"SPYWARE INFECTION" BLACK BOX ON DESKTOP

G

Guest

I was recently working on my families computer because they got this black
box on their desktop saying they had a spyware infection and after running
ad-aware and norton AV the notification persists. How do I get rid of the
notification from the desktop? is there still spyware on the machine? it
scans clean. any help would be great. Thanks,
 
M

Malke

Nate said:
I was recently working on my families computer because they got this
black box on their desktop saying they had a spyware infection and
after running
ad-aware and norton AV the notification persists. How do I get rid of
the
notification from the desktop? is there still spyware on the machine?
it scans clean. any help would be great. Thanks,

Part 1 - Uninstall older versions of Java. You can install the latest
after everything is clean. If you already have the latest version,
empty its cache per instructions here:
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Part 2 - Run noahdfear's SmitFraud and SpyAxe removal tool -
http://noahdfear.geekstogo.com/click counter/click.php?id=8

Part 3 - Run David Lipman's tool -
http://www.ik-cs.com/programs/virtools/SmitFraud.exe

David's Instructions:
Execute SmitFraud.exe (Note: You must accept the default of C:\McAfee)
Choose Unzip
Choose Close

NOTE: You may have to disable your software firewall or allow WGET.EXE
to go through your firewall to enable WGET.EXE to download the needed
McAfee-related files.

Execute c:\mcafee\clean.bat (or Double-click on 'Clean Link' in c
\mcafee)

A final report in HTML format called C:\mcafee\ScanReport.HTML will be
generated. At the end of the scan, it will be displayed in your browser
(Opera, FireFox or Internet Explorer). It is suggested that you move
the report out of c:\mcafee before performing another scan.

Part 4 - Continue with general malware removal:
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Sun Java - http://www.java.com/en/download/index.jsp

Malke
 
L

Lews

If you have SpyAxe, PSGuard, Smitfraud, Spy Sheriff, Sinnaka Advertisments
or detections for Puper or Alemod that can not seem to be removed
automatically, please try this automated removal tool.

AntiPuper v1.1 by secured2k
http://secured2k.home.comcast.net/tools/AntiPuper.exe

What does this tool do?
This tool will attempt to delete several known Trojan files. These files are
modified by the malware authors and encrypted to avoid detection.
Fortunately, many of these tend to use the exact same file names. If the
files are in use, locked, protected, etc, this program will schedule Windows
to remove the files upon restarting.

This program will also remove some common security policies that are changed
by viruses and worms. Policies that lock out your desktop changes, windows
update, Windows Firewall, Explorer Run policies, Registry editing, and more
are all reset.

Finally, if you have an infected Alemod WININET.DLL file, this program will
try to copy a clean version from your Windows File Protection folder and
replace the bad copy on restart. If a backup copy can not be found, the tool
will quickly look for McAfee Antivirus files and attempt to clean a copy of
the file to replace the bad one on reboot. If all of this fails, you will
need to manually replace/clean your WININET.DLL file.
 
S

SimonRB

I'm pretty sure I've seen the one you mention here, have you tried SpyBot
S&d (www.spybot.com) and Ad-Aware (www.lavasoft.de)? Also, I'm pretty sure
Microsoft's Anti-spyware (Beta) is still available for free from the
downloads page. Ultimately there's no single application that's effective
for removing all spyware, so use a combonation of the above. And remind your
family to never click on the "You've got spyware, click here to remove" kind
of banners :)
 
G

Guest

I had this last night, first one I've have had for ages. (touches wood)
I had to run Spybot S&D (updated) twice. Also ran AVG.
 
G

Guest

I had the same thing happen to me. There is a software program called
PestPatrol that has been added to your computer. Here's how I resolved it:

1. Go to add/remove programs and remove Pestpatrol.
2. You will still find the black retangle showing, however. Go to system
tools/system restore and pick a point in the past before the black rectangle
began appearing. Choose that system restore point.
3. Reboot your machine in safe mode.
4. Run a spyware/adware program and an antivirus program to make sure your
machine is clean.

The black rectangle should now be gone as well as any remnants of that
program.
 
M

Malke

billbrandi said:
I had the same thing happen to me. There is a software program called
PestPatrol that has been added to your computer. Here's how I
resolved it:

(snip)

This is incorrect. PestPatrol is actually a legitimate program and has
nothing to do with the Smitfraud/Spyaxe (and variants of same) malware.

Malke
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top