Warning! Spyware detected on your computer? Install an antivirus or spyware remover to cle...

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I'm trying to fix a computer for someone with a virus/spyware

A window pops up saying:    

Warning! Spyware detected on your computer? Install an antivirus or
spyware remover to clean your computer.  Bugs crawling on desktop

Seems to be the same thing has found here, but using these tricks
hasn't solved it yet.
http://www.bleepingcomputer.com/forums/topic145964.html#entry820445


Later, another window poped up.      Malware Alert!

Attention! Adware.W32.SpyShredder spyware detected.  

I found this, and i'm trying it out now.
http://www.bleepingcomputer.com/forums/topic149461.html#entry837836




Has anyone seen these problems lately?

Machine has Trend Micro Antivirus (Up to date) and Windows updates are
updates are not too far out of date, perhaps a month or so.  Still
using SP2 rather than SP3 I think.



Re: Warning! Spyware detected on your computer? Install an antivirus or spyware remover to clean your computer. Bugs crawling on desktop


|
| I'm trying to fix a computer for someone with a virus/spyware
|
| A window pops up saying:
|
| Warning! Spyware detected on your computer? Install an antivirus or
| spyware remover to clean your computer.  Bugs crawling on desktop
|
| Seems to be the same thing has found here, but using these tricks
| hasn't solved it yet.
| http://www.bleepingcomputer.com/forums/topic145964.html#entry820445
|
| Later, another window poped up.      Malware Alert!
|
| Attention! Adware.W32.SpyShredder spyware detected.
|
| I found this, and i'm trying it out now.
| http://www.bleepingcomputer.com/forums/topic149461.html#entry837836
|
| Has anyone seen these problems lately?
|
| Machine has Trend Micro Antivirus (Up to date) and Windows updates are
| updates are not too far out of date, perhaps a month or so.  Still
| using SP2 rather than SP3 I think.
|



1. Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

2. Disable Notepad's word wrap:
In Notepad.exe;  Format --> uncheck; "Word wrap"

3. Download/run Deckard's System Scanner:
http://www.techsupportforum.com/sectools/Deckard/dss.exe

4. Save the scan results (Main.txt and Extra.txt)

5. And then post the contents of Main.txt and Extra.txt in your post in one of
the below
expert forums...


{ Please - Do NOT post the HJT and Deckard's System Scanner Logs here ! }

Forums where you can get expert advice for HiJack This! (HJT) and Deckard's
System Scanner
Logs.

NOTE: Registration is REQUIRED in any of the below before posting a log

Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0

Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.malwarebytes.org/forums/index.php?showforum=7

Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://aumha.net/viewforum.php?f=30
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security /
http://forums.security-central.us/forumdisplay.php?f=13

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Warning! Spyware detected on your computer? Install an antivirus or spyware remover to clean your computer. Bugs crawling on desktop

Use my free Remove-it software, it will remove that malware from your
system. Download it here http://pcbutts1.com/downloads/tools/tools.htm

--
Ignore posts made by the person called Leythos, he is a stalker who's been
obsessed with me for years ever since I spurned his advances towards me.




Quoted text here. Click to load it


Re: Warning! Spyware detected on your computer? Install an antivirus or spyware remover to clean your computer. Bugs crawling on desktop


Quoted text here. Click to load it

As well as block access to other more legitimate sites.
 



--
Regards,
Dustin Cook - http://bughunter.it-mate.co.uk
BugHunter v2.2e AntiMalware Removal Utility
For Windows users, I highly recommend:
http://www.malwarebytes.org - MalwareBytes AntiMalware


Ping PCButts - Not wise to sling too much mudd, some of us have nice archives....


Quoted text here. Click to load it

Hi Christopher,

Would you like to comment on any of the following?

http://www.viruslist.com/en/weblog?weblogid=197597102

Analyst's Diary

No good deed goes unpunished

Roel   September 06, 2006

I think I speak for just about the entire security industry when I say
that I really value the work of the people who help out on security
forums.  These people put in a lot of hard work and effectively it's
all voluntary.

Some of these people create tools to remove certain malware
families/types, and these tools will be very popular within the
communities that they belong too.

