Okay, so it seems that we got a little bit of spyware called something like Fraud.Sysguard on our laptop the other day.
The symptoms of this annoying parasite were security warnings all over the place, alerts and system scans stating that the computer was infected. Obviously, these warnings were all false and were displayed to make us think that we were really in for it and that we better purchase the spyware software that they just happened to be offering. I knew these warnings and popup were fake because of the language they used. It was something like (and I am exaggerating here), “Oh no, you have something terrible on your system and you are going to now lose all of your credit card numbers and bank account passwords. You better do something FAST!!!” The way the creators of this spyware instilled a sense of urgency was to put a fake virus scan running in the background. By seeing something moving, we thought we had better get moving.
I have to tell you, this thing was really annoying. The first thing I tried to do was to hold down Control, Alt, Delete in a futile attempt to stop the processes. That didn’t work. As soon as the Task Manager box came up, it immediately shut down. What I DIDN’T do was to click any of the warnings. Just to let you know, don’t click anything. Just think of anything that seems weird as hot. Don’t touch.
The next thing I did was to turn off the computer. I restarted it in safe mode and then ran my favorite computer cleaning program, CCleaner. This at least cleaned out the temp files and all that. The next thing I did was to open, update and run Spybot Search and Destroy (Spybot-S&D). Good thing I downloaded the latest upgrade, because that was the one that offered the solution to our problem. The latest download solved:
2010-05-05 UPDATE
Malware: + Fraud.SecurityTool + Fraud.Sysguard + Fraud.VolcanoSecuritySuite + Win32.FraudLoad + Win32.FraudLoad.edt + Win32.Philis
Trojans: ++ Dropper.4Maximus + Virtumonde.dll + Virtumonde.sci + Virtumonde.sdn + Win32.Agent.sc + Win32.KillAV.hd ++ Win32.OnLineGames.mfdn ++ Win32.OnLineGames.mfeb ++ Win32.OnLineGames.mfee ++ Win32.OnLineGames.mfei ++ Win32.OnLineGames.mfek ++ Win32.OnLineGames.mfeq ++ Win32.OnLineGames.mfeu + Win32.ZBot + Zlob.BrainCodec
Worms: + Win32.Amburadul
Spybot Search and Destroy
Not bad for a free spyware sweeper. I have been using this program for years and really like it. I got the idea way back when I used to work for some radio stations. The computer guys used to use it on our computers over there. Hey, if the pros use it, I am going to use it.
When I restarted the computer in regular mode, we didn’t seem to have any further issues.
The next day (yesterday), I brought this situation up to a buddy of mine, who happens to be a computer guy as well. He said that Spybot is good, but there is another good anti-spyware program called Malwarebytes that I might want to try. It was also a free download.
Malwarebytes Anti-Malware
I took my friend’s advice and downloaded, updated and ran Malwarebytes. Well, if it didn’t find two more trojan files that Spybot didn’t pick up. Hmmm, that’s strange, but good.
I have heard all about people using multiple virus scanners and anti-malware and anti-spyware software, but I always thought I was above that. I figured that I wouldn’t ever come across the time where I might need two solutions instead of one. I guess I was wrong. Both of these programs really did a great job of getting rid of Fraud.Sysguard.
Incoming search terms
- fraud sysguard
- dropper 4maximus
- spybot vs malwarebytes
- malwarebytes vs Spybot
- fraud sysguard symptoms
- malwarebytes vs spybot 2010
- spybot search and destroy vs malwarebytes
- spybot vs malwarebytes 2010
- fraud sysguard effects on cpu
- what is fraud sysguard
Pingback: Google Chrome Not Connecting To Internet