|
Please Help: Virus/Spyware Attack!!!
This is the message that keeps popping up on my PC:
Spyware alert! Vulnerabilities found Your computer is infected by spyware - 34 serious threats have been found while scanning your files and registry. It is strongly recommended you disinfect your computer and acivate Realtime secure protection against future intrusions. Another pop up that keeps appearing reads as follows: INFILTRATION ALERT Your computer is being attacked by an internet virus. It could be a password - stealing attack, a trojan - dropper or similar. DETAILS Attack from: 201.14.44.172, Port 10921 (keeps changing with every pop up) Attacked: Port 34072 (keeps changing with every pop up) Threat: BankerFox.A Do you want to block this attack? I have clicked the right button of my mouse, then Properties and checked out where this pop up in being launched from and realised that it's from the following location: kaka://C:\WINDOWS\sysguard.exe/netalert.htm How do I get rid of it? I have tried scanning for viruses and spyware using McAfee but it's showing nothing. Please help me. Many thanks. |
most likely a fake virus warning, quite likely your only infection is that program that displays this warning ... it will scam you into paying for their "anti virus" and in the meantime it will only infect you more and more with some serious trojans and backdoors etc
download this program, make sure you have their newest malware definitions and run a full scan http://www.malwarebytes.org/ if it gets rid of it, you're lucky, but make sure you have a good real time antivirus and firewall on your machine |
Its a Malware that gives you fake virus alerts. You need to install and run this
http://download.bleepingcomputer.com...mbam-setup.exe Make sure you disable systemrestore FIRST |
Quote:
My Internet Explorer won't open any website as well. Here is the message popping up every time I try to use Internet Explorer: Internet Explorer Warning - visiting this web site may harm your computer! Most likely causes: The website contains exploits that can launch a malicious code on your computer Suspicious network activity detected There might be an active spyware running on your computer What you can try: Purchase Spyware Protect 2009 for secure Internet surfing (Recommended). Check your computer for viruses and malware. More information Will the same software you've recommended fix this problem? |
Quote:
ebus_dk, thank you for your advise. How do I disable systemrestore? Please excuse my ignorance. Thank you. |
well ebus and I recommended the same program, so it's a sign it is the leading one on the market
I am by no means a malware removal expert, if you can't open IE then its very bad already, but you might try to do it in safe mode, with internet access? just reboot your PC, press F5 or F8 all the time (I constantly forget) and access safe mode alternativelly, download the malwarebytes installer on another machine, copy to a CD and install on your infected one another two very good programs that you may use after the malwarebytes scan: http://www.superantispyware.com/ and http://www.freedrweb.com/ |
fake malware
get search n destroy free good and it works |
@polish_aristocrat, ebus_dk and DutchTeenCash, thanks for your suggestions. I will try it and let you know how it goes. Many thanks indeed. :thumbsup
|
When you have everything cleaned up, install Seamonkey or Firefox. IE is full of holes.
|
@polish_aristocrat, ebus_dk, DutchTeenCash and rowan, thank you very much indeed for the help. It's all cleaned up now. There were 42 infected files all together.
|
just to make sure your pc is virus/trojan-free, install trojan remover ( http://www.simplysup.com/tremover/download.html ).
|
Sounds like a pain in the ass. I hate when i get any annoying shit like that. Thankfully not had anything in a while. Hope it stays that way.
Let us know if you get it removed... |
malwarebytes is the best IMO :thumbsup
|
Quote:
|
Hi everyone! Those extremely annoying pop ups are back again. I installed Malwarebytes' Anti-Malware and have been running after every few hours since yesterday but two particularly annoying pop just won't go away. There is also this "Windows Security alert" that keeps popping up at the bottom right corner of my screen before the pop ups mentioned in my post number one of this thread appear.