Recently the tools created by members of one community have proved so
popular that someone decided to copy them. Most of these tools are
scripts, which means that they can very easily be edited. Normally
editing is done to update the scripts so that they can detect new
malware. Sadly, in this case someone has basically copied the scripts
and put his own name to them.

This copying and taking credit for other people's work has been going
on for quite a while now. Normally ignoring such people is the best
course of action, so as not give them any (more) attention, but I think
a line has been overstepped.

'Pcbutts1' is actively promoting 'his' anti-malware tools which remove
a number of threats. This is what people see when they go to his very
recently updated downloads page.

The people listed on this page are well respected within the security
community and a number of them are actually Microsoft MVPs. It's
'pcbutts1' who is the fraud, not them.

Let's hope 'pcbutts1' grows up - and fast.
===================================================
Comments:

08.09.2006 07:10  |  Atribune

If you dont steal explain to me why smitrem the program you claimed was
your last year had code written by another MVP and myself in it? You
weren't even bright enough to remove my name at the time.
Don't feed us your BS that you arent a thief and that you coded this
for someone, we all know you are full of it.

Dave Nelson

MS MVP Windows - Security

----

08.09.2006 21:03  |  i_kenefick         Post Reply

I'm sure Roel is up to date :)

Roel, I think I speak for all when I say that yes PCBUTTS1 has
plagiarised his last piece of code. I thank you personally onbehalf of
my feiend and colleague David Lipman (listed on PCBUTTS1 page) for
making this public in the eyes of security vendors. For years he has
protested his innocence in vain in alt.comp.virus/alt.comp.anti-virus.
The truth hurts... time for PCBUTTS1 to feel the pain :-)

Regards, Ian Kenefick

http://www.ik-cs.com/got-a-virus.htm

----

10.09.2006 02:54  |  noahdfear

I too thank you for publishing this, Roel. It's long overdue that
pcbutts get more publicly exposed for the liar and plagiarist he is. I
would also like to mention that he is hosting and distributing several
well known software programs without proper licensing/consent, as well
as distributing quite a number of copyrighted, non-redistributable
files. My hope is that enough people see this blog, and others like it,
to begin completely ignoring and or rejecting his suggestions in the
newsgroups in which he trolls, in addition to more software vendors and
affected authors jumping on-board the impending class action suit
against him.

This person has for the last year or so has been laying claim to several
pieces of software which are used to fight malware. To just name a few:
SmithRem-Used against many of the SmithFraud\Zlob infections.

NailFix- Used against Aurora\Nail infections.

RogueFix- Used against some variants of SmithFraud

There are others as well. Some of these people he has allegedly ripped
off are Microsoft MVPs.

When confronted he slanders his accusers, calls them vile names and is
overall not someone who you would trust. He changes his Whois info and
tries to hide his identity. He even began to offer help to users via
email to avoid any detection by the security community.
Some of the originators of these scripts are contemplating legal action.
But we all know how well that works on the Net.

The only other recourse is to try and shame him into doing the right
thing. But based on comments found via a Google search for pcbutts it's
an unlikely thing he will because it appears the right thing just isn't
in his genetic make up.

But you can do the right thing, by spreading the word about this person.
You can also do your part by complaining to the ISP hosting his site at:

Mr. Scott Knowles
Interland Shared Abuse Department Interland, Inc.
303 Peachtree Center Avenue, Suite 500
Atlanta, GA 30303
voice: 404-260-2477, opt 9 (ext 5260)
abuse@interland.com

You are welcome to freely distribute this file to anyone via any method
you see fit. The more people who are informed of this code thief, the
better. His ISP has been contacted over his hosting programs without
permission and they seem to be ignoring us. Please send them an email
letting them know you do not approve hosting websites that host other
peoples programmes without permission. If your a customer of Interland,
please consider doing business with a more ethical company in the
future.
 



--
Regards,
Dustin Cook - http://bughunter.it-mate.co.uk
BugHunter v2.2e AntiMalware Removal Utility
For Windows users, I highly recommend:
http://www.malwarebytes.org - MalwareBytes AntiMalware


Site Timeline