AAAAAARRRRRRRGGGGGGHHH! The spyware that won't die!!!!!

About a week and a half ago, my computer became infested with kazillions of spybugs. I ran lavasofts Adaware and Spybot. Both assured me that the spybugs had been cleaned out.

But upon starting my computer, I always close a few programs that run on start up and I noticed that some of the spybugs that were supposedly not there anymore were running on start up. So, of course, I ran Adaware and Spybot again. To no better result. x(

Then I began combing through all the files in my computer (Program Files, Windows <"do not modify these files on pain of screwing up your computer for life"> files, etc.) I was able to find most of the spyware and delete it. Such a lovely feeling to crush those little nasties into the recycle bin!!!! :evilgrin:

But, alas! I am unable to get rid of ISTbar.Slotch in the Registry Keys and Values file. I have gone in, reluctantly because I really don't want to screw up my programs and computer, and deleted the ~!@#$%^&*()_+* culprit registry keys and values.

And they pop right back up in the files immediately after I delete them. :grr: There seems to be NO killing the damned things.:banghead:

Do I have any other recourse, other than to totally reload Windows 98 (and all the bells and whistles programs and hardware I have added on? And if I do, is there any way that spyware can STILLL be there? :scared:

You could try their free 30-day trial to see if that works....

http://www.cyberscrub.com/download/index.php?n=side_navigation

I've used their program before and it's quite good.

It must work: the puter slowed down agian when I was opening your post.

I hope it works well for you. Good luck!

are offered at this site (found by googling ISTbar.Slotch):

http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453077916

In addition to your other programs, I use Webroot spysweeper with amazing results.

Checking it out.

it's actually easier to reload. I'm not famliiar with the one you describe, but I've recently worked with one called smitfraud that is just damn near impossible to remove.

http://www.geekstogo.com/ is good site for information about this kind of stuff.

not some socially-challenged teenager in his parent's basement hacking code.

I'm not ordinarily a big fan of the death penalty, but these motherfuckers need to die!

link fence. Then bring in a group of unruly middle schoolers with a large supply of rubber bands and unlimited amounts of paper.

Ever been hit with a paper hornet (or in my case with a rolled up wad of paper that was as big as a 357 magnum bullet)?

They hurt. These spyware designers and distributors would never go near a spyware program again. :evilgrin:

these assholes.

get HijackThis from www.download.com

Download it...then...place HiJackThis into a folder of its own.

Now, this program will remove things for you if you select them and tell the program to do so, but Don't Just Yet! Install and run the program, and use the Scan feature to generate a log file that you can then post at one of the tech support areas. A volunteer tech will review your log and post a reply containing instructions on removal of various items identified in the log that have hijacked or are otherwise interfering with your control of your PC.

Where to post the resulting log*:
http://www.spywareeliminator.com/forum/
(Registration and login required -- but it's free and they KNOW what're doing)

Read the FAQ, by all means...and Pay Attention to the many places where you are cautioned "Do Not Post Logs In This Forum!!!" They have a separate area in the forum called, appropriately enough, "Hijack This Posting" THAT'S where the logs should go...and ONLY There. Check back in a while (longer on holidays and weekends) until you see a response. You're not paying them, so be patient...someone WILL tell you what to do with the results of your log...and do ONLY what they say, observing any cautions they offer.

you can also try running the scans in safe mode without networking. I think you hold down F8 at startup to do that. I heard that can help kill self-spawning crap.

</macintosh user offering Windows help> Hijack This is a good start..

tonight.

It allowed me to remove a very persistent trojan with little trouble. I am no XP savant and it was very helpful.


http://www.spywareinfo.com/~merijn/downloads.html


Woof

Short of a complete wiped hard-drive, there is no way to be sure.

That can uninstall a lot of webhijackers which work exactly as you described: they reinstall as the OS is shutting down.

up all your data into one folder on the desktop. Then, run your anti-virus and *all* of your spyware/adware detection software you have on that folder. Then run it all over again! Make sure you have run on the folder *at least* 4 different pest removal software. Aside from Ad-Aware by Lavasoft, run the new Microsoft Antispyware, and get a thirty day trial download of Spysweeper by Webroot. Spybot is also good but just remember that in the settings to uncheck - I think in SBI (?) that Newnet is also unchecked.

Then backup that data. Format the whole drive - you night want to format it twice - and reload on the Windows. I realize it's a pain but it's the only way to get rid of it. As far as your updates for Windows 98 you should just re-download them after the fresh install. After that I can tell you how to make a *slipstream* disk so you won't have get those updates again!!

in *Safe Mode*!! It does a better job!!

make sure you clean out your *cookies* and *Temp* files!!

...if you're ever having trouble scrubbing your computer, download any updates to your scrub software and then physically disconnect your computer's internet connection before you actually run the scrubware. Reboot and verify that the processes you see starting are exactly the ones you want running. Run the scrubware again for paranoia's sake. Then you can reconnect your network (but don't run any network applications other than "ping"), wait five minutes, and rerun the scrubs yet again.

If you still have something that's trying to bring in nasties from elsewhere, you'll know about it soon enough. Since the scrubbers aren't catching it, you may need to try a network traffic analyzer like zonealarm to block it until you can get expert advice.

wrt ISTbar.Slotch, there are some specific directions for removal here:
http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453077916

Good Luck!

http://www.enigmasoftwaregroup.com