Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojans. Who To Trust When Buying New Security.


  • Please log in to reply
4 replies to this topic

#1 SaxonManFinland

SaxonManFinland

  • Members
  • 159 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:British was living on Russian Boarder in Finland
  • Local time:06:19 AM

Posted 03 August 2006 - 01:35 PM

For 3 days now I have been helping a friend who has a report from Spy Doctor about Trojan.downloader.Banload.AM, anyway being schptical I did my best, then ran it on my own PC which is pretty well protected and used quite carefully NOW !!! (Yes I had my problems 2 years ago, and thus BC Member)
Ran the following WITHOUT REMOVING FINDS.

Spy Doctor reported 38 infections Found. More Later
Ewido 3 cookies
Spy Bot 5 Cookies
Ad Aware 3 Cookies
Trojan Hunter 28 Infections
Spy Hunter ??? 27 infections.

I have ZA Pro, as well as Defender and Spywear Blaster.
Ewido
Spy B S&D
Ad-Aware SE
A Squared
All run 2 times weekly and updated.

Spent several days checking for these "Hits". Spy Doctor makes it difficult but not impossible to find their location (unless you BUY full copy)

Did track down 2 porn scanners in the registry Fast Video Player, but it also reports
BackDoor.Rbot.UR Sys32\phgghu.exe
Backdoor.Retro64 21 entries in registry
Dialler in Sys32\Egauth.dll
and a host file redirector.......

No Other scanner mentioned any of these "Hois"
Trojan Hunter found 28 but kindly claimed to remove them.
Spy Hunter found a totally different 28 but wanted purchase to remove them.

So close on 80 Hits all Medium to Deadly.

Accordingly advised my friend to NOT spend anything until he had run a HJT and submitted it.
He replied his wifes PC (both Business usage) now had other trojans reported by SPy Doc. so he purchased Spy Doc and ran it.NO MENTION now of what the FREE SCAN was saying yesterday ???????? Sqeeky Clean !!

Now I am incredibly confused and cannot find anything in HJT or my usual Scanners to worry about.....

Ideas, advice.I am tempted to have you look at my HJT Log, but know you are all busy helping less able folks.

Really would like some opinion and guidance.not much hair left to pull out now. :thumbsup:

Edited by SaxonManFinland, 03 August 2006 - 01:38 PM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,986 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:19 AM

Posted 03 August 2006 - 02:13 PM

Check out these comments on Spyware Warrior--a little dated but I would say the leopard hasn't changed its spots:http://netrn.net/spywareblog/archives/2004/08/01/spy-doctor-and-spyware-doctor/

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 Scarlett

Scarlett

    Bleeping Diva


  • Members
  • 7,479 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:As always I'm beside myself ;)
  • Local time:12:19 AM

Posted 03 August 2006 - 02:47 PM

Shady.

SpyDoctor not to be confused with the trusted SpywareDoctor

According to The Spyware Warrior List of Rogue/Suspect Anti-Spyware Products & Web Sites:
(A most trustworthy source.)

http://www.spywarewarrior.com/rogue_anti-spyware.htm

Product :SpyLax
Domain(s) : healthycomputerclub.com

Comments : nospyware.info false positives work as goad to purchase (1); poor scan reporting (1); successor to SpyDoctor (1); same app as #1 Spyware Killer, Max Privacy Protector, SpyDoctor; SpyFirewall, Spyinator, SpyKiller 2005, SpySpotter, SpywareThis, & Spyware Protection Pro - Note: SpyLax's previous incarnation as SpyDoctor is not to be confused w/ Spyware Doctor, a completely different app by another company
[A: 6-29-04 / U: 10-25-04]


Edited by Scarlett, 03 August 2006 - 02:47 PM.

Posted Image

#4 aelfgifa

aelfgifa

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 04 August 2006 - 12:11 AM

I am about 95% sure this is the same program I had a bad experience with before I came here for help.

In my case, the free scan found all kinds of stuff (most of which I actually did really have, as I found out later).

So I replied to their invitation to buy the program to clean up everything they had just found with a request for a toll-free number or a physical address where I could give them a credit card number. Something along the lines of "OK - you guys have just told me I have viruses, trojans, etc., so it doesn't seem real practical to put my cc# (which has since been changed) out there." Still, I fully intended to buy their product because it sounded so darn good.

Strangely enough, I never heard back from them. Came here instead.

aelfgifa

#5 SaxonManFinland

SaxonManFinland
  • Topic Starter

  • Members
  • 159 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:British was living on Russian Boarder in Finland
  • Local time:06:19 AM

Posted 04 August 2006 - 01:47 AM

Thanks everyone. Some interesting refernce works here. Relise I used Spyware Doctor, my friend used SpyDoctor.simple mistake.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users