Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware Nightmare!


  • Please log in to reply
4 replies to this topic

#1 lazeedayz

lazeedayz

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:42 AM

Posted 27 May 2007 - 08:31 AM

Problem background:

I downloaded a video programme, which after doing so, my Norton Antivirus went crazy with alerts of Virusburst... I attempted to delete the files but they were write-protected, so I downloaded the MoveOnBoot programme to delete the files on start-up. That got rid of the Virusburst alerts, however pop-ups were still appearing on my computer and Norton showed nothing upn scanning. I followed the advice in one of the forum posts and disabled the system restore, and chose the options to show hidden files and folders, unchecked hide extensions for known file types and hide protected operating system files. Then I downloaded AVG anti-virus and anti-spyware. The anti-virus programme did not pick up anything, but the anti-spyware programme picked up alot of adware and tracking cookies. I have deleted all identified risks. I have also run both these programmes in safe mode with networking and they returned nothing.

Problem:

None of the programmes are identifying any more problems. However, on my taskbar there is an icon, which flashes between a yellow triangle warning symbol, and a blue circle containing a yellow cross. The icon regularly produces a balloon stating "SECURITY ALERT" and that there is number of active potential harmful spyware on my computer, this balloon also interupts any work I am doing, for example, it has interrupted me writing this post 5 times already! When either right or left-clicking upon on the icon, it brings up an internet window connected to spylocked.com, which tells you to download the programme for protection. However, upon downloading, the anti-spyware programme identifies it as a risk. So I deleted it, and scanned again to ensure there were no more risks. I dont know whether the icon is due to a hidden programme somewhere on my computer to try and scare me into downloading the spylocked.com, or whether it is something I should pay attention to.

Can someone please help and explain to me what is going on?? I am not very good with computers, but can cope, however, I don't want to advance any further without any idea of what I am dealing with.

Greatest thanks to anyone who can help!

Edited by lazeedayz, 27 May 2007 - 08:35 AM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,324 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:42 AM

Posted 27 May 2007 - 09:42 AM

Use the program in the link below. Follow the directions carefully. Post back to let us know the results.
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php

If you still get the icon and since you actually downloaded the phony antimalware you may need to use the program below after running The Smitfraudfix.
http://www.malwarebytes.org/rogueremover.php

Edited by buddy215, 27 May 2007 - 09:46 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 lazeedayz

lazeedayz
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:42 AM

Posted 27 May 2007 - 10:22 AM

I downloaded the SmitFraudFix and it seems to have resolved the problem, the icon has gone and you my friend are a genius! I've rebooted as well, only thing is now, that my comp is alot slower than before... Will see if I can find the problem.

Thanks again

#4 buddy215

buddy215

  • Moderator
  • 13,324 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:42 AM

Posted 27 May 2007 - 10:49 AM

REScan with the AVG AntiSPYware that you have installed in "safe mode". Be sure to check for updates before scanning.
--------------------------------------------------------------------------------

Remove temporary files, logs, cookies, etc. by using Ccleaner. Do not use "Advanced Settings" or the "Issues" button. Use only the default settings. http://www.ccleaner.com/
--------------------------------------------------------------------------------


If you still have the slowness, post a Hijack This log in the Hijack This Forum. Let the experts have a look. Directions are in the link below.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

--------------------------------------------------------------------------------

If you don't find reason to post the Hijack This log and you are free of malware, remove the existing restore points.
Turn off system restore. This will remove all restore points since some are infected . Turn system restore back on.
http://www.real-knowledge.com/flushres.htm
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 lazeedayz

lazeedayz
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:42 AM

Posted 27 May 2007 - 11:05 AM

Seems to be fine now

Might just have been the process of reloading after scanning and deleting, etc... Will run the programmes if it persists

Thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users