1. We have added a Gift Upgrades feature that allows you to gift an account upgrade to another member, just in time for the holiday season. You can see the gift option when going to the Account Upgrades screen, or on any user profile screen.
    Dismiss Notice

SpyAway Trojan and PitBoss

Discussion in 'Civ4 - PitBoss Games' started by whiplash_CDC, Mar 10, 2008.

  1. whiplash_CDC

    whiplash_CDC King

    Joined:
    Dec 25, 2003
    Messages:
    939
    Location:
    America's Dairyland
    Sunday evening I was infected with the SpyAway Trojan. I have not browsed any unfamiliar websites in months. Some internet research I’ve done suggests that SpyAway is distributed through P2P (peer to peer) sessions such as those conducted through LimeWire. PitBoss is, essentially, a P2P program. I’ve shut down the two PitBoss games I’m hosting so as not to spread the infection to the players.

    I am inquiring as to whether any other PitBoss players have encountered this intrusion. I strongly suspect one of the half dozen PitBoss games I’m playing in was the vehicle for my infection.

    This thing apparently doesn’t do any real serious damage; its specialty is annoyance to the point that the victim buys the criminal’s software to fix the problem the criminal planted. People who perpetrate these kinds of schemes should have their hands amputated so they can’t use a keyboard. The symptoms are:

    Process slow-down
    Numerous popups warning you that you are infected with Spyware
    Microsoft style warnings from the system tray saying you are infected
    Internet cookies are whiped out
    Task Manager is disabled
    All of the warnings lead the user to an ad for a scanning program called SpyAway, pay to download.

    AdAware does not detect it.

    SpyBot detects it, but fails to remove it. The Trojan loads at startup and three programs run in memory. SpyBot will suggest you run SpyBot at bootup but the Trojan gets in before SpyBot can nail it.

    Any advice? (besides running a firewall).
     
  2. oyzar

    oyzar Have quit civ/forums

    Joined:
    Oct 7, 2006
    Messages:
    6,919
    Location:
    Norway
    Format? That is why there is firewall you know... There is an option in hamachi which allow you to disable or enable some unsecured windows connections. I dunno if you checked this box or not but it could be a cause of the problem(you don't need to enable it to play though hamachi...).
     
  3. Kingpin

    Kingpin Captain-General

    Joined:
    Dec 21, 2001
    Messages:
    699
    Location:
    Canada
    Have you tried Windows Defender?

    I'd also try a couple different antivirus programs. AVG makes a nice free once. They also have a free Anti-spyware program and a free rootkit detector. Those are available at free.grisoft.com. I would definitely give the rootkit detector a try. What you're experiencing sounds like the malware might have been hidden in that manner.
     
  4. Kingpin

    Kingpin Captain-General

    Joined:
    Dec 21, 2001
    Messages:
    699
    Location:
    Canada
  5. da_Vinci

    da_Vinci Gypsy Prince

    Joined:
    Jun 13, 2004
    Messages:
    4,162
    Location:
    Maryland, USA
    Had intially written about AVG, but I see now that Kingpin beat me to it ... let us know if AVG helps.

    dV
     

Share This Page