Spyware, viruses, & security : Infection or Scam or nothing???
Infection or Scam or nothing???
by Alterknacker - 10/19/07 9:32 AMSYSTEM - Windows XP home SP2 with IE7.....diaup connectionb.....have NIS2007, Lavasoft Ad-Aware, Windows Defender, SpywareBlaster, SpywareGuard, C Cleaner.
POTENTIAL PROBLEM - on Oct 9th shortly after connecting to the internet, received two fake pop-up Windows security messages followed by a rouge application web page for PerformanceOptimizer. After clicking the red-X the application indicated it was preparing to install (i.e. a drive-by download) uponwhich I immediately disconnected from the internet.
ACTIONS TAKEN - ran several full scans with Norton, Lavasoft, Defender. Ran C Cleaner and scan disk. Ran Trend Micro House Call v 6.6 (new: 4 hours). Nothing found. Also checked forums, McAfee Site Advisor, Google, et al. Nothing found in the registry regarding anything c/w this app. One cookie found.
QUESTION - as of this date (10 days) nothing unusal happening with my system. Is there anything further that needs to be done??? Would there be anything hidden??? Thank you.
here
by shivscape - 10/19/07 10:06 AM In reply to: Infection or Scam or nothing??? by Alterknackersounds like a one of alert
ONLY to be sure - NOTHING is on your computer...
by Marianna Schmudlach
- 10/19/07 10:29 AM
In reply to: Infection or Scam or nothing??? by Alterknacker
have a look here:
What is PerformanceOptimizer?
and look IF you can find any of the mentioned files:
http://www.2-viruses.com/remove-performanceoptimizer
2-viruses.com
by Alterknacker - 10/19/07 12:52 PM In reply to: ONLY to be sure - NOTHING is on your computer... by Marianna Schmudlach
I had looked at this article a few days ago.
I checked the registry for the 3 listed Registry files but found none.
Of the 34 listed files, I checked a few (e.g. creader.exe; sload.sbd; data001.reg; performanceoptimizer.lnk; inst.imd) but didn't find anything.
I think, you do not to have to worry...
by Marianna Schmudlach - 10/19/07 2:56 PM
In reply to: 2-viruses.com by Alterknacker
then, as you wrote: as of this date (10 days) nothing unusal happening with my system Seems to me, everything is fine and NO "nasty files" have been installed.
Ref: .....not to worry
by Alterknacker - 10/19/07 6:19 PM In reply to: I think, you do not to have to worry... by Marianna Schmudlach
Thank you for your advice.
I see your post of Oct. 15th concerning Performance Optimizer and www.sophos.com although they state in their recovery section that "cleanup is not currently available for this potentially unwanted application." If one had an infection, what would be a product to remove same?
If one had an infection......
by Marianna Schmudlach - 10/19/07 6:48 PM
In reply to: Ref: .....not to worry by Alterknacker
I just see, Symantec has it already in their definitions:
http://www.symantec.com/security_response/writeup.jsp?docid=2007-101013-0757-99&tabid=2
I would assume, most of the other AV's would follow.
But.. is always good to run an on-line scan like Housecall IF you find something suspicious.
If you know the date of the possible infection do this...
by Uncle Buck - 10/23/07 10:42 PM In reply to: Infection or Scam or nothing??? by AlterknackerProviding you have not disabled you Windows System Restore all you have to do is click Start/All Programs/Accessories/System Tools/System Restore then follow the prompt and when you get a calendar pick a restore date like October 8th and roll your system back. Keep in mind any programs or updates you have installed since then will need to be installed. I might suggest you uninstall those you knowingly installed after the attack. Then run the restore.
Lesson to be learned, never click any form of un announced pop-ups. Use ALT Tab to cycel through the windows then when the one you are sure is a trap, then use ALT F4 to kill the window. Still play it safe and do a full system scan. If you really want to play it safe dump Norton Internet Security.
Something else to check is in your services is the Messenger service active? If so disable it, it is not needed in most computers and is for network administrators. Most administrators don't use it either. All it is is a source for pop-up spam messages that can trick you into installing malware.
Have a good day, Uncle Buck :?)
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
