WARNING!!! SPYWARE TERMINATOR!!!

[drhayden1]

http://forum.spywareterminator.com/Default.aspx?g=posts&t=2446

but spycrap terminator has really messed up big time....
and MikeBCda- here's a few scanners
http://www.virustotal.com/
http://wiki.castlecops.com/Online_antivirus_scans scroll down to see a-lot of scanners

[gdiloren]

AND REMEMBER (FOR THOSE LEFT WHO STILL LOVE SPYWARE TERMINATOR...) SPYWARE TERMINATOR COMES WITH A "SPYWARE" IN ITSELF, THE CRAWLER TOOLBAR!

[drhayden1]

strange one of those scanners on the link above i posted and i was just checking it out being the curious kind of guy i am give me the warning below...how sweet-a virus scanner that has a virus
of course i moved to chest and also sent pcpitstop who i have used their full test computer scan for years and no problems at all an email with the below attachment-what a day

[Lisandro]

AND REMEMBER (FOR THOSE LEFT WHO STILL LOVE SPYWARE TERMINATOR...) SPYWARE TERMINATOR COMES WITH A "SPYWARE" IN ITSELF, THE CRAWLER TOOLBAR!

You don't have to install it. It's not a spyware anymore.

[polonus]

Hi folks,

Why don't you take drhayden1's word for it. He had the experience, and is glad he has escaped. There is a lot of bad code out there, and it is not the air, it is bits and bytes.

polonus

Click on the picture to see the magnetism at work

[drhayden1]

http://forum.avast.com/index.php?topic=12432.0

ok damian,davidr,tech and can't forget bob and all the others out there...should i leave,remove,delete,ignore,or what as the link above says on the virus avast!just detected on my laptop
any help,suggestion,warning and or advise would be appreciated

[DavidR]

Thanks but at the moment of scanning, Google lead to nothing on the Phoney Trojan except for the ST web page definition which is poor info.

I tend to search for the file name being flagged as infected, you are likely to get more information on what that file is associated with and if it is also associated with a virus, etc.

A search on the malware name often brings some strange results (malware names aren't standardised and can be different from one or other security application) as it can be associated with a number of files, but in this case it may have lead to the ST forum and the false positive detection fiasco.

[gdiloren]

Thanks for the info, you're never too experienced...!!!

[DavidR]

strange one of those scanners on the link above i posted and i was just checking it out being the curious kind of guy i am give me the warning below...how sweet-a virus scanner that has a virus
of course i moved to chest and also sent pcpitstop who i have used their full test computer scan for years and no problems at all an email with the below attachment-what a day

Well if you look at the file name it reminds me of the Panda unencrypted signature file, pavdll.dll so a search for this returns many hits it would appear that PCPitStop are using panda.

http://www.google.com/search?q=pavdll.dll

This is why I say don't take anything at face value, investigate. Even a forum search for pavdll.dll returns many hits, so the name of the game is investigate, investigate and if you haven't got that investigate.

http://www.avast.com/eng/virus_detection_and.html#idt_1554

[polonus]

Hi drhayden1,

I gave you my answer in a PM, but I repeat it here. Placing malware in the chest renders it impotent in the sense it cannot do further harm to your OS. It has to stay there for purgatory, because sometimes your OS cannot function with something inside the chest, your OS may whine about that or come up with a prompt. If after some days everything is OK you can safely delete the malware from the chest by deleting it so that it eventually becomes overwritten. You know that Windows does not delete anything it just cannot find the link to that what is on your hard disk. After considerable time other bytes and bits are there, so then everything has gone to electronic oblivion.
If a dll is involved you have to place back, see to it that you set back the right version of the dll, not all have the same functionality so a program with an earlier version of the same dll can hamper the functioning of your computer proggie, so you have a dll checker for that dllchecker.exe from VB2Java.com,
you should have a dll log file already there for future exploration. Learn to do this for the future, my friend.

polonus

[DavidR]

Thanks for the info, you're never too experienced...!!!

Your welcome and that couldn't be more true.

[drhayden1]

ok thanks damian and tech also in his pm's too-will probably just leave in chest for a-while and see what happens
if my computer doesn't blow up in a week or so-i will delete it

[DavidR]

ok thanks damian and tech also in his pm's too-will probably just leave in chest for a-while and see what happens
if my computer doesn't blow up in a week or so-i will delete it

Nothing should/will happen it is a non essential file and simply an unencrypted signature file of panda which PCPitStop appears to be using as my previous post stated. http://forum.avast.com/index.php?topic=29566.msg243207#msg243207

There is also nothing stopping you taking a further step in the investigation process and that is uploading it (can't do it from the chest) to virustotal for checking, here you will see that only avast and about 4-5 others detect this.

[drhayden1]

ok also thanks davidr-i know you can't upload it while in the avast!chest-so i will just leave it in there and rot

ouch!

[DavidR]

It is just a false positive detection (IMHO) however, you need to confirm that using VT or Jotti. If you wish to continue using PCPitStop (certainly its AV check) you will need restore it and exclude it from scanning.

Otherwise you might stop using pcpitstop as well as I would imagine it will just download it again..