Quantcast
PC World
Search
Browse by Topic
Subscribe

Magazine

Subscribe & Get
a Bonus CD

Customer Service

You are not logged in, click here to log in.
Up to Discussions in Privacy & Security
8 Replies Last post: May 29, 2007 11:06 PM by TeMerc  
Click to view Thia's profile New Member
Thia
2 posts since
May 29, 2007
Reply

May 29, 2007 6:02 AM

Virus Infection

Hi guys,

I was running a scan on my PC using Norton 360 and noticed that several files being scanned were definitely malware. A quick check on the web confirmed my suspicions. I'm quite surprised by this as I always have up to date antivirus software.

Some examples of the scanned file locations:

C:\Program Files\Actual Spy\ActualSpy.exe
C:\Program Files\1st Antivirus\App.exe

The strange thing is Norton 360 failed to detect the files as malware! I tried to locate the files on the C drive but the file paths are flagged as incorrect/non-existent. I set Explorer to show hidden files and folders as well as hidden operating system files but the file paths still come up as invalid/incorrect. I've scanned my system with other spyware and virus scanners (SpyBot S&D, Ad-Aware, Spy Sweeper e.t.c) and they detected nothing.

I've even tried rootkit scanners but the results are hard to fathom. It can be very difficult to decipher a legitimate registry change from a suspicious one. AVG Anti-Rootkit did not even detect any thing suspicious.

The files must exist right? Norton 360 clearly scans those locations. Any suggestions guys? Any help will be much appreciated.

As a last resort I'll probably carry out a clean re-install of XP.

Thanks.
Thia
Reply
Click to view techie4fun's profile Old Hand
techie4fun
2,030 posts since
Oct 18, 2006
1. May 29, 2007 6:28 AM in response to: Thia
Here is what I would do. Assuming that you might have more malware/virus infections on your computer, do a scan with bitdefender online scanner. I would also run a scan with avg antispyware. If it comes out clean, I'd assume that Norton is doings its job and you have nothing else to worry about.

http://www.bitdefender.com/scan8/ie.html
http://free.grisoft.com/doc/avg-anti-spyware-free/lng/us/tpl/v5


Actualspy.exe is a keylogging program. How the heck did you get that? :lol:

I think reinstalling windows should be our last resort :wink: as you really haven't clarified yet that you have threats that you can't remove at this time.

Reply
Click to view Cosmo's profile Member
Cosmo
1,952 posts since
Jul 27, 2006
2. May 29, 2007 6:44 AM in response to: Thia
1st Antivirus is a crap antivirus that has a very bad reputation for installing itself on your computer, without permission, and killing your system. It will hijack your computer and won't let go until you "upgrade" (send them your money). Go here for the removal tool.

ActualSpy is a keylogger, and a pathetic one at that. You should be able to remove it through the add/remove programs in your control panel. For instructions, go here

On a final note, Norton 360 is absolute crap. Just a waste of money. You're better off with no antivirus than using anything from Norton. For the best payed antivirus I would highly recommend using NOD32.

30 day trial of NOD32. Install this and it should remove the crap listed above (make sure to get rid of norton 360 before you do).

Reply
Click to view mcbarker's profile Enthusiast
mcbarker
724 posts since
Aug 10, 2006
3. May 29, 2007 6:44 AM in response to: Thia
Actual Spy is a keylogger program. Someone with access to your system has to have installed it. If there is more than one user account on your system, you may not have direct access to it. If your antivirus or anti malware programs won't remove it, or Windows Add/Remove Programs utility doesn't detect it, go to THIS website for instructions on how to manually remove it from your system. You may have to log on as the system Administrator to get access to all of its files.

App.exe is a spyware file included in a bogus anti spyware program called Ultimate Defender. Again, if you have to remove it manually, see instructions on THIS website.

Old Scottish Saying: A deaf man will hear the clink o’ money.
Reply
Click to view SpiritWind's profile Enthusiast
SpiritWind
1,271 posts since
Aug 19, 2006
4. May 29, 2007 9:00 AM in response to: Thia
"1stAntivirus"
{size:18px}[/size:4d7ca8f00f]:D Hi Thia :

"1st Antivirus", assuming it actually exists on your
computer, can be removed for FREE , as contrasted
to Cosmo's link where you have to PAY for it, by
"RogueRemover", available at
www.malwarebytes.org/rogueremover.php .

Spybot & Ad-Aware are no longer top
antispyware programs; assuming your Operating
System is Win XP, much better is AVG Antispyware,
which is best gotten from www.ewido.net, where you
can download the program OR run its FREE Online
Scanner. Also good is the FREE version of
SUPERAntiSpyware from www.superantispyware.com .

As far as Rootkit detection programs, best to start with the
"granddaddy", known as "RootkitRevealer", available from
www.microsoft.com/technet/sysinternals/Security/RootkitRevealer.mspx
There are Support Forum(s) there, staffed by Volunteer
Experts, to help interpret the Scan Results if needed.

For the BEST in what COUNTS in LIFE : http://www.tacf.org
Reply
Click to view Thia's profile New Member
Thia
2 posts since
May 29, 2007
5. May 29, 2007 10:34 AM in response to: Thia
Thanks for your help guys. I'll try out all your suggestions.

Cosmo

I checked the Add/Remove Programs utility when I discovered I might have malware but no suspect programs were on the list.

Could Norton 360 have been searching in predicted locations or something? There were many more malware programs I noticed while the scan was in progress.
Reply
Click to view Cosmo's profile Member
Cosmo
1,952 posts since
Jul 27, 2006
6. May 29, 2007 12:54 PM in response to: Thia
HI Thia,

If you couldn't find it in the add/remove programs, then it is recommended that you install and run SpyHunter's Spyware Scanner. If that doesn't get rid of it, let us know.

As for Norton, while it is junk, it does pick up some things. In order to speed up the scan, Norton has the option of a quick scan or a full scan. You may have to play around with the scan options to get a full scan. I wouldn't know how to find it as I do not use any Norton products.

Reply
Click to view SpiritWind's profile Enthusiast
SpiritWind
1,271 posts since
Aug 19, 2006
7. May 29, 2007 9:00 PM in response to: Thia
SpyHunter
{size:18px}[/size:0029652623]:D Hi Thia ( & Others ) :

According to antiSPYWARE Expert Eric Howes on his
Spyware Warrior site, SpyHunter is NOT "Trustworthy";
he wrote :
"Note on Enigma SpyHunter: Enigma's SpyHunter anti-spyware application was listed on this page primarily because of the company's history of employing aggressive, deceptive advertising . The company was also known for exploiting the name "spybot" in its domain names and online advertising. These objectionable business practices were employed primarily from late-2002 to mid-2004.
Sometime during summer of 2004 the company halted the most obnoxious and objectionable aspects of its online advertising. It also unloaded all the "spybot" domains (which were promptly picked up by Paretologic for its XoftSpy anti-spyware application).

While there are still unresolved allegations that SpyHunter transmits the Windows Product ID from users' PCs , we can no longer classify this application as "rogue/suspect." Nonetheless, SpyHunter -- at least in its current state -- cannot be recommended because of its mediocre performance as an anti-spyware scanner. Testing indicates that it does not recognize some well-known spyware installations and has difficulty removing critical spyware/adware files even from those it does recognize . Given the many excellent competing anti-spyware applications that are available (some for free), users would do better looking elsewhere for trustworthy anti-spyware protection. "

For the BEST in what COUNTS in LIFE : http://www.tacf.org
Reply
Click to view TeMerc's profile New Member
TeMerc
35 posts since
Apr 6, 2007
8. May 29, 2007 11:06 PM in response to: Thia
I'll agree with what SpiritWind said and add users should go and read a fairly new thread over at Spyware Warriors, titled: 'SpyHunter Technical Discussion'

I'd stick the link in here but restrictions prevent that.

I'd wait at least 6 months before giving any thought to SpyHunter.
Reply

Actions

More Like This

QUICK LINKS: cheap laptops cell phones laser printers HDTV reviews LCD TV Plasmas digital cameras laptop reviews security antivirus windows vista reviews digital camera reviews inexpensive desktop LCD wide screen monitors
tech news tech blogs community & forums laptop prices software reviews downloads
About UsContact UsAdvertiseASME GuidelinesNewslettersFAQIDG InternationalMagazine Customer Service
© 1998-2008, PC World Communications, Inc.Terms of Service AgreementPrivacy PolicyCommunity Standards
RSS FeedsXML

Visit other IDG sites: