my SD infected by maleware

l1k2s34 · #1 12-15-2006, 05:14 AM

my SD infected by maleware,it only can scan little file now, wat can i do for now?

l1k2s34 · #2 12-15-2006, 05:43 AM

may i uninstall SD and reinstall again???i am register user

c_edge · #3 12-15-2006, 06:50 AM

Hey l1k2s34,

Could you please provide more info on "SD infected by malware,it only can scan little file now". What is actually happening with SD.

You can uninstall/re-install Spyware Doctor. See if this helps

c_edge

John · #4 12-15-2006, 12:16 PM

PC Tools ... I want to send you files! How to do? Where to send to?

Why do I want to send files to you? Because my wife's computer clearly has a Malware infection and Spyware Doctor (and McAfee Security Suite) is not detecting it. The new alternative operating system thing did not detect anything either, no doubt because it uses the same database file for detection as Spyware Doctor. As the malware does not appear to be in that database file nothing is being detected.

Offending files that might be useful to you for investigation have been identified.

A clue about what is happening? My wife is a student doing a Masters Degree course. Some of the work to be handed in is to be done in collaboration with other students, including a couple of Chinese. Files were exchanged, and my wife's computer infected.

The result is lots of IE7 windows get opened and try to access Chinese websites.

In short, how to get these files to you for you to investigate?

katie · #5 12-20-2006, 09:16 AM

Hi,

To send a malware log to PC Tools support:

Go to Tools and select Malware Detective and run Tool and follow the prompts.

Do you happen to know the name of the infection?

kt

John · #6 12-20-2006, 12:18 PM

With respect that tool, just run, does not invite the sending of files that are suspected of being infected. It merely sends log files, according to the display on screen.

The Adware (that might not be the right term, but that is how it appears here) attempts to pop up IE7 windows and display chinese adverts. The infection is currently not being detected by Spyware Doctor, nor by McAfee security suite, nor by Prevx1. But using McAfee Privacy tool it is possible to detect that something on the computer is attempting to access websites such as j7y.net . That has now been blocked using the McAfee firewall, and indeed IE7 has been stopped from accessing the internet. (Firefox is preferred anyway). And the router box also has a facility to block any access to websites and j7y.net etc have been added to the facility.

The source of the infection? My wife, and it is her computer we are talking about, is a student and sometimes does work in collaboration with other students, two of whom are Chinese! I would like to forward an RTF file to you, originating from one of those Chinese students. I have a suspicion, rightly or wrongly, that you might find something totally new within that RTF file.

Why is that file suspected? My wife gave them a file, size about 110K, and after they added just a page or two of text the file size grew to over 4MB.

I look forward to reading your further comments.

c_edge · #7 12-21-2006, 04:30 AM

When you send a malware log, this tool collects information on any infections that may be on your computer. Very difficult to read, without the right tools.

It is then sent to the Malware Research Center, if you do have any infections, MRC will create a signature to remove the infection/s.

Once they discover the new threat, it may take them a few days to release the signature via the Smart Update feature.

Best thing to do is to perform a Smart Update regularly.