TeMerc Internet Countermeasures
Adware, malware, spyware and hijacker information
|Home||About Our Forums||Enter Forums||About My Site||Newbie Reading||How'd I Get Infected?||Rules Of Protection||Infection Symptoms||Infection Help|
|Security Musts||AV-Firewall Protection||Countermeasures Apps||XP Acct. Protection||Security Scans||Browser Scans||Email & Ecurity||OE 6 Security||Vendor Forums|
|Forums I Visit||Excellent Websites||Win XP Links||Hero's In The Fight||Zero's||Tips\Misc. Info||Techionary||Tutorial Links||Email Us|
Symptoms Of Infection
The following list comprises the most obvious symptoms of your machine being invaded by any of the current crop of unwanted parasites out on the Net. Having any of these symptoms is not necessarily the end of the world. But any combination of 3-5 of them could be cause for concern
The homepage of your browser is changed suddenly, and you have no clue as to how it happened. This is commonly called a browser hijack, and one of the most notorious of these infections is CoolWebSearch.
You suddenly notice an 'extra' toolbar on IE and once again you didn't install it. Toolbar infections are of a wide variety, coming in many forms and names.
Your firewall alerts you to an unknown program trying to access the Internet. This usually means something has already gotten by your defenses and you need to take action, and in many cases most infections rarely travel alone. Another firewall indicator is that it is actually turned off by the malware. Many aggressive malwares target multiple av\anti-spyware applications.
New shortcuts appear on your desktop or your task bar, or even your system tray that you didn't put there nor know what they are. Nine times out of ten, these are some sort of bogus security links or gambling link
New entries appear in your favorites folder that you didn't put there. These are usually gambling sites or porn related, occasionally security links.
Your computer starts acting sluggish and slow with massive CPU numbers. This could also be from any number of unrelated reasons too, so this symptom in and of itself, may not be an indication of malware problems.
Excessive popup windows, unable to stop or close. One famous infection which had this symptom was a plague over this past summer was the Bube Trojan. It required a special, detailed fix to remove. I had the pleasure of trying to remove one of these nasty infections, and it was beyond my abilities, and I had to call in the cavalry. This was while the experts were still trying to fine tune the fix with several applications.
If any of your security tools have been disabled or open and close right away, this is a good sign of nasties. Yes, that's right, as the media and security forums have done a good job in educating users the only tactic left to the scumware writers is to try to disable all security ware on the system.
Every time you do a search, you wind up at the same unusual and unknown web site-search engine, or you get 1-3 pages of unrelated search results, before getting to your actual search. Typically referred to as a 'search page hijack'. This is all too common a symptom of many malware infections.
There is a new program or multiple programs in the Add/Remove Programs section of your control panel. If you're lucky, they will remove via Add\Remove, but more times than not, this does not work.
You're unable to access any of these: task manager, regedit, MSCONFIG, they just pop up and disappear. The idea behind this little trick is to prevent you from being able to access key sections of your computer for removal of the infection. Usually a special registry merge is required just to fix this part.
Your desktop has been changed to a web page or some type of notice that your PC is infected and you cannot change it. There are several alleged anti-spyware applications which actually do this. Imagine, claiming to remove infections, when in fact they cause them!! The most noted are PSGuard, RazeSpyware, World AntiSpy and SpyTrooper. Also to include the following similar applications: SpyAxe\SpywareStriker\SpyFalcon\AlphaCleaner
You get a lot of returned emails from people you don't know. This could be a sign of your machine being a zombie.
You begin to receive a pop up balloon asserting that your system is infected with any number of viruses or spyware. This one has been notorious since the middle of '06. Typically they are called SmithFraud\Zlob infections and an be removed relatively easily.
If you have multiple symptoms, its possible you have more than just ad/mal/spyware. Its more likely, you have trojans or worms. Follow the steps on this page, Infected, Now What?' Expect repair to take some time. If your uncomfortable trying removal of an infection, please post a HijackThis! logfile in my forum.
Latest Malware Threats Forum
section to see if your the latest victim of a particular infection and to see if
we have a fix for it yet.
|WinPatrol's Most Detected Mysteryware|