1 Reply Latest reply on Dec 9, 2009 4:09 PM by vorblesnak

    Reporting Infection but getting clean scans

      I am getting a report that my system is infected.  I am using Comcast security powered by McAfee.  First I ran a full scan and 4 items were detected and quarantined.   However, that didn't fix the problem.  Then I downloaded and ran stinger in the report mode and it came back with 364405 clean files.

       

      The warning I'm getting is that a potential hazard (TrojanSPM/LX) with a check to download official intrusion detection (IDS software).

       

      I'm getting a 2nd warning that Windows has detected ------ Windows will download the most up to date antispyware.

       

      And finally there's a big notice on the screen that "Your System is infected!"  Spyware activity has been detected."

       

      I have continued to cancel the first two messages as I know that some of these messages are more virus.

       

      I did locate that my Registry was changed even though I repeated marked for a registry change to be blocked.  This appears to be in pdfupd.exe and winlogon86.exe and possibly userinit.

       

      Last week I had another virus and paid $89 for it to be fixed.  I really want to avoid that this time.

       

      Some programs seem to work fine but others reported to be infected including Spider Solitaire.

       

       

      Message was edited by: datacop on 12/8/09 7:06:04 PM CST
        • 1. Re: Reporting Infection but getting clean scans

          I believe you have one of the variants of a Trojan that mimics an antivirus program. It's purpose is to get you to download further malware so that it can fully infect your machine.

           

          I have removed these by downloading the newest version of MalWare Bytes and McAfee Stinger. I then reboot into safe mode and log in as the administrator. Usually the Trojan does not load in safe mode although I heard of one last week that did, keep that in mind.  Once you are logged in as Admin in safe mode install and run MalWare Bytes and then Stinger. Order is not as important as running both of them. You should then install a good antivirus and set it to run a full system check at boot up. Then reboot and let the AV program run.

           

          David Davis

          "Free advice is worth what you pay for it"