1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Fake Trojan Alerts

By KrisMcNic2!
Nov 26, 2008
  1. Since yesterday morning (Nov 25th) I have been hit almost every 1 to 3 minutes by Fake alerts telling me that I have been infected by SpyWorm.Win32 or Trojan-Spy.Win32@MX or SpyBot@MXE or Net Worm-iVirus @fp to name a few. Then I am sent to buy or download from Anti Spyware Guard, or Windows Anti Virus 2008 being sold by Yewgate Ltd., or to download from www.systemtrigger.com. There are probably a few others but I did not really dig in any deeper. But they are all a scam as far as I can figure out.

    I was pretty sure of how I got infected, was advised to update my Activex control, but I should have backed out when there was no signature to the update. I should have known better. I went in & deleted and or uninstalled the suspicious items that had appeared then did a scan with AVG Anti-Virus 8.0.175 which found Trojan horse Agent.4.u . Scanned again & came up clean, but the problem did not go away so ran SmitfraudFix (which cured a similar problem previously) & it found a few more items, but still the problem exists even after running Smit 4 or 5 times. Also since then I have been hit by Trojan horse Agent.4.u again plus Trojan horse FakeAlert.BD, Trojan horse FakeAlert.CA, Trojan horse Downloader. Zlob.AHHE which AVG picked up during scans. I suspect that this one is dialing out for want of a better word & importing other bad things.

    I have started the your 8 Step program but have a question @ Step #4. Do I dissable AVG anti virus. Just want to make sure as it is not in the CastleKops dissable list. I am a little slow at times & it has taken me a while to learn that download means run and/or open not save but I am improving.

    It looks like a lot of people are having the same problem so that is why I listed the hits & the redirects. Somebody should pull their access to the internet and/or prosecute them for Fraud as this is going to probably get a lot of people to buy a product to fix something that was created by the seller.
  2. rf6647

    rf6647 TS Maniac Posts: 829

    Welcome to TS. I am trying to anticipate your needs. AVG does not interfere with basic tools called out in the 8-step guide.

    In case of difficulty, attempt this method
    Note, one user reported the need to restart in safe mode with networking, as the relief was temporary. This refers to message #1.
    Additional note: Message #3 link to 'fixit download' has demonstrated its effectiveness in many cases.

    Genreal Remark: - React to unanswered items appearing in scan logs
    • NO Action’ - Remove Selected when offered by MBAM
    • 'Delete on Reboot’ - Restart the computer after concluding the scan
    Proceeding along a typical path.
    • Update both MBAM & SAS. Rerun them both.
    • This effort is complete when logs report NO infections/threats, or reporting something it can not clean.
    • Restart the computer. Scan with HJT.
    • Posts logs. Report progress & what changes are observed.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...