Hi, I'm new here and am impressed with this forum. Hopefully you can help me. I am running Spybot 1.4 and just recently picked up these spywares. I have rootware/kernal anti-spyware installed (Snoopfree and Unhackme) but they did not detect these. Of many anti-spies, only Spybot has found these: TIBS, TORPIG and SMITFRAUD.C. Could this be a false positive, I ask optimistically?

I need to access my Paypal account ASAP or eBay will suspend my account for non-payment of eBay items. If this is not a false positive, could I use Blue Shield, a mouse keyboard, for copy and pasting passwords into Paypal while we work on cleaning my computer?

Also, I am on a Toshiba Satellite A45 with XP Home (SP1). I purchased the computer used and updated registration with Toshiba to get the Toshiba software CD install sent to me. This was like in late 2004 or 2005. I asked Toshiba about SP2 and they told me NOT to install it and that there were instability issues between SP2 and Toshiba. So, I only have SP1 on my machine still.

Where do we start? Thanks in advance for your help!

Welcome to the forum, please be advised that most forums Pin the information you need at the top of the page. These two links are a must before you can proceed, but I suggest you review all Pinned (Sticky) information.
UPDATED WINDOWS - Your first line of defence, links and tips
http://forums.spybot.info/showthread.php?t=425
"BEFORE you POST" -Preliminary Steps and scanning with SPYBOT-S&D
http://forums.spybot.info/showthread.php?t=288
Use "Post Reply" to post the information in the instructions and stay in the same topic.


I asked Toshiba about SP2 and they told me NOT to install it and that there were instability issues between SP2 and Toshiba. So, I only have SP1 on my machine still.
I would say this is a real problem, even Microsoft stopped supporting SP1. This is a receipe for disaster and you really need to resolve in it some way.
As far as you other questions, I am going to try to remove malware for you, those I can not answer.

The only false positive I am aware of in Spybot concerning the issues you are asking about is for: Smitfraud-C.Toolbar888
http://forums.spybot.info/showthread.php?t=8668

While I cannot see the item, you may want to view this information:
http://www.sophos.com/virusinfo/analyses/trojtorpigai.html

Thanks

Thanks a lot for your quick response. I have probs connecting via wifi today but will do what the links you posted say to do.

While we work on this, what do you think of using a keyboard app to copy/paste password into Paypal and eBay with Torpig still on computer? Also, I heard that Torpig works only with IE. What if I just use Firefox 2.0?

While we work on this, what do you think of using a keyboard app to copy/paste password into Paypal and eBay with Torpig still on computer? Also, I heard that Torpig works only with IE. What if I just use Firefox 2.0?
I wish I could provide you with assurance, but this is just not an area I am experienced in. I would contact PayPal or eBay for advice.

Thanks

oyxgen, please access paypal and ebay account from a clean PC only.

You can download HJT to a clean PC if one is available and produce a log so that we can make an analysis.

Burn to disc or load on floppy
Upload to infected machine
Place HJT into own folder
Run HJT on the infected PC and post the log you produce using the clean PC.

"BEFORE you POST" -Preliminary Steps. (http://forums.spybot.info/showthread.php?t=288) :)

This topic has been closed to prevent others with similar issues posting in it.
If you need it re-opened please send me or your helper a private message (pm) and provide a link to the thread.

Applies only to the original topic starter.


Good luck oyxgen. :)