How do I prevent these pop ups from appearing after every few minutes on my screen? I would also be glad if you could explain to me how I could block pop ups from the following websites from appearing on my screen everytime I come online: Spyware Protect 2009 DecodingGQ setup http://fastantimalwarescan.com http://toplop.com Thank you once again guys. |
Could someone please tell me whether or not there would be any problem with my PC if I deleted the following because that's the location from where pop ups are being launched I suppose? I don't remember having created a directly called "kaka" :mad:
kaka://C:\WINDOWS\sysguard.exe/netalert.htm And if my system won't get affected, how do I delete it? Many thanks. |
Quote:
|
Quote:
|
Quote:
|
Quote:
|
Quote:
On a serious note though: go to google and do a search for "kaka://C:\WINDOWS\sysguard.exe/netalert.htm" Also, hit Ctrl/Alt/Del and check which processes are running. Do a search on google for the processes that look fishy. HijackThis, Spybot Search and Destroy and Adaware are all free, and between the 3 of them (and some research on Google) you should manage to kill them all off. |
Quote:
|
1. if you had a free AV such as AVG or comodo AV (now included with the firewall) ... uninstall them.. they are worthless.. get Avast or Antivir...
2. Install Spybot... then scan ur pc.. this will not solve all your problems but will help you get rid of the more superficial problems... DO NOT IMMUNIZE YET! 3. Get HijackThis which is a free tool from trend micro.. take a good look at the processes running.. take note of the ones you don't recognize and kill them..do a google search bout the ones u don't recognize 4. Update Avast or antivir or whatever paid antivirus u r using.. Do a full system scan in Safe mode and THEN do a boot-time scan... 5. By now you should have identified the crapware with Hijackthis and removed the virus/trojan/scareware that is fucking ur system.. now run Spybot one more time and immunize your system.... Done.. |
Quote:
"BankerFox.A is a Trojan that is designed to steal users' banking data related to certain banking entities." Seriously, go to google and do some research. From the sound of it, BankerFox.A isn't your only problem. Malware and trojans don't all behave in the same way, so it's not much use asking here, the answers relating to your particular infections are a google-search away. |
Between kids computers and their friends computers I'm about ready to start charging for my time when getting rid of these dang malware pests.
Tonight..dunno what I was doing, but went to change something and when I rebooted I opened a statsremote window (I'll be glad when it's not mandatory that it opens in IE). Click on something and up pops a window telling me about some car stuff, close it, click again.. new window about antivirus software... etc. Ran Hijack this and also checked my Registry file and sure enough some pesky program. Before I went just deleting willynilly, I thought I'd give System Restore a try for once since it worked for my son's pc the last time I fixed a bug on it. Had a restore point just a couple of hours before.. All fixed...suspect registry key was gone. Wish I could shoot the damn bastards. |
Download SuperAntiSpyware and Spybot and do a scan. Don't rely on just one (but if I did it would be SuperAntiSpyware).
Then run a bunch of these free online scanners. http://www.google.com/search?rlz=1C1...+virus+scanner Now what you need is any firewall with program permissions. LookNstop is a very lightweight solution. |
Quote:
|
From the list of 'Objects infected' that I have so far deleted, I can confirm that most, if not all of them are Trojans. Most of them went like....
Trojan.DNSChanger Trojan.Agent Trojan.FakeAlert C:\\WINDOWS\system32\iehelper.dll The biggest problem I'm struggling with right now is how to STOP the following Fake Alert pop ups from appearing on my screen after every few minutes. Spyware Alert (which is actually fake I suppose) Windows Security alert (which is actually fake) Software Protect 2009 alert (which is also fake) And also pop ups from the following websites: http://toplop.com http://bfc.myway.com http://fastantimalwarescan.com If I could be able to get rid of these, then my problem would be solved. |
Quote:
|
If you find you absolutely can't get it cleaned...go here.
http://forums.majorgeeks.com They have some terrific people there who will, after you first run all the diagnostics they require - WILL work with you until everything is off your system. Just be patient if you use them - they're a little slow, and they get touchy if you try to "cut in line" --- but they will get you up and running again. |
After all of the above fails the only real fix is to Format c and start all over with a clean os install. You will thank me later as this will be the best and only real fix that will take only 40 mins or less.:2 cents:
|
Thank you guys for your advise. Much appreciated.
|
you may use this tool, as described here: (it works definitely for XP, not sure about Vista)
http://www.bleepingcomputer.com/comb...o-use-combofix just make sure that while downloading it, don't save it as combofix.exe, save it as 54321.exe or so |
Quote:
|
Quote:
It only takes about 2 hours for us to reformat our HD and reinstall everything from scratch. The key is to have all the software you are reinstalling on an external drive first. It goes really fast and saves hours of aggravation. Words from (unpleasant)experience. |
| All times are GMT -7. The time now is 06:48 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123