M
ms
I normally find maybe 1-2 suspicious files in running Adaware or Spybot.
Yesterday, I downloaded several screensavers from a link in the FWT post. I ran
each exe only to the point I saw the install screen, cancelled the install, (never
installed). I emailed the author, he sent me several *.scr files, I ran them.
Shortly after that, strange things started happening on my hard drive. I ran
Adaware, found 154 objects, quarentined them. Ran Spybot, found 3 objects, deleted
them. Still had a strange dll file popping up in my Download folder, finally ran
scanreg/restore (thanks Karen) and loaded a registry from 2 days ago. Things are
back to normal, except a certain loading delay issue is now even worse.
I looked at the other files I downloaded yesterday, they were from Pablo VanMeer
and NirSoft, both sites I trust. So I ran one of the screensavers again, ran
Adaware, got 3 dataminer objects, so it was the new screensaver.
Finally, the question: How was the adware installed?
I killed the install sequence before it happened, so the adware was part of the
scr executable files themselves?
Mike Sa
Yesterday, I downloaded several screensavers from a link in the FWT post. I ran
each exe only to the point I saw the install screen, cancelled the install, (never
installed). I emailed the author, he sent me several *.scr files, I ran them.
Shortly after that, strange things started happening on my hard drive. I ran
Adaware, found 154 objects, quarentined them. Ran Spybot, found 3 objects, deleted
them. Still had a strange dll file popping up in my Download folder, finally ran
scanreg/restore (thanks Karen) and loaded a registry from 2 days ago. Things are
back to normal, except a certain loading delay issue is now even worse.
I looked at the other files I downloaded yesterday, they were from Pablo VanMeer
and NirSoft, both sites I trust. So I ran one of the screensavers again, ran
Adaware, got 3 dataminer objects, so it was the new screensaver.
Finally, the question: How was the adware installed?
I killed the install sequence before it happened, so the adware was part of the
scr executable files themselves?
Mike Sa