Spyware on Swearengens' computer......

[keisorsoze]

I'm writing this for him because he can't get into his IE. When he turns on the comp. this error message comes up saying something about "can't initialize rundll/crystalys media/". We downloaded microsoft anti-spyware, hijackthis and ran cclean. Microsoft anti-spyware finds it but will not delete it. The files that are in it are HKEY_REGISTRY. I have two questions, Can the HKEY_registry file that has the spyware be deleted? Also, his anti-virus has been out of date since 2002, can he download Norton Internet Security 2006 and solve the problem with that?

He gets a shit load of pop-ups because of this thing (with pop-up blocker on) and his brouser gets hijacked.

 

[imported_SuXoR]

You could try to manually remove it from the registry, but tricklers may put it back upon next reboot.

I have not seen that particular instance, but here is what I usually do:
1. search the web for a fix
2. if no fix is found download spybot search and destroy (1.4 is current version) I also use pest patrol and spysweeper-they seem to compliment one another pretty well
3. scan with the above programs
4. reboot
5. rescan

if that doesn't work
5. turn off system restore
6. reboot in safe mode
7. scan with antispyware apps
8. delete known bad files and registry entries
9. reboot and scan again

Spyware can be a royal bitch. Research is the best tool you have. Once you get rid of it run good antispyware apps to prevent future infiltrations.

Here - so he can access the web:

tell him to go start->run
http://www.mozilla.com/firefox/

that should get him to firefox download page before the malware has time to get him

from there download and install firefox

now he can use the web

 

[keisorsoze]

thank you Mr. Suxor, I will try that thursday.....

 

[Casualty]

ya that sucks, but sux made a good post, thats about all he can do except restore his comp or format which most people dont enjoy doing

on the other hand i reformat whenever anything happens, rather than have a antivirus running all the time. it sounds wierd but i dont ever get viruses or spyware, and if i do spybot and adaware take it out pretty quick

 

[Puppet]

I think Suxor's first idea was his best: go find it in the registry and delete it. It should be easy.

1) go to RUN and enter regedit in the box and click ok
2) On the left side of regedit click on "My computer" once
3) Hit control-F and enter crystallys as the keyword.
4) If you find one on the right hand side then click it and hit the delete key and answer yes.
5) Hit F3 for the next instance of it and keep deleting and hitting F3 until they are gone.
6) reboot

 

[keisorsoze]

Thanx for the help guys, we are actually doing it right now

 

[keisorsoze]

ok, so I followed bolth of your directions. When we went to regedit and typed crystalys a whole bunch came up to delete, he deleted them, but, one kept popping back up. That is where I left him until I can get up to his house on saturday. Is there a reason why it kept popping back up?

 

[imported_SuXoR]

tRICKLERS. THEY WILL KEEP IT COMING BACK. Dam caps lock.


Anyway, start->run->msconfig and see if there is a suspicious file running at startup. You can google the startup items to see if they are suspect. Also there is the registry key... bear with my memory...

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

look in all of these entries in the run categories to find suspicious entries.

Again, good net searching for the cure is your best bet. I am assuming that you have installed anti-spyware progs and have scanned in safe mode.

 

[Puppet]

And to add to that, be sure to check task manager on the processes tab for a process that has the same name and right click and kill it.

Bubba Sux, what do you do for a living, you talented little shitster?

 

[imported_SuXoR]

Right now I'm a project manager for an industrial contractor. I run jobs that deal with the construction and maintenance of cell sites. I also half ass perfom the IT duties. It's a small company with about 55 employees.

My education started in mechanical engineering, then structural engineering, and finally I got a BS in mathematics and computer science. Yeah, I switched majors alot. I grew up as a "jack of all trades" hick working on cars and construction projects. I worked construction as a laborer part-time through college. I also did several internships where I worked on everything (well, not everything) from mainframes to PCs. After school I did the temp agency thing working on PCs, but that became mundane and it didn't pay well. I ended up laboring full-time for my company until I got promoted to my current in-office position. Oh, I also build and repair PCs in my spare time.

So anyway, I know what I know because somewhere along the line I had a problem, researched it, and fixed it. The WWW is a wonderful thing.

Sorry for the life story, but you asked... kind of.

 

[Puppet]

No wonder you're such a smart ass with me, you really are smart.......ass. :lol: :shock:

Nice credentials. I have a degree in stat whoring. That's where I ridicule people who do it, mostly because I can't.

 

[keisorsoze]

Thank you ladies, I spoke to him this morning and he said everything seemed fine so far. Soooo, I think bolth of you girls should give Swearengen your paypal so he can donate for services rendered.....

 

[Puppet]

I'll give him a picture of my asshole and he can light candles in front of it and call it holy.