Symptoms Of Infection

Post your HijackThis! Log here for spyware removal

Moderators: Admin Team, Moderators

Forum rules
ATTN:!! Only users pre-approved by TeMerc may offer help and assistance in malware removal. Any and all unauthorized posts will be removed without notice. Please read this thread for proper HijackThis! installation.
User avatar
TeMerc
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ
Contact:

Symptoms Of Infection

Postby TeMerc » Sun Jul 02, 2006 12:44 am

The following list comprises the most obvious symptoms of your machine being invaded by any of the current crop of unwanted parasites out on the Net. Having any of these symptoms is not necessarily the end of the world. But any combination of 3-5 of them could be cause for concern

  • The homepage of your browser is changed suddenly, and you have no clue as to how it happened. This is commonly called a browser hijack, and is one of the most common symptoms.
  • You suddenly notice an 'extra' toolbar on IE and once again you didn't install it. Toolbar infections are of a wide variety, coming in many forms and names.
  • Your firewall alerts you to an unknown program trying to access the Internet. This usually means something has already gotten by your defenses and you need to take action, and in many cases most infections rarely travel alone. Another firewall indicator is that it is actually turned off by the malware. Many aggressive malwares target multiple av\anti-spyware applications.
  • New shortcuts appear on your desktop or your task bar, or even your system tray that you didn't put there nor know what they are.
  • New entries appear in your favorites folder that you didn't put there.
  • Your computer starts acting sluggish and slow with massive CPU numbers. This could also be from any number of unrelated reasons too, so this symptom in and of itself, may not be an indication of malware problems.
  • Excessive popup windows, unable to stop or close. This has become a bit of an older symptom, as most malware authors prefer the 'stealthy' approach to injection these days. But still something to pay attention to.
  • If you have some of the more popular security software installed and they won't open, or appear for a few seconds, then disappear without scanning, more than likely, it's a good sign of infection. Yes, that's right, the scum who write this stuff try to disable some security tools.
  • Every time you do a search, you wind up at some unusual and unknown web site-search engine, or you get 1-3 pages of unrelated search results, before getting to your actual search. Typically referred to as a 'search page hijack'.
  • There is a new program or multiple programs in the Add/Remove Programs section of your control panel. If you're lucky, they will remove via Add\Remove, but more times than not, this does not work.
  • You're unable to access any of these: task manager, regedit, MSCONFIG, control panel, Run command and maybe even task bar....they just pop up and disappear or they just can't be brought up at all. Another popular indication is a message indicating the function has been disabled by an 'administrator'. The idea behind this little trick is to prevent you from being able to access key sections of your computer for removal of the infection. Usually a special registry merge is required just to fix this part, but we also have some special tools to fix several of these functions in one step.
  • Your desktop has been changed to a web page or some type of notice that your PC is infected and you cannot change it. There are several alleged anti-spyware applications which actually do this. Imagine, claiming to remove infections, when in fact they cause them!! Many of these are listed on RogueRemover Threat Page. It is far more current than Eric Howes list. That list has not been updated since May '07, so it's not very dependable.
  • You get a lot of returned emails from people you don't know. This could be a sign of your machine being a zombie.

If you have multiple symptoms, its possible you have more than just ad/mal/spyware. Its more likely, you have trojans or worms. Follow the steps on this page, Infected, Now What?' Expect repair to take some time. If your uncomfortable trying removal of an infection, please post a HijackThis! logfile in my forum.

See the Latest Malware Threats Forum section to see if your the latest victim of a particular infection and to see if we have a fix for it yet.
Image

Return to “Countermeasures: HijackThis! Spyware Help”

Who is online

Users browsing this forum: No registered users and 7 guests