Spyware problems (yet again!)

Discussion in 'Computer Security' started by =?Utf-8?B?RGF2ZSBNYXluYXJk?=, Jan 8, 2006.

  1. Hi

    I have run an on-line Panda Software scan, and it has detected what I though
    one of my spyware programmes had removed. The online scan has found the
    Crawler adware in the Widows Registry, what should I do. It didn’t specify
    the entries. Can anyone tell me the Registry, and where I should delete them?
    I have run scans in Safe Mode.

    It does seem to be slowing my machine down a bit.

    Also, digressing a bit from the subject, will people PLEASE stop hacking off
    Norton products. I like the products, even thought I have been using them for
    6 months. I find them very user-friendly. Dan Gookin likes NAV, why don’t
    people here like them?
     
    =?Utf-8?B?RGF2ZSBNYXluYXJk?=, Jan 8, 2006
    #1
    1. Advertisements

  2. Information about Adware/Crawler
    http://www.pandasoftware.com/virus%5Finfo/encyclopedia/overview.aspx?lst=vis&idvirus=94968

    Could be useful . :)


    As Panda Active scan detected this adware ,I recommend you download Panda
    trial version and use it to clean the computer.

    Panda Titanium 2006 Antivirus + Antispyware would do the job for you .
    http://www.pandasoftware.com/titanium2006

    Remove your current antivirus if you have one.


    Update Titanium 2006 ,boot in Safe Mode and scan.

    How to boot your computer in SAFE MODE
    Do this by repeatedly typing F8 while Windows is starting before
    Windows logo appears.
    Then you'll open the BIOS menu where you can choose to boot
    the hard drive in SAFE MODE


    You should click on Titanium's icon twice because in the first try it will
    report wring because the real-time protection can't be loaded.

    When the scan is finished ,don't fast to restart.Relax !!! And immediately
    turn off System Restore if you have Windows XP or Me
    Check Turn off system restore.Click OK


    When you restart check if the malware is gone and turn the Sys Restore ON
    again.
    Again Right click on My computer->Properties->System Restore
    Uncheck Turn off system restore ,so you'll have your Restore function ON.



    If you want more detailed instructions how to remove malware ,visit my
    web-site:
    http://free.hit.bg/fightmalware/homepage_en.htm


    Norton ,hmm ,delicate theme but I also don't like Norton and don't use it :
    Why ???
    1 > Live Update (the most popular) offeres updates only ONCE a week
    ..Critical !!! Norton doesn't have good protection agains unknown threats and
    what happens when new fast spread threat appears?Norton customers = infected
    customers

    2 > Difficulties for home user to install / reinstall the products. They are
    the only one( I think) that have a special program which removes all it
    traces...

    3 > My expreince shows inablity to detect and/or remove malware in any cases.
    Panda found 16 infections .Kasperskt found 10 .Norton found 2.
    Panda removed 16 ,Kaspersky 10 ,Norton 0.

    4 > Norton has poor technology of self-prevention.Many viruses modify the
    Win Registry and the HOST files in order to kill the security software
    process .What Symantec does => almost nothing ...= unprotected customers

    5 > If you are not infected it is because you have browsed safely and
    installed carefully .That's it.


    Noone can prevent you from using Norton .If you like it ,ok .It is your
    personal opinion.I do appreciate the other people's opinions .Your opinion is
    also important to me :)


    Good luck for cleaning the malware!


    Panda_man
    --
    Prevention is always better than cure !
    Panda TruPrevent - the most intelligent technology to combat unknown malware
    http://www.pandasoftware.com
    http://free.hit.bg/fightmalware/homepage_en.htm
     
    =?Utf-8?B?UGFuZGFfbWFu?=, Jan 8, 2006
    #2
    1. Advertisements

  3. Hi

    Thanks Panda_man I now have a clean system! I took me TWO hours to
    complete!! During that 2 hours, I had a cup of coffee and played a CD! I also
    vacuumed downstairs for my Mum! I kept on coming upstairs every now and then
    the check on the progress. It did find it, and disinfected it. But, I digress!

