Recent malware problem

[Mike1951]

In case anyone else has experienced this, my laptop recently became infected with Spyware Guard 2008.

I have Norton Systemworks Premier 2008 installed, running Auto-Prot at startup, and doing frequent full system scans.

When I first became aware there was a problem, I updated the NAV virus definitions and did a full scan. Norton found nothing. I downloaded the free version of PCTool's Spyware Doctor which detected Spyware Guard 2008 and Trojun.Vundo that had gotten past Norton. Since you must purchase the full version of Spyware Doctor to remove the infections, I spent the $39.95. Everytime that it found the infections and claimed to have removed them, the Spyware Guard 2008 would be present upon reboot. To its credit, SD would block the SG 2008 intrusions, but the hundreds of popups stating that SD has blocked an intrusion attempt became very tiresome. Even though I had SD runnng on startup, SG 2008 would load and run several times before SD could block it.

On a separate note, Norton Liveupdate has updated virus definitions 2 or 3 times daily since I first updated them and ran the initial failed scan. After several days of these virus updates, NAV also found and claimed to remove the infections. SG 2008 was still present on reboot.

I went to Malwarebytes.org and downloaded their free Anti-Malware program. It quickly and successfully completely removed SG 2008 and it has not presented since. Although they offer paid options for some of their programs, it was not necessary to purchase anything. Their free download outperformed Norton and Spyware Doctor from PCTools.

http://www.malwarebytes.org/products.php" onclick="window.open(this.href);return false;

Spyware Guard 2008 is a beast!! It perfectly emulates the Windows Security Center and I swear it was also emulating some Norton popups. If not, it was fooling Norton into displaying them. It replicates itself on your computer so fast that complete removal is complicated.

When I reported the failure of PCTools' Spyware Doctor and the success of a freeware program, my $39.95 is being refunded.

[G.A. Heath]

Malwarebytes has become my preferred tool to removing problems on my friends computers. I have yet to experience a malware infection on my home system, but then again those nasties can seem to get around that software compatibility issue.

[AEA]

Thanks for the info.

I have just dumped my Spyware Doctor and purchased the Malwarebytes program.

That Spyware Doctor was a resource hog anyway!

[Mike1951]

Their program works wonders, but I should add that it doesn't replace a regular AV program.

By their admission, Anti-Malware is designed to handle more recent malware variants and may not find older problems whose profiles may have been removed from its database.

Consider it a scalpel rather than a shotgun.

I found this thread which suggests the best programs to complement Anti-Malware.

http://www.malwarebytes.org/forums/inde ... topic=8947" onclick="window.open(this.href);return false;

[AEA]

Thanks again!

I dumped an old version of NOD32 and picked up the free version of Avira.
I will evaulate it for awhile before purchasing the Pro version.

[KC5AV]

One of our security guards brought his personal PC by the office the other day, "because it keeps saying to install antivirus", but it wouldn't let him. When I booted the PC up, I noticed the Spyware Guard 2008 pop-ups immediately. Malwarebytes program was the first one I downloaded (from a separate machine, because his wouldn't even connect to the Internet), and SG2008 wouldn't even allow the program to launch. I tried unsuccessfully to update his (expired) Norton Antivirus. I tried to install multiple free antivirus solutions. The program wouldn't allow any of them to install. I tried to manually delete all of the files and registry entries associated with it. None of these attempts were successful. I finally told him to take the computer home and find his restore disk, because I was tired of messing with it.

[The Annoyed Man]

I helped a guy in my Bible study try to recover from this same issue the other day. He is not really computer literate, and he had finally taken his laptop to the Geek Squad, who had finally done a clean install of Vista on top of the old XP. So he lost all of his files, etc. I got his email accounts set back up for him, and showed him how to find his webmail accounts, and stuff like that. I also put the bug in his ear that the next time he goes to buy a computer, he should take a long hard look at Macs. Nobody I know who is on Mac, including myself, has ever had any issues like this since we started using them. Yep. You do pay a little more for the computers; but you get a whole lot more peace of mind.

[jimlongley]

I helped a guy in my Bible study try to recover from this same issue the other day. He is not really computer literate, and he had finally taken his laptop to the Geek Squad, who had finally done a clean install of Vista on top of the old XP. So he lost all of his files, etc. I got his email accounts set back up for him, and showed him how to find his webmail accounts, and stuff like that. I also put the bug in his ear that the next time he goes to buy a computer, he should take a long hard look at Macs. Nobody I know who is on Mac, including myself, has ever had any issues like this since we started using them. Yep. You do pay a little more for the computers; but you get a whole lot more peace of mind.

I had a friend, "had" being the operative term for the moment, who is a real Mac fanatic. Recently he forwarded me an attached file about soldiers in Iraq, and when I opened it, I noticed some excessive disk activity, and then the Spyware 2008 popups started appearing, apparently it piggybacked past my firewall in the file he sent me, and modified my registry so that one of many copies of itself loads every time I boot up. Not easy to get rid of at all, but I seem to have finally done so. I notified my erstwhile friend of what had occurred, and his response was "Well, that wouldn't happen if you had a Mac." Seems as though he doesn't feel very responsible for spreading a Trojan Horse like this, which makes me feel less like being his friend.

[Liberty]

I had a friend, "had" being the operative term for the moment, who is a real Mac fanatic. Recently he forwarded me an attached file about soldiers in Iraq, and when I opened it, I noticed some excessive disk activity, and then the Spyware 2008 popups started appearing, apparently it piggybacked past my firewall in the file he sent me, and modified my registry so that one of many copies of itself loads every time I boot up. Not easy to get rid of at all, but I seem to have finally done so. I notified my erstwhile friend of what had occurred, and his response was "Well, that wouldn't happen if you had a Mac." Seems as though he doesn't feel very responsible for spreading a Trojan Horse like this, which makes me feel less like being his friend.

