Heartland

Something very strange has been happening to my work PC. Basically it appears 'something' has managed to secretly install itself. I'm no geek so bear with my description of what's happening.

Norton scans are automatically deleting diallers.

Spyfighter is automatically picking up registery keys which I then have to manually delete.

Spywareblaster doesn't seem to be doing alot and the strange thing is that approx 2000 restricted sites are having their protection unabled on a periodic basis.

My g oogle homepage is changing to 'about:blank'.

A daware scans seem to be saying that the main culprits are something called 'VX2' and 'Searchclick' which are some form of 'malware'.

But as soon as I delete anything it's coming back within minutes. The net result is that my PC is just grinding to a halt.

The other unpleasant aspect is that certain words in my attempted open forum posts or replies to PM are automatically transforming themselves into hyperlinks to sites most people don't really want to visit. Hence my lack of activity today. This is my fifth attempt at this post. The gaps in some of the above ie g oogle are to stop it becoming a hyperlink.

If anyone receives anything (PM or email) from me during work hours I would suggest you just delete it. With the exception of one PM to The Pope and one email to Ania which I know are OK.

Any suggestions gratefully received. Our IT people's response is to come down on wednesday, wipe windows completely and then re-install it.

Talk to me in basics please. Thank you.

basicly:
make sure your anti-spyware-softwares are of the latest version and that they are all updated correctly.
When that is OK just do the same thing you did before (with 'ad-aware' AND 'Spybot Seek and Destroy', just download, install and update it) but in 'Safe Mode' and without the network cable connected to the PC.

This normally should do the trick.
Good Luck.

I'd go with the IT dept suggestion. Wipe Windows and start afresh, sounds like you've got yourself in a bit of a pickle. I do a 'clean install' every few months on my home PC anyway, it's no big deal.

How come I never get any trouble like this? I use Windows built-in firewall and only recently got around to installing a virus checker, I have no spyware detection software at all. Must be those dodgy sites you're visiting Johnny

What like Heartland?

I am reliably informed it email originating and not web originating. Presumably from an email spoofed on a client's domain.

It's the 'VX2' and 'Searchclick' that are the buggers. They're being deleted by a daware but they're not. Once active again they're inviting every other little gremlin to come and play on my PC.

Bastards.

Just a little suggestion DerekR, but install ad-aware or Spybot (I Prefer SpybotSD) on your PC and let it run ...
You'll be suprised of what it finds on your computer.

A Firewall doesn't block everything, once you install something on your PC, even the main executable (setup.exe) can contain a Spyware that is installed with the main program...

For Exemple even MS Windows installs a spyware (Alexa) on your computer.
No PC is as clean as you think and the danger of Spyware should never be underestimated!

I haven't tried this but:
VX2 Cleaner from Lavasoft

hallucienate wrote:I haven't tried this but:
VX2 Cleaner from Lavasoft

i have. piece of cake to install and use

How to remove VX2:
http://www.spywareguide.com/product_show.php?id=25
How to remove Searchclick:
http://www.spywareremove.com/removeFD9B ... 04C22.html

good luck

I can't help but I enjoyed reading your post, Johnny - it's better than a thriller on TV. Besides, of course I wish you good luck, and tell your employer to buy macs, they're less likely to catch this vicious stuff....

Reboot to safe mode, download and run hijackthis and delete the bad files then reboot to normal mode.

If you don't understand the hijackthis readout use the "save log" option and post the log and I can advise.

EDIT: Since you say ad aware is deleting them and they're returning, forget hijackthis, just run ad aware in safe mode and that should fix it.

Eva wrote:I can't help but I enjoyed reading your post, Johnny - it's better than a thriller on TV. Besides, of course I wish you good luck, and tell your employer to buy macs, they're less likely to catch this vicious stuff....

Thank you Eva. I'm glad my misfortune makes you smile.

Macs!!!

Well ...it's always famous last words but I've done everything suggested and things appear to have returned to normal. So a big to you wonderful geeky boys (and maybe girl) for your technical advice.

It's at moments like this that I'm glad that you are all geeks and don't have a life.

Johnny M wrote: Thank you Eva. I'm glad my misfortune makes you smile.