    O, just one thing, I have had to reactivate windows as soon as I installed
    the trial version of Panda. The message said something along the lines of
    "Due to significant Hardware changes, you need to reactivate Windows any
    ideas? I have installed my previous antivirus programme.

    Thanks once again for you help
     
    =?Utf-8?B?RGF2ZSBNYXluYXJk?=, Jan 9, 2006
    #3
  4. Hi again !
    I am very happy you now have a clean system.Hopefully your coffee was sweet
    and nice :) :) :)

    I use full version of Panda on my pc.I needed to reinstall the new 2006
    version once and I had the same message about Win reactivation.I reactivated
    Windows again but really can't tell you why this happened.:) Panda installs
    some things and probably Windows finds them as "significant Hardware changes".



    Panda_man
     
    =?Utf-8?B?UGFuZGFfbWFu?=, Jan 9, 2006
    #4
  5. =?Utf-8?B?RGF2ZSBNYXluYXJk?=

    Jim Byrd Guest

    Hi Dave - In addition to the reasons Panda_man gave you, non-commercial
    Norton/Symantec stuff is notorious for causing interference with other
    installs, especially System installs. I don't have it installed on any of
    my machines except for test purposes on my "sandbox", and recommend against
    it to my clients. (In fact, the first question I usually ask is whether
    they have any installed or have recently tried to remove any - it's also
    notorious for leaving stuff which interferes behind and for being very
    difficult to completely remove. See here if you want to remove it:
    http://basconotw.mvps.org/SymRem.htm FWIW, the second question I usually
    ask is whether they've recently run or tried to restore a Registry Cleaner.
    :) )
     
    Jim Byrd, Jan 9, 2006
    #5
  6. Hi guys

    Yes, Panda_man, my coffee was sweet (with one sugar!) It was a medium coffee
    blend (strength 3)! Not that you want to know that!

    Digressing again! I had no choice amongst Antivirus software when I bought
    this machine in June of 20005; it came with the machine already installed.
    They had an advert for it, claming that it, and I quote," Proven to totally
    protect your systems better than any free antivirus software�. Please bear in
    mind I am in the UK, not the US! How wrong they were:

    In Sept 2005, I downloaded a wallpaper tool. It had adware in it (although I
    didn’t know it at the time), I scanned with Norton and it came out clean. I
    installed it. Again for some reason, I decided to run a spayware scan using a
    dedicated scanning programme. (MS Antispywarre) and it found an adware
    threat, the When U Search bar.

    Can anyone recommend a decent Antivirus programme, as it seems Norton is in
    it for the money, NOT protecting customers and data! That’s probably why all
    there threat metrics are high numbers!

    D .A. M.
     
    =?Utf-8?B?RGF2ZSBNYXluYXJk?=, Jan 9, 2006
    #6
  7. =?Utf-8?B?RGF2ZSBNYXluYXJk?=

    Jon Phipps Guest

    The thing is that you are asking a virus scanner to scan for
    malware/adware/spy ware. These are entirely different beasts and you will do
    better with a dedicated scanner. I run Windows One Car(v scan, firewall and
    some other things), Microsoft anti spy, and spybot full time resident with
    adaware as a third manual scan... I also have some commanline tools that I
    use in emergencies. It is best if you rely on dedicated software for
    defence.

    Jon
     
    Jon Phipps, Jan 9, 2006
    #7
  8. From: "Dave Maynard" <>

    | Hi guys
    |
    | Yes, Panda_man, my coffee was sweet (with one sugar!) It was a medium coffee
    | blend (strength 3)! Not that you want to know that!
    |
    | Digressing again! I had no choice amongst Antivirus software when I bought
    | this machine in June of 20005; it came with the machine already installed.
    | They had an advert for it, claming that it, and I quote," Proven to totally
    | protect your systems better than any free antivirus software”. Please bear in
    | mind I am in the UK, not the US! How wrong they were:
    |
    | In Sept 2005, I downloaded a wallpaper tool. It had adware in it (although I
    | didn’t know it at the time), I scanned with Norton and it came out clean. I
    | installed it. Again for some reason, I decided to run a spayware scan using a
    | dedicated scanning programme. (MS Antispywarre) and it found an adware
    | threat, the When U Search bar.
    |
    | Can anyone recommend a decent Antivirus programme, as it seems Norton is in
    | it for the money, NOT protecting customers and data! That’s probably why all
    | there threat metrics are high numbers!
    |
    | D .A. M.
    |

    When U Search bar is adware and Ad-aware SE v1.06 and SpyBot Search and Destroy v1.4 will
    remove that.

