Malware/Spyware Removal Guide

spike7451

spud17 wrote: »

Before you do this, please search this forum for AVG, it seems to be getting worse with each version.
Consider one of Avira, Avast or Microsoft Security essentials.

Thanks,

I did just that tho & downloaded the Microsoft Security Essentials.
Then updated & ran Malwarebytes,the Microsoft & PC Doctor to make sure I got rid of it all.

spud17

spike7451 wrote: »

Thanks,

I did just that tho & downloaded the Microsoft Security Essentials.
Then updated & ran Malwarebytes,the Microsoft & PC Doctor to make sure I got rid of it all.

No problem, but, if you haven't, it's recommended to run the McAfee removal tool from HERE, to make sure all traces of it are gone.

Linbox

Fake antivirus /antispyware Trojan
Its a virus /trojan please see here http://www.bleepingcomputer.com/viru...rus-vista-2010 for full details on how to remove and the many names it has.

The basics
Down load both FixExe.reg and mbam-setup.exe http://download.bleepingcomputer.com/reg/antivirus-vista-2010/FixExe.reg
http://www.filehippo.com/download_malwarebytes_anti_malware/
I've already posted details of how to get rid of this a couple of times. But a lot of people are missing the FixExe part. Double click FixExe.reg and allow to run and accept the changes . Then run mbam-setup.exe and update, do a full scan. This WILL get rid of the problem.

Remove the virus then make sure your av prog is running full time and is up to date. Cleaned my sons PC last week and found that he clicked on a link without thinking and his av was't set up properly.
It might be a good idea to down load and run
http://www.filehippo.com/download_sp...earch_destroy/
http://www.filehippo.com/download_ccleaner/
after removing the virus.

To be honest spybot, cceaner and malware bytes should already be on your computer and run at least once a week to keep your system clean and safe. Make sure your antivirus program regularly updates its self and is constantly scanning your system.

debitcardmayhem

Post deleted ..... check posts following by espresso and me

espresso

debitcardmayhem wrote: »

I would recommend turning off Teatimer in Spybot if you use anti-virus programs - Run it with admin rights select Tools / Resident and untick TeaTimer.

Can you explain why please?

debitcardmayhem

espresso wrote: »

Can you explain why please?

debitcardmayhem wrote: »

I would recommend turning off Teatimer in Spybot if you use anti-virus programs - Run it with admin rights select Tools / Resident and untick TeaTimer.

Old problem, .... now done some more up to date reading and it seems that SD 1.6 no longer has the problems it caused in 1.4 (I will now prove it by putting it back on my system to test I was wrong ) If I find any problems I will get back to you. It seems that KIS and NIS still don't like the competition though ... Will now edit my post above, thanks espresso, and will give it a try with my NIS in place.

frannyann

Linbox wrote: »

Fake antivirus /antispyware Trojan
Its a virus /trojan please see here http://www.bleepingcomputer.com/viru...rus-vista-2010 for full details on how to remove and the many names it has.

The basics
Down load both FixExe.reg and mbam-setup.exe http://download.bleepingcomputer.com/reg/antivirus-vista-2010/FixExe.reg
http://www.filehippo.com/download_malwarebytes_anti_malware/
I've already posted details of how to get rid of this a couple of times. But a lot of people are missing the FixExe part. Double click FixExe.reg and allow to run and accept the changes . Then run mbam-setup.exe and update, do a full scan. This WILL get rid of the problem.

Remove the virus then make sure your av prog is running full time and is up to date. Cleaned my sons PC last week and found that he clicked on a link without thinking and his av was't set up properly.
It might be a good idea to down load and run
http://www.filehippo.com/download_sp...earch_destroy/
http://www.filehippo.com/download_ccleaner/
after removing the virus.

To be honest spybot, cceaner and malware bytes should already be on your computer and run at least once a week to keep your system clean and safe. Make sure your antivirus program regularly updates its self and is constantly scanning your system.

Thank you very much, just fixed friends laptop with this advice! She is now a very happy chappy!

debitcardmayhem

Originally Posted by debitcardmayhem
I would recommend turning off Teatimer in Spybot if you use anti-virus programs - Run it with admin rights select Tools / Resident and untick TeaTimer.

espresso wrote: »

Can you explain why please?

debitcardmayhem wrote: »

Old problem, .... now done some more up to date reading and it seems that SD 1.6 no longer has the problems it caused in 1.4 (I will now prove it by putting it back on my system to test I was wrong ) If I find any problems I will get back to you. It seems that KIS and NIS still don't like the competition though ... Will now edit my post above, thanks espresso, and will give it a try with my NIS in place.

Update I have been running S+D Teatimer for near on 14 days and It has not caused me any noticeable problems thus far, on my Win 7 Lappy (64 bit 2 Gig Memory and 1.67 Intel Core 2 Duo and Graham Norton 2010) so I apologise to S+D fans, and Thanks Espresso for making me re-evaluate. I will leave it on and keep my outdated hearsay in my trews.

espresso

debitcardmayhem wrote: »

Update I have been running S+D Teatimer for near on 14 days and It has not caused me any noticeable problems thus far, on my Win 7 Lappy (64 bit 2 Gig Memory and 1.67 Intel Core 2 Duo and Graham Norton 2010) so I apologise to S+D fans, and Thanks Espresso for making me re-evaluate. I will leave it on and keep my outdated hearsay in my trews.

I have used Spybot S&D for many years now on various different spec machines and have never experienced any problems with it.

I do know that various anti-virus packages like Kasperski, Trend & McAfee etc. require it to be un-installed during installation but I don't use any of those packages.

I do believe that the Immunize and Tea timer features are another valuable level of defence, that is definitely worth having so I continue to regularly update each week, although I rarely scan with Spybot now.

Works for me!

:cool:

olbas_oil

If I enter Fairfx into google, the top link returned is a sponsored link. This goes to FairFX, but via a site called http://rudywoofwoof.com/woof/woof.php?id=46

which then does a re-direct to fairfx.

Is this likely to be:
1) Malware on my machine (and on another I tried)
2) RudyWoof trying to intercept a call to a financial site by getting a high google rank
3) FairFX doing some kind of affilliate deal

I've emailed Fairfx and got a non-committal reply:
Thanks for your email.

Not sure about the technical background of why you get that web address and then get redirected, but I can confirm that it is out website, and you are not being compromised. Also, though that is part of our website, rather than choosing the first option your get from the google search, I usually direct customers to the second option, because it is much easier to navigate around the second one in future, for example when you want to view your balance or mini statement, or top up your card.