Sorry. I have my bitchy moment at times . Meant no harm.

now that it looks clean:
go to http://update.microsoft.com and update your windows.
think about installing and using Thunderbird for mail and Firefox for surfing.

The updating is a command (and do it regularly), firefox and thunderbird are friendly suggestions

Eva wrote:

Johnny M wrote: Thank you Eva. I'm glad my misfortune makes you smile.

Sorry. I have my bitchy moment at times . Meant no harm.

No apology necessary. I was joking. Maybe English humour doesn't always translate into Swiss/Italian.

I've got to agree with Hal - use Firefox.
A lot of malware gets onto your computer because of Internet Explorer.

Firefox - combined with a good firewall and anti-spyware software all mentioned in posts above - will help enormously.

My anti-spyware software hardly ever shouts "INCOMING" at me anymore since I switched to Firefox.

I was forced to update to thunderbird as my outlook express started freezing for 2 minutes everytime I opened it (but worked fine after that), and nothing I tried including reinstalling outlook seemed to work, and I still don't know why it started doing it.
I'd recommend thunderbird, and it automatically imports your emails from outlook when you first run it. Mine did anyway.

If you don't wanna do that there's an option in outlook to display all emails in plain text, which would also be a solution.

Once again gents, thank you all for your advice. My brain is on the verge of techie-speak overload but I'll get there.

I use Thunderbird at home, but due to the MS Exchange server etc at work, I'm forced to use Outlook here.

I use Firefox across the board - it's the dog's bollocks.

Edit: plus you get to change the 'look' of Firefox - and use d00mw0lf's favourite downloadable style, which I think you might like...

I dunno if this is any good but I use:

• Firefox
• SpyBotSD
• Avast anti-virus
• AVG
• Sygate
• Norton Anti-Virus

I hardly ever have trouble with viruses.

I'm thinking about switching Sygate to ZoneAlarm and removing Norton from my computer. Should I do this?

No reason why not. AVG is more than capable of doing its job, as is Zone Alarm. That said, if you're behind a router, fully patched and never run suspicious executables you could do without either.

I don't have any adaware or spyware but I'm going to get some right now!,dodgy sites ?

Another thought if you suspect the nasties came from e mail, is turn off the auto preview feature - sometimes this can allow code to run even if you do not click anything or open the mail.

Just by tuppence worth!

nick the stripper wrote:I dunno if this is any good but I use:

• Firefox
• SpyBotSD
• Avast anti-virus
• AVG
• Sygate
• Norton Anti-Virus

I hardly ever have trouble with viruses.

I'm thinking about switching Sygate to ZoneAlarm and removing Norton from my computer. Should I do this?

You really don't need 3 Virus scans on your computer, 1 is enough! If you use any p2p programs (soulseek etc) then don't switch to Zone Alarm, it has issues. Sygate is a perfectly good firewall. Personally I use Kerio Personal Firewall because I find it easier to configure than Sygate.

You should install Spyware Blaster though.

I have :

• AVG
• Kerio Personal Firewall
• Adaware SE
• Spybot S&D
• Spyware Blaster
• Microsoft Anti-Spyware
• Firefox
• Thunderbird

I have only been troubled by one virus in the past two years and I know that was my fault it got on the system.

Johnny M wrote:Maybe English humour doesn't always translate into Swiss/Italian.

Probably. And I never quite know how my comments come across, although I can't keep my mouth shut anyway...

However, I've learned something from this thread and thus wanted to install Thunderbird on my baby. It works fine, BUT: I can't transfer the old emails I'm collecting in folders from MS Entourage to Thunderbird. Anybody got a solution for me how I can keep my old emails (you know, my personal archives)?

Cheers!

Eva wrote:

Johnny M wrote:Maybe English humour doesn't always translate into Swiss/Italian.

Probably. And I never quite know how my comments come across, although I can't keep my mouth shut anyway...

However, I've learned something from this thread and thus wanted to install Thunderbird on my baby. It works fine, BUT: I can't transfer the old emails I'm collecting in folders from MS Entourage to Thunderbird. Anybody got a solution for me how I can keep my old emails (you know, my personal archives)?

Cheers!

try this? it's quite easy to do on a PC.

If you're installing Thunderbird I highly recommend the quick file extension. Filing your messages the normal way is a complete bugger.