Tojans, spyware and other malware unexpectedly detected
by Haimon - 5/1/05 11:25 AM
Im still running an IBM 300PL Personal Computer which is doing well on Windows 98. I scan it weekly with NAV 2004 (constantly updated), SpyBot, AdAware aand Registry Mechanic.
Today, in parallel to an assignment in CNET Course XP Maintenance and Troubleshooting, I have run the On-Line McAfee FreeScan on this computer too. The scan detected 3 viruses:
(1) Downloader-UZ - infecting C:\WINDOWS\SYSTEM\ied.exe,
(2) Downloader-XJ - infecting C:\RECYCLED\Q330995.exe,
(3) AdClicker-BQ.inf - infecting C:WINDOWS\Downloaded Program Files\\start.inf.
To remove (1) and (3) the scan suggested running McAfee VirusScan software which I have to buy ($31.28).
Subsequently, with regard to AdClicker, I installed the free XoftSpy software (from ParetoLogic), as suggested by Google, and scanned the computer with it. It rapidly detected 21 other viral or spyware/adware/malware objects, namely:
(1-4) Save Now - minimaly threatening C:\PROGRAM FILES\VVN\ folder + 3 files in it,
(5-7) Windows Taskad - highly threatening C:\PROGRAM FILES\WINDOWS TASKAD\ folder +
2 files in it,
(8) Troj/Dloader-CC - minimaly threatening C:\WINDOWS\mstasks1.exe
(9) ISTBar - minimaly threatening C:\WINDOWS\mstasks2.exe
(10) Trojan Downloader.Win32.mediket threatening C:\WINDOWS\SYSTEM\mstmp.htrr
(11) IE Plugin threatening C:\WINDOWS\extract.exe
(12) ISTBar (in) a Registry Key
(13) Egroup (in) a Registry Key
(14-17) Windows Search Bar highly threatening (in) Registry Keys
(18) ? (in) a Registry Key
(19) A4ZetaBeta1 (in) a Registry value
(20-21) ?? (in) Registry values
However, removal by the software again depends on buying it ($39.99). All these objects appear in Google, thus are well-known. Im just starting to remove them one by one. That might be really tedious.
(1) How come that these objects are not recognized by the first-class, highly recommended anti-virus, anti-spyware and anti-adware programs, i.e.NAV, SpyBot Search and Destroy and AdAware?
(2) Would you recommend buying and installing XoftSpy as well? Has anyone experience with removing those objects, and others, by this software?
(3) Are there websites around that carry lists of removal procedures for such objects?
Thanks in advance for any piece of answers and responses.