Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: persistent infection

  1. #1
    Junior Member
    Join Date
    Aug 2008
    Posts
    7

    Default persistent infection

    sorry if am posting in the wrong place

    I have windows xp pro sp2....and I have spybot the new one
    man I hate spyware and malware


    I keep scanning my computer and every time it gets the sames results

    Microsoft.WindowsSecurityCenter_disabled
    Microsoft.Windows.System

    is there any way get them out of my system ?

  2. #2
    Spybot Advisor Team Zenobia's Avatar
    Join Date
    Oct 2005
    Posts
    5,184

    Default

    If you click on Microsoft.WindowsSecurityCenter_disabled,then click the area to the right with the arrows on it,Spybot should give you this description:
    Company:
    Product: Microsoft.WindowsSecurityCenter_disabled
    Threat: Security


    Functionality
    if the Windows Security Center is disabled this entry will be shown

    Description
    Malware can disable the Windows Security Center to make your System more vulnerable.

    If you have other security software suit installed, this may also deactivate the Windows Security Center to avoid double warning messages.
    I also see this description for Microsoft.Windows.System within Spybot:
    [Microsoft.Windows.System]
    Product=Windows.System
    Company=Microsoft
    Threat=Changed Settings
    CompanyURL=
    CompanyProductURL=
    CompanyPrivacyURL=
    Functionality=Registry changes about the Windows System.If this Item is beeing found, it does not necessarily mean an infection.Some Malware like CWS and Smitfraud variants change these settings. It is also possible that these settings have been changed by an administrator (if you have one) or by a legitimate software.Windows System Registry changes include Displaysettingmenus and Controlpanel
    Privacy=
    Description=These Settings can normally not be reversed via the normal Windows User Interface.Some settings pose security risks and some are just annoyances.Also, some settings are redundant, meaning that they can be changed at various positions in the registry thus changing one value may not be enough.
    Have you been having any other noticable problems on your computer,besides Spybot detecting those two problems?

  3. #3
    Senior Member drragostea's Avatar
    Join Date
    Jan 2008
    Location
    @Home
    Posts
    3,674

    Default

    Will this help (even a tiny bit)?
    http://forums.spybot.info/showthread.php?t=33238
    --

  4. #4
    Spybot Advisor Team Zenobia's Avatar
    Join Date
    Oct 2005
    Posts
    5,184

    Default

    Yes.But I need to find out if Security Center was disabled by mfc007,a security app did it,or if malware might be involved.

    And also about Microsoft.Windows.System,as well.

  5. #5
    Junior Member
    Join Date
    Aug 2008
    Posts
    7

    Default

    I never disable
    Microsoft windows Securety Center
    or microsoft windows system

    am 100% that is malware, ohh and when I try to go online to do any update for spybot or any other security program it wont let me and when I open internet explorer or FireFox everything looks normal but when I type spybot it will show another website I think my browsers got high jack

  6. #6
    Junior Member
    Join Date
    Aug 2008
    Posts
    7

    Default

    On my desktop instead of my regular wallpaper I have a blue screen with a message ( warning Spyware detected on you computer! ) and on the bottom
    warning! win32/Adware.Virtumonde
    warning! win32/PrivacyRemover.M64

    I tried to enable security center manually, after I boot my computer the settings go back to disable.
    I went to control panel, security center and I click on windows firewall and I get this message ( Due to an unidentified problem , Windows cannot display windows Firewall settings. I also tried to uninstall norton internet securety and I noticed that Norton internet Securety uninstall button is missing on add and remove programs

    sorry for my grammar is bad

  7. #7
    Junior Member
    Join Date
    Aug 2008
    Posts
    7

    Default

    Thanks for the response!

  8. #8
    Senior Member drragostea's Avatar
    Join Date
    Jan 2008
    Location
    @Home
    Posts
    3,674

    Default

    This sounds serious. It sounds like a SmitFraud infection too, because it represents the fake 'BSOD' screensavers that it presents the user to or a bio-hazard wallpaper saying "Warning! Your computer is infected!".

    The rouge products such as Winfixer, Privacy Remover, XPAntiVirus Pro, and VirusHeat have to do the SmitFraud family.

    You'll have to take a visit to the Malware Forums mfc.
    _____
    Consider posting in the Malware Removal forum and having someone take a look at your system.

    If you decide to have an experienced malware removal specialist assist you, please follow the procedure in this link to run scans and produce a HijackThis log:
    ______
    The infections might also explain why you have a "hijacked" search result and a disabled Security Center.

    However, before you go... mfc, have you ran Spybot-SD (latest definitions;27.8.08) in Safe Mode (disconnected from the Internet), to see if you can remove them?

    Are you using a firewall? How about a anti-virus/malware program?

    Please post back.

  9. #9
    Junior Member
    Join Date
    Aug 2008
    Posts
    7

    Default

    for Spyware programs I have Spyware Doctor and SpySWeeper and for virus and firewall I have Norton internet securety but I think norton is been desable because when I run full scan it takes only about 2 minutes...man I think if by friday I dont have any luck i'll wipeout all my hard drives....I have two 400gb in raid and two 300gb nomal that is going to take a while to erase.... how can I get the latest update for spybot?

  10. #10
    Senior Member drragostea's Avatar
    Join Date
    Jan 2008
    Location
    @Home
    Posts
    3,674

    Default

    Is the Norton subscription free or paid?

    I wouldn't suggest you "nuke" or 'wipeout' the drives yet. There's still hope, if you visit the Malware Forums. The instructions are in my previous post.

    You simply update Spybot-SD by executing it and click "Check for Updates".
    Download the updates that are presented to you and run a full scan in Safe Mode.
    --

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •