Gail MacMillan, Broker - Titusville, Brevard County FL : WARNING: Malware

Welcome to Reliberation Sign in | Help

Reliberation > Blogs > Gail MacMillan, Broker - Titusville, Brevard County FL > Post

WARNING: Malware - Trogan.Renos

By: Gail MacMillan
Tuesday, June 17, 2008 6:57 PM

spyware icon
This morning I had the unpleasant experience of this malware.
I'll describe it's behavior so you'll recognize it if it lands on your
computer. It operates as a series of pop-up screens which mimic
the look of Windows Security Center. I ran a virus scan but nothing
showed up. Still something just didn't feel right so I compared the
logos which were close, but not the same. There were 6 or 7 warning
screens which eventually all lead to the pop-up requiring registration
for the latest updated Windows Security Center(?) - your first red
flag. In the bottom right toolbar you'll see a red circle with a white X
as well as a shield which looks like the Windows Security Center icon.
It's tricky though, because it describes it's own behavior while IT's
happening. Arrgg!!! Another screen will start scanning for spyware,
it's bogus as well. It's very confusing - just stay calm. I tried going
to Microsoft's website but received a message "Navigation Blocked"
due to unstable internet browsing. During all this, my system kept
shutting down and restarting. I think you have enough here to
recognize it if it shows up. The fix:

I ran Windows Defender 3 times only to have the malware come
back. It seems it just keeps replicating itself. I tried to reconfigure
the start-ups in MSCONFIG only to have the icons reappear upon
restarting. Finally I disabled Windows Defender and downloaded
Computer Associates Anti Spyware which seems to have put an end
to the problem - perhaps! Here is an example of what you might
see - but the messages I received were only similar in nature.

This trojan can also change your home page, default search engine,
internet security zone settings and enable ActiveX controls. It's a
ploy to get you to download it's rogueware and it attaches to the
registry. It appears Windows Defender was unable to prevent this
malware from reasserting itself. A virus scan will not pick this up
because it's not really a virus - it's pop-up malware and requires
anti-spy software to remove it. I hope this description helps should
you encounter this event. Feel free to contact me if you have any
questions.

Home Sweet Home Florida Logo

Gail MacMillan Broker-Realtor®
Home Sweet Home Florida Realty, Inc.
At Home With Diversity (AHWD)
Certified Residential Specialist (CRS)
e-PRO Internet Certified (e-PRO)
Graduate Realtor Institute (GRI)
Relocation Specialist
Titusville, Florida
Cell: 321.544.6808

www.HomeSweetHomeFlorida.com great website - check it out - pass it on
Also posted at: http://activerain.com/blogs/homesweethomeflorida

Comments

Member Since '04	Phil Anderson said: It was probably sent to you by Dr. Kareem Daouda...he's still waiting to buy that investment property! :) How did it begin, Gail? Did you open and email? Did your virus scanner warn you not to? June 17, 2008 5:21 PM
Member Since '05	Gail MacMillan said: Hi Phil, LOL - you remember the not-so-good doctor then! To answer your question, no email, no virus scanner - just a whole bunch of pop-up windows warning me about my computer being infected and steering me toward the "Grand Pop-Up" telling me I need to register for the updated version of MS Security Center. But the effect was a bit like "THE TWILIGHT ZONE" because it was describing what the trojan would do, if infected, while IT was doing IT!!! Yikes, a bit unnerving. The only after-effect I've noticed is a disabling of the Windows Firewall, which after checking twice seems to be alright. I really try to keep my system clean, so this was an unexpected first. BTW - I love your website, did you design it yourself? Feel free to go off-topic :-) June 17, 2008 6:01 PM
Member Since '04	Phil Anderson said: Wow, that really sounds scary, Gail! Nothing personal, but please don't email me! :) My website is the work of many different vendors and my own limited talents. It took years to get it where it is and I'm sure I still have years to go! (*At least that's what those darn SEO vendors that call keep telling me..."I can make your site #1 in the Google rankings..if you'll pay me lots of $$$!".) I think the site is friendly and works for my clients, but there is ALWAYS room for improvement! A work in progress! Good luck with your Trojan issue...hope you can get it vexed from your system. LOVE your logo!!! Phil June 17, 2008 6:51 PM
Member Since '05	Gail MacMillan said: LOL - As I shut down for the evening everything seems normal in computer-land. It appears Computer Associates has purged this rogue from my system.......oh well, it's all in a days work......on to tomorrow then. June 17, 2008 6:56 PM
Member Since '05	Jana Davis & Marcia Demerjian said: I have AVG free which only takes care of virus. The pay version does it all. So at least once a week I go to Tred Micro House Call and run the scan. It takes care of spyware, malware, trojans and all free. I know the better known virus scan and MS are always a target. I think I have had all of the big names, one time or other and have ended up with some bad cootie. Norton was the last one and ended up with a virus that took out that computer. June 18, 2008 7:59 PM
Member Since '07	John Palmisano said: Hi everyone here is great website I found when I got a serious virus on my system. The information is free and they have trial versions of anti-spyware, which are great. You can buy them or donate if you like the software. The website also has tons of information on anti-spyware programs, which ones are real, and which ones are fake. The one thing I found out is that one spyware program will not clean up your computer. Anyway, I hope this helps. http://www.spywarewarrior.com/rogue_anti-spyware.htm Disclaimer: I do not have any affiliation with this website. I am just passing along some good information. Sincerely, John Palmisano Keller Williams Properties Weston, FL June 19, 2008 5:47 AM
Member Since '05	Gail MacMillan said: Jana/Marcia, I went to Tred Micro House Call to check it out, but didn't see a section to perform a scan. Is this a service you pay for? June 19, 2008 6:29 AM
Member Since '05	Gail MacMillan said: Hi John, Thanks for your email and sharing the website....phhhew...is that a lot of information or what........more than I hope I ever need. I saw the site Jana mentioned above, Tred Micro (looks interesting). A question about multiple programs doing the same task. In my experience I've almost always found conflicts when running similar programs. When I got "the little nasty" and called Brighthouse Cable about Computer Associates anti-spyware, they suggested disabling Windows Defender because of potential conflicts. Would you tell us what you're running in tandem and if you've noticed any problems in doing so? Thanks! June 19, 2008 6:39 AM
Member Since '07	Nate Covington said: Gail, the ladies are right on with AVG. I accidentally downloaded a Trojan Horse right off of this sight. Someone pingbacked on an article on the Cozumel, MX. area and someway or another I must have hit the url on the pingback. Anyway AVG prevented it from getting into my hard drive. It just scanned your header before I accessed this Blog. Good luck! June 19, 2008 9:09 AM
Member Since '05	Gail MacMillan said: Hi Nate - Don't know much about pingbacks. Tried a site a couple of times that was supposed to tell me something, but it never did seem to work, so I'm still clueless. Do you have a post somewhere about it? If you do let me know so I can check it out. BTW - is it important to know about? June 19, 2008 3:31 PM
Member Since '07	John Palmisano said: Hi Gail, sorry for the late reply. yes the site has a ton of information, it actually does show you what to disable in your internet security options so you will less likely to get a virus. With two kids and a wife that is a teacher they are constantly on sites and down loading graphics that sometimes have viruses. i find site interesting because it really breaks down how to deal with tracking cookies and viruses. I run window defender and i also run CA securities for my firewall and a antivirus program. When I run the AVG antispyware freeware and also spybot, and super anti-spyware free edition. I have no conflicts. I actually run these about every 3-4 days. I also run a registry repair program, which I believe is called desktop mechanic. Well, I find that the AVG software does the best job, but if you read the articles on the site they say to run multiple anti-spyware programs because one will not get rid of all of the viruses. The pop window you saw, if downloaded, will infect your computer even further. Gail, I hope the problem is resolved by now. Go to the site and spend about 30 minutes to read how to protect you computer. They have a basic tutorial on what to disable and what to leave on. I hope this helps. John Palmisano-Realtor Keller Williams Realty Weston, Fl 33326 July 11, 2008 9:26 PM