    Please download, install and update the following software...

    * Ad-aware SE v1.06
    http://www.lavasoft.de/
    http://www.lavasoftusa.com/

    * SpyBot Search and Destroy v1.4
    http://security.kolla.de/

    After the software is updated, I suggest scanning the system in Safe Mode.

    As for replacement AV software, I suggest Kaspersky and NOD32 in that order.

    As for alternate "On Demand" AV canners you can use the following Multi AV Scanning Tool.

    I do suggest that after you use Ad-aware SE and SpyBot S&D and perform their scans in Safe
    Mode, use the McAfee module in the below tool.


    Download MULTI_AV.EXE from the URL --
    http://www.ik-cs.com/programs/virtools/Multi_AV.exe

    To use this utility, perform the following...
    Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
    Choose; Unzip
    Choose; Close

    Execute; C:\AV-CLS\StartMenu.BAT
    { or Double-click on 'Start Menu' in C:\AV-CLS }

    NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
    FireWall to allow it to download the needed AV vendor related files.

    C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
    This will bring up the initial menu of choices and should be executed in Normal Mode.
    This way all the components can be downloaded from each AV vendor's web site.
    The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

    You can choose to go to each menu item and just download the needed files or you can
    download the files and perform a scan in Normal Mode. Once you have downloaded the files
    needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
    during boot] and re-run the menu again and choose which scanner you want to run in Safe
    Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

    When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
    file. http://www.ik-cs.com/multi-av.htm


    * * * Please report back your results * * *
     
    David H. Lipman, Jan 9, 2006
    #8
  9. =?Utf-8?B?RGF2ZSBNYXluYXJk?=

    Jim Byrd Guest

    Hi Dave - You might want to take a look at my Blog, Defending Your Machine,
    addy below in my Signature for info about detecting, removing, and imunizing
    your machine agains "malware" which is what WhenUSearch is. Most AV's don't
    do very well at detecting malware and you really need to use some other
    dedicated tools for that, as I've outline there for you.
     
    Jim Byrd, Jan 9, 2006
    #9
  10. actually, you know, in my opinion, having no security is better then norton.
    symantec does make good products, but, as i remember som1 else posted, there
    called 'symantec corporate products'. norton keeps deleting legitimate files
    as well.
     
    =?Utf-8?B?RXZpbGJvYg==?=, Jan 13, 2006
    #10
  11. =?Utf-8?B?RGF2ZSBNYXluYXJk?=

    AlmostBob Guest

    Symantec's corporate products can be found here
    http://www.symantec.com/small_business/index.html small business
    http://www.symantec.com/enterprise/index.jsp large business
    you wont find any of the norton range in it.
    They are all SYMANTEC branded, they work, have a really small system
    footprint, and do not compromise stability

    If you got norton products free with the pc you still got ripped off,
    because of the effort to get rid of them

    and panda have a new direct URL to activescan, see below, with thanks
    Panda_man
    --
    -
    Adaware http://www.lavasoft.de
    spybot http://security.kolla.de
    AVG free antivirus http://www.grisoft.com
    Etrust/Vet/CA.online Antivirus scan
    http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
    Panda online AntiVirus scan http://www.activescan.com
    Panda online AntiSpyware Scan
    http://www.pandasoftware.com/virus_info/spyware/test/
    Catalog of removal tools (1)
    http://www.pandasoftware.com/download/utilities/
    Catalog of removal tools (2)
    http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?CID=40387
    Trouble Shooting guide to Windows http://mvps.org/winhelp2002/
    Blocking Unwanted Parasites with a Hosts file
    http://mvps.org/winhelp2002/hosts.htm
    links provided as a courtesy, read all instructions on the pages before
    use
    Grateful thanks to the authors/webmasters
    _
     
    AlmostBob, Jan 13, 2006
    #11
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.