apple is the end all to virus protection. They're market share is so small that making money on hijacking apple computers will give them less chance of making money. Apple will really come into the market when the Intel based systems are all up and running. They are going to make themselves and even bigger target.

All of the above may work but here may be another option. If the operating system is 2000 or XP, run system restore and select a point prior to the day you received the offending application. Once cleared create another point and label as working.

The option is under system tools. If you need futher direction... pm.

I deleted all this piece of shit spy stuff from the registry...........HOW THE FUK CAN IT COME BACK!!!!!!!!!!

Ever Seen A $4000 Puter Get Shot By A Gun...........:rant: :rant: :rant: :judge: :banghead:

Ever Seen A $4000 Puter Get Shot By A Gun...........:rant: :rant: :rant: :judge: :banghead:

You ain't got the balls to do that!! ;) Wait!! I'm just kidding!!!

I deleted all this piece of shit spy stuff from the registry...........HOW THE FUK CAN IT COME BACK!!!!!!!!!!

in the immortal words of Bursty.....

hahahahaha

Ever Seen A $4000 Puter Get Shot By A Gun...........:rant: :rant: :rant: :judge: :banghead:

Yes I have! :bomb:

http://padrenet.com/hlink/smilies/haha.jpg

I seem to remember you bragging in a thread a while back about how you weren't worried about all that stuf...

Seriously. When mine got blown up by malware, I redid my whole system with nothing but freeware. Go to Sarge's site for a good start, www.sgtgeek.com (http://www.sgtgeek.com) .

First thing though is a Firewall like Sygate that warns you when someone's trying to access the net. You'd be surprised how much Microsoft stuff regularly checks the net without telling you - and the malware hijacks that.

Use Mozilla for browsing, Mozilla Thunderbird for e-mail, Mailwasher, Open Office, IrfanView, Sygate, AntiVir, any media player other than Real, QT, or Windows Media. Then install the various protections, Ad Aware, Spybot, all that. Keep a good eye on your startup files and registry. Regularly use a system wiper (kills cookies and temp files) and I really like Zilla Data Nuker.

All of it free, but more importantly, will protect you from 99.9999% of the stuff out there (because most of the programs are not targets of hackers). But it won't protect you from being dumb, like opening attachments (which is why I use Mailwasher to look at it and delete it from the server before ever downloading it to my computer).

I can send you an old freeware version of Mailwasher (the new ones are restricted).

Also, if as someone suggested, the virus is hiding somewhere in space your computer can't see, then download Zilla Data Nuker and have it wipe your freespace. http://www.zillasoft.ws/

Good luck, Padre

the cure-all? Sing this with me.....

Fdisk, format, re-install...do da, do da.

well lets see, attacked it all again in safe mode
Used
Smitrem
Ewido anti mal
Regseeker
spybot

deleted all the raze piece of shit references and some more stuff

reboot MOTHERFULKER!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!

This next one is step by step on how to eliminate RazeSpyware...
http://www.help2go.com/Tutorials/Protect_Your_PC/R azeSpyware_Removal_%3A_A_How-To.html

did this and it didnt work?

Gotta love AnyDVD, great program :thumbs:

did this and it didnt work?
Did you try the rootkit removal/detection software. System restore only fixes XP based system files within XP, plus it was only available in Windows ME and XP, Windows 2000 Pro has no feature like that. System restore will never touch the rootkit software if it is indeed that type as it will write to the drive before windows ever starts. It basically changes things before windows has a chance to start up so when you delete stuff, it will check when the computer restarts and just copy itself again.

Rootkit software does not reside in a place where Windows will ever notice it. Only a program that is specifically looking for it will it find it. Thats why Sony got into such trouble with the Digital Rights Managment software that installed automatically when you placed a CD of theirs in your computer.

I can make a computer almost fullproof from viruses\Spam and almost everything else out there, although i don't know if rootkit software would affect this. If interested keep reading, for the most part your computer will never be affected by almost anything its nothing new and many Network Admins use the software too, but you will lose some use of it too.

The program that will do this is called DeepFreeze. http://www.faronics.com/index.asp
Basically your computer is new everytime you start it up. The idea is you setup your system exactly the way you like it. Run DeepFreeze and it makes a copy of everything down to the last drop to a hidden sector on your drive. When you start your computer deepfreeze checks to make sure its exactly the same as the frozen image if not i copies over it. The bad thing is you can't save anything to your computer. You will have to save everything to USB keys and CD\DVD's. But it will eliminate almost everything from affecting you and make a mission critical system very safe.

Did you try the rootkit removal/detection software. System restore only fixes XP based system files within XP, plus it was only available in Windows ME and XP, Windows 2000 Pro has no feature like that. System restore will never touch the rootkit software if it is indeed that type as it will write to the drive before windows ever starts. It basically changes things before windows has a chance to start up so when you delete stuff, it will check when the computer restarts and just copy itself again.

Rootkit software does not reside in a place where Windows will ever notice it. Only a program that is specifically looking for it will it find it. Thats why Sony got into such trouble with the Digital Rights Managment software that installed automatically when you placed a CD of theirs in your computer.

I can make a computer almost fullproof from viruses\Spam and almost everything else out there, although i don't know if rootkit software would affect this. If interested keep reading, for the most part your computer will never be affected by almost anything its nothing new and many Network Admins use the software too, but you will lose some use of it too.

The program that will do this is called DeepFreeze. http://www.faronics.com/index.asp
Basically your computer is new everytime you start it up. The idea is you setup your system exactly the way you like it. Run DeepFreeze and it makes a copy of everything down to the last drop to a hidden sector on your drive. When you start your computer deepfreeze checks to make sure its exactly the same as the frozen image if not i copies over it. The bad thing is you can't save anything to your computer. You will have to save everything to USB keys and CD\DVD's. But it will eliminate almost everything from affecting you and make a mission critical system very safe.


I just ran that rootkit but what do I do now? it shows discrepancies.....only like one registry item......

ever come with a solution? I had the same problem on my old pc. I had to completely reinstall windows.