PDA

View Full Version : Question on spyware hijacking PC



Gedc
31-12-2008, 02:48 PM
Guys

Running AVG 8 and Zone Alarm Pro - both paid for versions.. Generally don't get many viruses or spyware and if I do then generally manage to get rid of them using the knowledgeable people on here.

Whilst surfing the net today ZA asked me to run some windows software out of the blue - cant remember exactly what it was but I said no, then another popup trying to run some executable file - I said no... 30 seconds later I have a nice red icon with a white cross indicating I have spyware and should install software blah blah blah...I used Malwarebytes to get rid of the two registry entries and all appears well...It found the two things below...


HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\ActiveDesktop\NoChangingWallpap er (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

The question I have is how on earth did this little git get onto my system with two supposed quality products running in the background - AVG 8 with surfshield etc and ZA pro..

Cheers for any information other than ZA is crap thanks. It's served me well for about 6 years to date..

Thanks again

Ged

wainuitech
31-12-2008, 04:18 PM
One way spyware will get in is you have two AV's - The one in ZA Pro, and AVG - the two will be fighting one another and actually make you less protected. You cant run two AV's at the same time.

ZA is not very good - seen many PC's with either AVG, or ZA's Antivirus, riddled with infections, sorry to say but with the comment
It's served me well for about 6 years to date What may have been Ok in the past doesn't mean its any good now - Take AVG 8 - many have found its gone backwards from Version 7.

With an Antivirus & Antimalware you need one that has "real time protection", obviously ZA or AVG didn't do the job.

Spyware terminator has real time protection, as does NOD32 -I'm not to sure about Avast as I use nod32.

If you want a better protection you can have Avast - Free, or Nod32 - Paid, for antispyware - malwareBytes, Spyware terminator, and Spybot S & D - all free.

As you mentioned malwarebytes cleaned out infections the paid ones didn't - paid doesn't always mean better.

pctek
31-12-2008, 04:34 PM
Running AVG 8 and Zone Alarm Pro - both paid for versions..

.
The question I have is how on earth did this little git get onto my system with two supposed quality products running in the background - AVG 8 with surfshield etc and ZA pro..


Dunno that I'd call AVG quality. And it is only an AV.

ZA is OK, well dunno about your version but I've tested mine.
But its a firewall, it doesn't stop everything. I've been on some suspect website and had alerts come up - NOD32 will alert me to stuff like trojans, Counterspy to other malware, but I run all sorts.
Spyware Terminator with Crawler is enabled, Counterspy enabled, And Ghost Security runs resident too.

You can still get stuff by clicking the wrong thing. And malware evolves - they know what prtotections get used and are continually trying to bypass them. Like popups, then ther were pop"unders". And so on.

You caught it, you removed it, don't fret.

Speedy Gonzales
31-12-2008, 06:49 PM
The same thing appeared on these 2. Straight after I had reinstalled XP

You dont have to install anything to get it

Gedc
01-01-2009, 07:31 AM
Thanks for that. I turned off the firewall in AVG to avoid any conflict and totally forgot about the spyware element in ZA. Have now turned that off and fngers crossed AVG works okay. Had thought that AVG and its surfshield protected me real time but will check out further..Just glad it wasn't something a bit more nasty. Thanks again.