Jump to content

Yo Patrick!

Rate this topic


Auce

Recommended Posts

"Spyware Protect 2009" Never purchased it, never installed it. It's doing random scans, showing Infiltration alerts. I did a Bazooka, Spybot & Ad-Aware scan, didn't find jack. I have not been surfing the smut either.

 

You've always been da man for me in the past, if it's not trouble, I'd love another hand.

Link to comment
Share on other sites

This is what it sounds like to me. It sounds like it's a piece of spyware that will scan your system, tell you that you have spyware and then demand money to remove it. How this is legal is beyond me. It's like throwing a brick through someone's window and then charging them to repair it.

 

Google "Spyware Protect 2009 +removal" and you should get some results.

Link to comment
Share on other sites

That damn thing popped up in 3 of my client sites yesterday. It's got a nasty MO. If you use a Symantec product prior to Corporate version 11.x it will shut down the service and you're infiltrated - little bastage!

 

I was able to remove it fairly easily because none of my clients had actually fallen for the scam and clicked on the repair button. How they get away with it is that they are based in countries where the powers that be have bigger fish to fry. Almost all of these money scamming attacks come out of Russia and are generally picked up by cruising through what would normally be taken as legitimate sites. Nasty, nasty bugs they are!

 

If you ever get completely infected from one of these it tends to snowball. My assumption is that the bot that found it's way in to your system then notifies other bots out there that it found a 'sucker' and then the games begin. The only way I have been able to clean a drive that's got it bad is to remove it from the system and scan it as an external drive through a USB port on a VERY locked down machine. Thing is you still only get the most easily recognizable bugs out that way, as most of these type of viruses 'hide' until something triggers them, most often invoking IE. ( I know, another reason to use Firefox, but that's not happening in a corporate environment running a Windows platform, so I'll continue wink.gif)

 

To get rid of this critter make a note of the name of the so-called virus alert software. The newest one is "360 Alert" and the interface looks almost exactly like that of Norton 360, hence the reason it fakes out mosr people using that internet security packagecwm40.gif

 

I have been using a paid version of AVG to find and quarrantine this bastage.

 

Go into msconfig (start/run/msconfig) and go to the startup tab. Look for anywhere from 2 to 4 items that are blank in the startup item column and uncheck them, then look for items in the Command column that match that of the so called virus program popping up on you and uncheck them. Then, and this one takes some care:

 

OPen task manager and go to the Processes tab. Look for something named like the virus that is popping up. Single left click on that item in order to highlight it, you may have to chase it around before you get the right one smile.gif, then right click and select 'end process tree'. You'll get a warning message, but do it anyway. Whatcha got to lose, yer already hosed at this point!

 

Providing you did not cancel a required system process, and you picked the correct process to stop, you then go to C:/Program Files and look for the folder that the pesky beast installed on your machine and delete it.

 

At this point you should be able to get back on IE and not get beaten down with pop ups telling you that you have bugs. Download, but don't yet install a reputable virus program. Like I said I use AVG first (I use the paid version, but I'll assume the freeware works too), then I follow it with PC Tools Internet Security (also a paid version that I put on, then remove from machines I am cleaning for people). The PC Tools product is awesome if you just let it do it's thing, but ONLY if you have a machine with significant memory and a 2+ GHz or Dual Core processor cuz it's a resource suck!

 

Once you have one of these products (or another you're comfortable with) downloaded - UNINSTALL your Symantec product. Sounds scary but don't sweat it - you're already hozed, right wink.gif

 

You'll need to reboot. Unplug your network cable from your PC b4 you do.

 

Once back up install the AV software you just downloaded. Once it's installed and ACTIVE, plug your network cable back in and get the updates for it. Odds are you'll need to reboot again.

 

Once you're back up start the most in depth scan the product lets you configure and let her rip. It'll take an hour +/- to complete and with any luck you're all fixed.

 

 

Bottom line is this - KEEP YOUR AV UP TO DATE!!! You can pay them now, or pay people like me later.

 

or you can install Ubuntu and Firefox and never have this happen again wink.gif NOT!!!

Is it too much to ask to just breathe, be able to walk and go fishing?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to register here in order to participate.

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×
×
  • Create New...