TechSpot

Malicious spyware

By tiona86
Jul 28, 2008
  1. about 2 days ago i got a message saying that my computer was infected from something called Antispyware 2008. since clicking on the link my computer seemed to have crashed. The background on my desktop has a caution sign that resembles one of those associated with the Antispyware 2008. I kept my computer on overnight to wake up to absolutely NO icons on my desktop. I don't even have a taskbar with a start menu! Luckily I didn't close out my internet just in case. And I also got a message from Antispyware 2008 itself saying that a spyware was blocking my hard drive and my files are inaccessible. And that is exactly what is going on. I can't do anything that can reverse this. I can't locate no files installed on my hard drive. Anytime I try to download an online scan, it says a external file is needed to install this. Since I have no desktop, I can't open up the scan. I have CA anti-spyware/ anti-virus already installed and that was doing a great job keeping out viruses and things but now I can't even access that. I tried to search for this so-called Antispyware 2008 but there is nothing. How can I override this?
     
  2. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    It hijacked your shell, you may have to run this from safe mode if so thats ok, but normal mode would be better

    Highjackthis Instructions
    • Make sure you have the LATEST version of HJT (currently v2.0.0.2) it can be downloaded from HERE
    • Run the HijackThis Installer and it will automatically place HJT in C:\Program Files\TrendMicro\HijackThis\HijackThis.exe. Please don't change the directory.
    • After installing, the program launches automatically, select Scan now and save a log
    • After the scan is complete please attach your log onto the forums using the paper clip icon above your reply.
     
  3. tiona86

    tiona86 TS Rookie Topic Starter

    see the whole problem is i can't download and when i do it says it cant find the file...
     
  4. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    I have seen this before...

    Lets try downloading smitfraudfix - then booting to safe mode (where the infection should not be loading) - then run the fix - at least get your desktop back hopefully

    Run Smitfraudfix
    • Download Smitfraudfix by S!ri from HERE
    • Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually)
    • Double-click SmitfraudFix.exe
    • Select 2 and hit Enter to delete infected files.
    • You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
    • The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file.
    • A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt
     
  5. adu123

    adu123 TS Maniac Posts: 278

  6. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    Thanks for the heads up buddy ;)
     
  7. tiona86

    tiona86 TS Rookie Topic Starter

    its okay

    i just went and got a whole new computer. i chalked it up as a loss because there was nothing i could do. i wasted $299 with the geek squad and i was not investing anymore money or time into that computer. my little brother is ICDL certified and couldn't figure it out. this was a good virus. beware and watch out for antispyware 2008. it has a shield with 4 colors kinda like the windows colors. thank everyone who took their time to help me with my problem! your services are greatly appreciated. have a nice day!!!
     
  8. tw0rld

    tw0rld TS Maniac Posts: 572   +6

    i've seen that program before. It display a false positive, that claims that your system is infected, the mistake you made was trying to install the program when it promted you to. I know exactly what you are talking about. Found it on my friend's computer, and removed it with spybot S&D.
     
  9. xxdanielxx

    xxdanielxx TS Rookie Posts: 1,069

    Please do not jump in and advice the user to do stuff when the person is already being help it can really mess things up by confusing the user that needs help
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...