SPY AWAY and PERECT CLEANER

Closed Thread

  #1  
Old 03-03-08, 12:53 PM
Member
Thread Starter
Join Date: Jul 2005
Posts: 78
Received 0 Votes on 0 Posts
SPY AWAY and PERECT CLEANER

Got this on my PC, cannot ditch it. Does this stuff actually hack you for credit card info if you don't volunteer it? I ask because the day I discovered it on my machine, it was used the same day to buy FLOWERS in Illinois!!!! (NOT ME!)
 
Sponsored Links
  #2  
Old 03-03-08, 01:06 PM
core's Avatar
Member
Join Date: Jan 2007
Location: Des Moines, IA
Posts: 1,127
Received 0 Votes on 0 Posts
These have been out there for quite a while; any decent antivirus app should be able to remove it. Not that I have personally been hit with it yet. What have you tried so far?

I think the credit card usage was probably coincidental. Stolen credit card numbers are not usually used to buy flowers.

Although hey, it would be a nice touch if the thieves sent flowers to the credit card owner using that same card.
 
  #3  
Old 03-03-08, 03:26 PM
Banned. Rule And/Or Policy Violation
Join Date: Nov 2007
Posts: 504
Received 0 Votes on 0 Posts
Originally Posted by pasta View Post
Got this on my PC, cannot ditch it. Does this stuff actually hack you for credit card info if you don't volunteer it? I ask because the day I discovered it on my machine, it was used the same day to buy FLOWERS in Illinois!!!! (NOT ME!)
How was that possible? Did it use your CC info, or someone elses? How did it get on your PC in the first place? Something here doesn't make sense.
 
  #4  
Old 03-04-08, 01:00 AM
Member
Join Date: Aug 2004
Location: Vancouver, Canada
Posts: 1,210
Received 0 Votes on 0 Posts
Spy Away and Perfect Cleaner, brought to you by Pandora software - no kidding.

Google them, removal is tricky. If you have a lot of other malware and sketchy stuff, re-install Windows may be simpler option.

Any freeware & shareware I search "name + spyware" etc. before download, to check it isn't bundled with crap. Also some (like Spy Away) gets in by tricking users to click lookalike windows security popup - catch these by changing the windows scheme so fakes stand out.
 
  #5  
Old 03-05-08, 02:19 PM
Member
Thread Starter
Join Date: Jul 2005
Posts: 78
Received 0 Votes on 0 Posts
it's gone. don't know how. gone though.
 
  #6  
Old 03-06-08, 07:15 AM
Member
Thread Starter
Join Date: Jul 2005
Posts: 78
Received 0 Votes on 0 Posts
C:\Documents and Settings\All Users\Application Data\zqrarsps.dll

i get this on startup now
 
  #7  
Old 03-06-08, 11:03 AM
core's Avatar
Member
Join Date: Jan 2007
Location: Des Moines, IA
Posts: 1,127
Received 0 Votes on 0 Posts
You never said what antivirus programs you ran before in an attempt to fix this, if any.

You could have something nastier like Vundo, or the original stuff is probably still there. Spyware does not go away on its own.
 
  #8  
Old 03-06-08, 12:48 PM
Member
Thread Starter
Join Date: Jul 2005
Posts: 78
Received 0 Votes on 0 Posts
well, i run spy doctor and norton. also, i removed a bunch of crap off the machine.
 
  #9  
Old 03-06-08, 02:59 PM
Banned. Rule And/Or Policy Violation
Join Date: Nov 2007
Posts: 504
Received 0 Votes on 0 Posts
This should be a sticky:

Using just one virus scanner will not find everything. You need to run multiple virus and malware scanners to find them all.
Go to http://www.ubcd4win.com and download the ubcd4win file. It is an .iso image of a boot/tool CD. Burn the CD, boot with it, and run ALL the virus and malware scanners. You can do this with just the old (secondary) drive in the computer. Since the computer is booting off the CD, none of the normal OS files will be loaded into memory.

Also, get ccleaner at http://www.ccleaner.com and run it after you use ubcd4win.
 
Closed Thread

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Thread Tools
Search this Thread
 
Ask a Question
Question Title:
Description:
Your question will be posted in: