Fraud trojans

Got a working CD drive in the box I'm working on and right now it's running the Kaparsky boot disc Randy recommended. Kaparsky has already found "trojan.js.fraud.w" and I don't know if this is the same exact trojan but it's the 4th time I've had people call me on something like this in the last 2 weeks.

Other times I've been able to get them to use restore and that's worked, don't know if this is just an especially nasty one or if they just got lucky or what.

Anywho it must be a pretty good looking fake Windows warning as they've all punched on the "fix me" window without any hesitation.

So far multiple instances (some are bogus as they are in cache) of 8 different trojans/viruses.

Still 40% to go on the scan but I think most of them have been caught but yeow, don't think they had ever run disk cleanup so there are a zillion files to check.

Yup, it updated them with no problem. It might be because I'm running a DHCP server.

It didn't work or at least it still wouldn't boot. I reinstalled Windows (XP-MCE) and it's working now, it appears that it's clean but I'm still having a problem with IE which I'm upgrading to 8 to see if that'll fix it (it might just be broken).

IE 8 fixed the IE problems and I'm now running a pass with SuperAntiSpyware where it's got a bit to go. Sigh, there are just too many doggone files on computers these days.

When Kapersky was running I was watching some of it and doggone if it didn't look like QuickTime had installed about six different language versions along with the english version.

And don't get me started on Windows.

SuperAntiSpyware (thanks Randy!) is still chugging along and it's found a couple of more instances of rougue.internetsecurity2010 which is what I think caused this downward spiral in the first place. Don't think it was active, just some files that remained.

Still a ways to go.

Good lesson learned; the kids had their own account but it was set up as an administrator account. Kinda defeats the purpose....

Lousy with malware...or hormones? HeeHee

Don - Sounds like you're making some headway.  From all my reading and poking about, Malwarebytes seems to still be a good one that checks for the real nasty things that other virus/malware apps miss.  The default settings are good and it doesn't take an eternity to run.

At times I think about skipping by info on the latest and greatest bad stuff out there but it just fascinates me as to how sneaky the bad guys get with that stuff.

Yup. Good lesson here; know what your AV software looks like when it throws off a warning.

Thanks for the update on that.  Won't be using that puppy again until I hear of a change in attitude.  That is quite a surprise, having heard the way that outfit was formed and who was invited.  I guess it stems from having x-IT support people involved who tend to want to protect the customer from their own mistakes. 

Our IT people at work tried to make the desktop unusable but got called on it and they put things back in order when asked.  I don't get that.

I might add that they have a lot of photos and personal stuff, it's probably going to end up being around four full DVD's worth that they didn't have backed up anywhere else.

I'm putting it on DVD's for them.

Sigh. Photos of their trips to Europe, Australia, kid and family events, birth of the first grandkid, you name it.

People just don't get it.