Danger; Spyware
Thread Starter
Joined: Apr 2003
Posts: 488
Likes: 9
From: UK
Danger; Spyware
My desktop has been 'taken over' by 'RazeSpyware' continually flashing 'Danger Spyware'. I have tried to remove it by changing the desktop, using restore etc but with no joy. Any suggestions please?
H49
H49
Grumpy
Joined: Jul 2006
Posts: 205
Likes: 0
From: 35-21 South 149-06 East
Try downloading the free Microsoft Anti-Spyware beta program from its website http://microsoft.com and then run this over your system.
It will identify all spyware and delete the files.
It will identify all spyware and delete the files.
Joined: May 2001
Posts: 82
Likes: 0
Is Microsoft Anti-Spyware 100% reliable? I tend to run two of everything and rotate through a cycle of scans of each product.
My kids are not too bad, but I do get the occasional malware appearing on their machine.
Example: I ran Ewido, and it identified backdoor.genlot.dx trojan. It has picked up this one before and others. Microsoft Anti-Spyware has never picked up one yet. Now maybe thats just the luck of the draw coinciding with when its run, and when I'm infected, but I looked into the MS Anti-spyware log, and found that it had permitted pohci13F.sys to run, which was the file with that trojan onboard. It also did not pick up the trojan once it was installed.
I have the following installed and cycle their scans:
AVG free edition (and run Housecall online as an occasional backup)
Spybot search and destroy
Spyware Blaster
Lavasoft Ad-aware
Microsoft Anti-Spyware
Ewido
Also run CCleaner daily
Keep an eye on things with
Hijack This and Rootkit Revealer weekly
Now, there are programs in there that claim to catch spyware /malware 'on the fly' but stuff still gets through.
I'll continue to run belt and braces, but on the basis of detection in my experience, I would be comfortable with running AVG with Ewido, and uninstalling the rest. That said, Ad-Aware is good but not as good as Ewido.
I am going to get round to paying for Ewido for the real-time upgrade, I think its worth it.
My kids are not too bad, but I do get the occasional malware appearing on their machine.
Example: I ran Ewido, and it identified backdoor.genlot.dx trojan. It has picked up this one before and others. Microsoft Anti-Spyware has never picked up one yet. Now maybe thats just the luck of the draw coinciding with when its run, and when I'm infected, but I looked into the MS Anti-spyware log, and found that it had permitted pohci13F.sys to run, which was the file with that trojan onboard. It also did not pick up the trojan once it was installed.
I have the following installed and cycle their scans:
AVG free edition (and run Housecall online as an occasional backup)
Spybot search and destroy
Spyware Blaster
Lavasoft Ad-aware
Microsoft Anti-Spyware
Ewido
Also run CCleaner daily
Keep an eye on things with
Hijack This and Rootkit Revealer weekly
Now, there are programs in there that claim to catch spyware /malware 'on the fly' but stuff still gets through.
I'll continue to run belt and braces, but on the basis of detection in my experience, I would be comfortable with running AVG with Ewido, and uninstalling the rest. That said, Ad-Aware is good but not as good as Ewido.
I am going to get round to paying for Ewido for the real-time upgrade, I think its worth it.
Last edited by Cheerio; 30th August 2006 at 09:18.
Red On, Green On
Joined: May 2004
Posts: 6,490
Likes: 2
From: Between the woods and the water
It's just a pop-up trying to sell you something. Consider using Firefox as your browser.
To kill the pop-up you could press Ctrl-Alt-Delete, and cancel the browser pop up.
To kill the pop-up you could press Ctrl-Alt-Delete, and cancel the browser pop up.
Joined: May 2001
Posts: 82
Likes: 0
The Cooler King
Joined: Feb 2004
Posts: 1,717
Likes: 30
From: Europe
Hello Helen
My employers got hit really hard by one of these things about a year ago where it took over the desktop.
We tried everything to remove it but to no avail. Having inspected the registry there were files all through it and none of them could be deleted.
In the end, it meant a total reinstallation of Windows - which I recommend you do.
To add a rant to this, Windows XP is by far the worst operating system I have ever had the displeasure of using and if it wasn't for the fact that Flight Simulation keeps me sane when I can't afford to fly, then I would be Mac or Linux all the way.
As soon as XPlane becomes decent and gives me nice scenery to play with instead of those horrible cockpits, I'll be dumping Gates' Ghoul into the nearest sewer.
My employers got hit really hard by one of these things about a year ago where it took over the desktop.
We tried everything to remove it but to no avail. Having inspected the registry there were files all through it and none of them could be deleted.
In the end, it meant a total reinstallation of Windows - which I recommend you do.
To add a rant to this, Windows XP is by far the worst operating system I have ever had the displeasure of using and if it wasn't for the fact that Flight Simulation keeps me sane when I can't afford to fly, then I would be Mac or Linux all the way.
As soon as XPlane becomes decent and gives me nice scenery to play with instead of those horrible cockpits, I'll be dumping Gates' Ghoul into the nearest sewer.
Joined: Dec 2005
Posts: 1,694
Likes: 15
From: Wellington,NZ
Have a look at the forum Cheerio provided the link to. This route is the most likely to offer success. Follow the directions exactly.
I got one of these things about 8months ago. Ended up having to reinstall. They often seem to be installed by a trojan. (In my case, zolob trojan downloader..)
I always found Ewido had a much more effective search and clean function than the then MS offering. Another that appears to work exceptionally well is Spyware Terminator.
Don't be surprised if, when running Ewido, AVG suddenly farts at you and says "BlahBlah detected." It seems to me that Ewido can get into and scan areas that AVG cannot.
To Cheerio, any idea why the instructions on that forum say to disable the resident shield?
I got one of these things about 8months ago. Ended up having to reinstall. They often seem to be installed by a trojan. (In my case, zolob trojan downloader..)
I always found Ewido had a much more effective search and clean function than the then MS offering. Another that appears to work exceptionally well is Spyware Terminator.
Don't be surprised if, when running Ewido, AVG suddenly farts at you and says "BlahBlah detected." It seems to me that Ewido can get into and scan areas that AVG cannot.
To Cheerio, any idea why the instructions on that forum say to disable the resident shield?
Joined: May 2001
Posts: 82
Likes: 0
I'm guessing that it would be to supress any action on the malware until you are ready to hit it after a safe mode boot and system update turned off?
I don't see any reason why it would be kept off once the system was clean.
I don't see any reason why it would be kept off once the system was clean.
