Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System Tray Icon


  • Please log in to reply
4 replies to this topic

#1 sack sam allerdyce

sack sam allerdyce

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 14 March 2008 - 08:09 AM

hello...i have an icon in my system tray a red circle with a white x in it a message pops up saying along the lines of windows has detected spyware infection click here to protect your computer fom spyware i clicked on it and it started a scan and if i wanted to disopse of these threats i had to buy the product i have had this prob before and got rid by using smitfraudfix but it did not work this time can you please help its doing my head in thanks

Edit: Moved topic to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 Cyb3r_Ninj@

Cyb3r_Ninj@

  • Members
  • 169 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Silicon Valley
  • Local time:12:28 AM

Posted 14 March 2008 - 10:43 AM

I'm 90-100% sure you have a spyware infection AND the red circle with the "X" inside is probably the culprit or a contributor to the problem. You probably picked up a trojan, your browser was hijacked, or some other security flaw in your system was compromised and malware coding was injected.

Have you noticed that your computer is slowing down, or locks up on you?
Have you noticed that your web browser's home page has changed?
Have you noticed that any previously installed AV programs or software is no longer functioning?
Have you checked C:\windows\system32\drivers\etc\hosts file to see if there are new entries in this file? (by default the file should only be 1-2 Kb)

There seems to be a trend which is still pervasive and people just aren't catching on to it. Not sure when exactly this type of $hitware coding started popping up on the net, but its out there and its quite pervasive. Fraudulent spyware injection software which is floating around the Web / Internet, which implants onto your system, it will change registry key information, disable services, enable unnecessary services, disable AV or security software, among other things - all of which will contribute to bogging down your machine.

I would advise that the next time you start up your machine, make note of the supposed spyware infection and simply google it; you'll probably be surprised to find out that this is simply a fraudulent fishing ploy to get you to purchase or download software which will only further compromise your system. Bottom line, DO NOT download or pay for the software that they are advertising or suggesting. In most cases they are just trying to get personal information, including credit card information from you - probably to rob you blind or commit other identity theft related crimes.

Check out what information google mentions on this supposed spyware issue - 9 times out of 10 its trojan and you probably will not be able to remove it as the creator has set it up so that your user account will not have permission to remove the injected code, registry entries, etc.

What you find on google will probably point you to some suggested solutions or guidelines you can follow yourself to clear off the $hitware code. However, there's no guarantee that it will remove every single registry entry, every single .dll, or every single bit of the trojan. What's more, if you have System Restore turned on to monitor your system registry and boot partition, this is most likely where the infection lies. Because this information is reloaded and rebuilt at every startup, even if you delete the files that are present, they will repropagate at startup since System Restore functionality will rebuild the registry and boot partition files based on the information saved in the restore settings which are probably also corrupt.

You can try your luck downloading and installing AVG antivirus and Spybot S&D to locate the threats - but again, there's no guarantee that this will remove the problem as well. Your best bet is to wipe your hard drive and reinstall your OS and application software to ensure that you have removed the threat completely. Then make a good backup or ghost image of your computer that you can store in "removable storage media" that is kept offline so it doesn't get corrupt or infected. You want to ensure that you download and install all available security updates and patches, if you use IE then upgrade to IE 7.0 with available patches. If you use FireFox, you better believe that there are security flaws there also, and you should follow suit on security patches. If you use a filesharing program, you might want to consider toning down your filesharing activity - a lot of $hitware gets passed around through those types of forums as well.

Seriously, i would advise a wipe and re-install just to be absolutely sure - you'll be happier with your system going back to peak performance and you'll save yourself time | headaches | tears trying to locate the $hitware and be back up and running faster. And be advised that my readings and experience indicates that 1 out of 5 web pages/sites is infected with malware code, trojans, or hijackers and is acting as a birthing canal to propagate the species.
***********************************************************************
Bill Gates recognizes the skills... so i suggest you start there and recognize them too...
***********************************************************************
:: digital.ronin ::

| MCP - ID 5646435, other certifications pending... |

#3 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:02:28 AM

Posted 14 March 2008 - 11:23 AM

If you think you may be infected with malware, the first place to start is in the "Am I Infected? What Do I Do?" forum. This is a centralized place where advanced members and staff can provide initial assistance with malware removal. If your issues cannot be resolved there, then you will receive further instructions as to what you need to do.

Please be patient, I will have a Moderator move your topic to the appropriate forum.

#4 sack sam allerdyce

sack sam allerdyce
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 14 March 2008 - 12:31 PM

i would just like to thank you for taking time to answer my post i seem to have the problem sorted i went to the security hijack this logs and malware removal section and ran house call antivirus it took ages but seemed to do the trick the icon is no longer in my system tray...thanks again :thumbsup:

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:28 AM

Posted 14 March 2008 - 07:01 PM

If you have removed the malware then:
Now you should Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then go to Start > Run and type: Cleanmgr
  • Click "OK".
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users