Mac users tend to be pretty evangelical (a lot like Glock or 1911 owners) I don't know if they have any means of checking for wintel virri

[CopOnce]

I’m not going to get into the long instructions of how to get rid of your viruses/malware, but I have found a number of freeware that works great for your protection. I use McAfee anti virus because Comcast offers it free to its users. The best free anti virus I believe to be is AVG. I’ve seen the free version catch things that have gotten through Norton/Symantec’s. A free software bundle that works great for keeping your machine in top shape is: Ccleaner. You can download it from http://www.ccleaner.com" onclick="window.open(this.href);return false;. It also cleans up your registry. The free malware program mentioned in this thread is really great. I’ve stepped other through the not so friendly install and had them run it after they have run everything they have on their machine and it would always catch something that the others missed. The Mac…lol, the writers of bad script aren’t doing it for the Mac because it’s a big waste of their time. Not too many software packages for the Mac like there are for the PC. It won’t be long and you’ll be seeing the problems with the Mac too and you’ll find the problem much larger because most Mac users are totally oblivious to computer issues. Here’s some links for the freeware:
http://www.ccleaner.com" onclick="window.open(this.href);return false;
http://www.avg-download-free.org/" onclick="window.open(this.href);return false;
http://www.malwarebytes.org/mbam.php" onclick="window.open(this.href);return false;
Make sure you have only one instance of anti virus running on your machine. Running more than one may cause conflicts with each other and really screws your machine up.

[WildBill]

Thanks for the tips. I downloaded malwarebytes and it found 16 infected files. I don't know if they really are, but I deleted them.

[CopOnce]

Thanks for the tips. I downloaded malwarebytes and it found 16 infected files. I don't know if they really are, but I deleted them.

If it found 16 problems, believe me, you had 16 problems that could have lead to bigger problems for you and possibly others too. Good choice to delete or quarantine them. Good luck.

[Mike1951]

There was a tech article in the Houston Chronicle during the past week discussing how, as the Mac's are becoming more popular, the malicious code writers are beginning to focus on Mac's also.

It should take them a while to catch up, but the threat is there.

[The Annoyed Man]

I had a friend, "had" being the operative term for the moment, who is a real Mac fanatic. Recently he forwarded me an attached file about soldiers in Iraq, and when I opened it, I noticed some excessive disk activity, and then the Spyware 2008 popups started appearing, apparently it piggybacked past my firewall in the file he sent me, and modified my registry so that one of many copies of itself loads every time I boot up. Not easy to get rid of at all, but I seem to have finally done so. I notified my erstwhile friend of what had occurred, and his response was "Well, that wouldn't happen if you had a Mac." Seems as though he doesn't feel very responsible for spreading a Trojan Horse like this, which makes me feel less like being his friend.

Mac users tend to be pretty evangelical (a lot like Glock or 1911 owners) I don't know if they have any means of checking for wintel virri

FWIW, I do run Norton AntiVirus on my Macs, but it is only because I also run Windows (for web development purposes) occasionally on both of my machines, so I feel the need to protect myself from Windows' security failings.

jimlongley, I'm sorry that incident damaged your friendship with that guy. But with all due respect, how am I supposed to react as a Mac user to the friend who sent me an infected file from his infected PC, which I pass on to another PC user without knowing it is infected because it hasn't infected my machine? You're laying the blame on the Mac user when the original offender was the PC user who sent him the infected file in the first place. If someone sneezes on a postcard before mailing it to me, and I show it to you when I come over to your house, and you catch the sender's cold even though I didn't, did I give you the cold, or did the guy who sneezed on the card? After all, if I had known that the sender was sick and had sneezed on the card, I would have certainly warned you to handle it with gloves before giving it to you to read, but more importantly, I wouldn't have brought it to your house in the first place had I known it was infected. Similarly, if I were guilty of sending you an infected file from my Mac, I wouldn't just blow it off the way your friend did because that's not right either, but neither would I expect you to hold me personally responsible for the failings of someone else's operating system. How can you hold either me, or the original PC user who sent the infected file to me, for keeping your machine virus free? When it comes to the goblins who write these virii and malware, we're kind of all in this together; but you can't really claim that if you don't exercise your responsibility to keep your machine protected too. So in my mind, it kind of cuts both ways. We all have to keep on top of our virus updates, etc., and we can't expect others to do it for us.

Liberty, yes, we are a bit evangelical about the breed. But being perfectly honest, Macs are only a little bit more secure than PCs. The real reason we don't catch Internet diseases is that we're a small enough market share that it's not worth the cretin's trouble to write malware for it. If we get too big, we will probably lose that advantage. OTH, each of us does what we can to secure ourselves. Part of my reason for choosing the Mac platform is exactly for those reasons. Whenever I say something along the lines of "he should'a bought a Mac," it's as much motivated by relief that I ducked whatever bullet is plaguing others at that moment, as it is motivated by smugness (which I really do try to resist). But in the end, I do not enjoy the misery of others, and I would prefer a world in which PC users enjoyed the same security that I enjoy.

Anyway, I apologize if I offended. It wasn't my intent.

[The Annoyed Man]

There was a tech article in the Houston Chronicle during the past week discussing how, as the Mac's are becoming more popular, the malicious code writers are beginning to focus on Mac's also.

It should take them a while to catch up, but the threat is there.

People have been writing about this for several years now. I agree with the possibility, but I think that Mac pricing practically guarantees the brand a minority share in the home user and the average business user market places - particularly in this economy.