Jump to content

Computer boffin required

Guest Stavvy

By Guest Stavvy,
in Off Topic

 Share

Recommended Posts

Guest stiv24

Guest stiv24

Posted
Posted

This morning I clicked on a file in my junk email which was marked UPS unable to deliver item.

 

As I am waiting for a delivery I thought this must have gone into the junk folder by mistake.

 

This file has loaded 'AntivirusXP2008' and I keep getting pop ups saying threat detected etc etc, 2993 viruses found etc etc we can get rid of them if you pay for our software bla bla

 

I have tryed to remove the programme from the control panel but I just can't get rid of it.

 

Any ideas what I can try next?

 

Cheers in advance

 

Steve

Link to comment
Share on other sites
libs

libs

Posted
Posted

sorry to stick m ore in but i have gone through ALOT of antivirus software.. propably in the region of 15 packages this year.. but out of all the expensive systems, AVG free adition has GOT to be the best. kept my 400 running great and jumps in anything like malware.

Link to comment
Share on other sites
dustyfox

dustyfox

Posted
Posted

I had this done to me a couple of days ago, I had a red symbol in the bottom right saying that my security was under threat and pop ups pretending to do a spyware scan couldnt close it down. My spyware was saying it was a Trojon and a worm, but when I went to delete them a window came up and froze so i couldnt close it down. So I did a Computer Restore and that got rid of it. No problems. Then I did another virus and spyware scan and nothing there. So do a system restore if nothing happens.

 

Df

Link to comment
Share on other sites
Guest stiv24

Guest stiv24

Posted
Posted

Thanks for your advice so far.......

 

I'm now thinking it's probably best to position said PC on the lawn and fire a few rounds into it, any ideal what load/brass size would be suitable?

Link to comment
Share on other sites
Guest stiv24

Guest stiv24

Posted
Posted

The system restore would only give me 1 restore point and that was this morning just after I ******** it up. Although it gives you a calender to pick a date from the only date it would let me use was today.

Link to comment
Share on other sites
alexm

alexm

Posted
Posted

AV2009 is doing the rounds at the moment. I've cleaned two pc's with it this week and each one was slightly different. You can use the free utility HijackThis to diagnose and fix the problem.

 

1) Download the Hijackthis utility: http://www.trendsecure.com/portal/en-US/_d.../HiJackThis.exe

2) Run Hijackthis, accept the licence terms then click the button "Do a scan and save a log file" button

3) It will do a quick scan of your settings and open up the logfile in notepad

4) Paste the log file back in here

5) I can then see from your log file which entries require fixing

 

Basically it will come back with a load of settings that are commonly used by viruses, browser hijacks etc... I can point out the ones inserted by AV2009 which you can fix in HijackThis. :blink:

Link to comment
Share on other sites
harpoonlouis

harpoonlouis

Posted
Posted

A word of advice.

 

If you get any pop up or warning tab that you don't recognise then it is probably a worm or trojan tring to get you to click to activate the pay load ( the nasty bit)

 

DON'T CLICK ANYTHING INCLUDING THE NORMAL CROSS HATCH BOX AT THE TOP. STOP!!!!!!

 

Pres ALT CTRL and DEl together to bring up the Task Menu, high light the item in question, usually the thing at the top of the list and then click END TASK.

 

This will kill the process without actually clicking a screen icon.

 

Some nasties out there fake the cross hatch button and make this the ACTIVATE instead. In the so called Terms and Condition they attach they actually mention this as a way of avoiding litigation in the USA.

 

Sorry to be nerdy but there are some very sneaky ******* out there trying to get in here.

Link to comment
Share on other sites
libs

libs

Posted
Posted

Just thinking it may also be worth looking through your programe files (actually looking, no scaning etc) and then scanning anything that looks out of place. and dont dare type any passwords into ANY online fields, you may be being key-logged?!

Link to comment
Share on other sites
alexm

alexm

Posted
Posted
Thanks for your replies chaps, I think spybot may have got it

 

alexm I'll get the info for you cheers

 

PM received and replied to. It does look like it has been removed by spybot! :blink:

 

I have also sent you instructions on removing MyWebSearch which is on your system and you are better off without!

Link to comment
Share on other sites
_Spud_

_Spud_

Posted
Posted

The amount of pc’s that we have been working on at work with this **** is unbelievable.

 

Your best bet is to use spybot search and destroy.

 

Also use adware, decent virus scanner not Norton. Norton antivirus has to be the worst virus scanner ever made along with McAfee.

 

Use AVG, NOD32, Kasperski etc

 

Dump Internet explorer and use Firefox with no script this will stop a lot of the browser driven spyware infections.

 

I would also use the spybot immunization feature as this will add entry’s to the hosts file to stop a lot of the website getting contacted.

 

I would also use something like OpenDNS as this has spyware / phishing protection built in, and for people who want a free content filtering system for the kids it’s superb.

 

You can also use hijackthis and paste the log file into http://www.hijackthis.de/ for a decent review of system problems, this does not always work if the spyware is hidden inside of a rootkit.

Link to comment
Share on other sites
Biffo1262

Biffo1262

Posted
Posted (edited)

I've seen a number of variations on the same theme and neither an antivirus program or spyware removal will solve the problem. This is basically because it is neither a virus nor a spyware but simple a popup with a link embedded into your system. It does no harm but is extremely annoying and possibly illegal for there was nothing wrong with your computer before this blatent selling scam insinuated itself into the sytem. The advice to google the actual mesage is spot on and you will find a solution within one of the software forums somwhere as someone else has laso suffered the same problem. I did that for mine and my friends but they are all different. Persevere and you will find the solution. If not, I did a reinstall of my system file the first time and that sorted it.

 

I do use Firefox and an antivirus protection with firewall, plus Windows Defender but this does not prevent the problem arising. As soon as you are conned into the link the program is installed and has to be taken out by hand. I was given the same advice as I have just posted by the software forums, there is no method of automated removal (Spybot seemed to have removed mine until about the 2nd or third reboot and there it was again). I certainly spent a long time looking for one that worked without any luck, though they all professed to be able to do it. Just follow any instructions you are given via the forum you find it on and all will be well but if you do not feel confident editing the Registry, find a friend who is.

Edited by Biffo1262
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...