cancel
Showing results for 
Search instead for 
Did you mean: 

Malicious Spyware

Community Veteran
Posts: 7,152
Thanks: 54
Fixes: 2
Registered: 30-08-2007

Malicious Spyware

I've recently become the victim of a malicious spoof (at least I think it is) virus/adware/spyware/malware, I think possibly a trojan.

Symptoms:
In the system tray, I have a flashing green wheelchair outline icon, the flashes alternately with a red "no entry" icon, this "claims" to be a virus alert, if I double click it, it opens a web page in IE that basically advertises a number of software solutions to the alert:
SpyFalcon
Malware Wipe
Pest Trap
The Spy Guard
Adware Punisher
SpyiBlock

My fully up-to-date and fully loaded Norton Security 2006 does not find any problem.

Also in the system tray, I have a flashing yellow triangle icon that though untitled sends regular System Warning messages to the screen, clicking this icon opens a web page advertising Malware Wipe (although it has on occasions advertised the others listed above as well)

At boot, I get a Virus warning in the bottom right corner in a red outlined window saying "your computer is infected" this clears itself after 10 seconds or so but, pop's up at regular intervals.

In my IE, at the same time, I am unable to set the home page to anything other than "the blank" the default home page has become "theguardservices.com" which advertises all the above list of "products" and I can't change it. I am unable to set the Yahoo toolbar (for the pop-up blocker)

Most of the messages I get look "genuine" enough, until you look closely and notice that often the english is at times rather suspect, and puctuation non-existent.

I believe these advertisements are nothing more than an attempt to get my money/credit card details etc. and have so far resisted the temptation to use them fully.

However, I did try one "free scan" on one of the products (Malware Wipe) that downloaded the software in every way that looked genuine, when opened it did an automatic scan, and came up with a number of registry locations, I refused to take this any further to "remove" and uninstalled the progamme (that remained in the C/program files after using add/remove progammes) and deleted it manually) My question is would it be an idea to note these registry files and delete them manually?

Apart from getting a number of un-wanted pop-up's, security alerts in addition to the above the results of all this are seemingly annoying rather than disasterous.

Anyone any ideas how to get rid of this problem, short of buying a new PC?

Petlew
Experience; is something you gain, just after you needed it most.

When faced with two choices, simply toss a coin. It works not because it settles the question for you. But because in that brief moment while the coin is in the air. You suddenly know what you are hoping for.
8 REPLIES
Community Veteran
Posts: 14,469
Registered: 30-07-2007

Malicious Spyware

Spybot
adaware free

and several others listed here.
N/A

Malicious Spyware

Your best bet I would say is to go to Spybot Search and Destroys Forum page.....
http://forums.spybot.info/forumdisplay.php?s=12be91975b9e9e5e357aaaf4e99c01f5&f=22

This has a sticky which explains how to get rid of your problem. It's a fairly long process but does work (I've followed it on several machines).

You would be better off using Firefox for surfing the net as IE6 has too many possible security holes.

Hope this helps
Slick
Grafter
Posts: 123
Registered: 01-08-2007

Malicious Spyware

Quote
Your best bet I would say is to go to Spybot Search and Destroys Forum page.....
http://forums.spybot.info/forumdisplay.php?s=12be91975b9e9e5e357aaaf4e99c01f5&f=22

This has a sticky which explains how to get rid of your problem. It's a fairly long process but does work (I've followed it on several machines).

You would be better off using Firefox for surfing the net as IE6 has too many possible security holes.

Hope this helps


couldnt of said that any better there and also nortonHuh
not good in my books as it has dropped down in ratings big time.
use a dirrent virus software would also help
psk10
Grafter
Posts: 77
Registered: 12-08-2007

Malicious Spyware

I Found that EWIDO anti-malware and Trend-micro are good and you could do a trial prior to purchasing ,see if they find your spyware ,i also have Norton 2006 Internet security which is good protection .But Lava Ada-ware SE is a must and it,s free,another consideration is that it could Rootkit that can be detected with www.sysinternals.com a program in security will scan your pc and it too is free.
Community Veteran
Posts: 7,152
Thanks: 54
Fixes: 2
Registered: 30-08-2007

Malicious Spyware

Thanks guy's, the problem seems to be solved, using a bit of everything suggested, both Spybot and Smitfraud both found problems, it is it seems though the Smitfraud that finally killed off the issue.

I also installed Firefox, and you're right it is pretty good, just one thing; can I uninstall IE6 from XP? but leave OE6 intact?

Seem to get conflicting reports about the Norton Security, having just coughed up a sizable wad of cash for this upgrade, I'm a bit lothe to throw it away, without good reason...so come on convince me...

Thanks again
Petlew
Experience; is something you gain, just after you needed it most.

When faced with two choices, simply toss a coin. It works not because it settles the question for you. But because in that brief moment while the coin is in the air. You suddenly know what you are hoping for.
holdtight
Grafter
Posts: 1,634
Registered: 15-06-2007

Malicious Spyware

Hi petlew

No you cant just uninstall IE from your xp system ( if only) as its an integral part of the os and needed for windows updates etc

Depending on how far you want to go its possible with the likes of xplite which is an app you would have to buy to do so also theres the above to consider

your best bet is to just leave it be and carry on with firefox you can remove the icon from your desktop if you dont want it there

As for norton if youve just spent money upgrading i agree its a waste if you just junk it so use it untill its time is up then ditch it for something better and in the meantime keep spybot and adaware on your system and run them regularly

A few years ago norton was one of the good ones and i used to use it myself but its become bloated less reliable and a resource hog so if thats not reason enough.......


Bill.
Community Veteran
Posts: 14,469
Registered: 30-07-2007

Malicious Spyware

There are still some sites that will only worj with IE - one importyant one is windows update. The automatic updates will not install all available fixes so yo still ned to run windows update at times.

Just leave it as is and use firefox/mozilla.

Also don't forget to download the latest java runtime from Sun if you have not already done so.
N/A

Malicious Spyware

one thing that is missing from the above list of websites is house call