syserror.com

Hi
I have blocked these two items when MSAS alerted that they tried to install themselves. Can some one tell me what they are especially "syserror.com". see pics. Thank you

http://img195.imageshack.us/img195/5389/bar2gy.jpg

http://img478.imageshack.us/img478/6830/sys8tf.jpg

 

The syserrors.com is an entry contained in IE-Spyad that MWAS falsely reported as being associated with IE's Trusted Zone.

 

Hi Bubba

I don't have IE-Spyad. Is it better to block syserrors.com or allow it. Thanks

 

syserrors.com is a malicious website that tries to install Spyaxe/Spytrooper (companions from Spysherrif). So it's smart to block syserrors.com

 

IE-Spyad was just one example of a program that places syserrors.com in IE's Restricted Zone. Perhaps the question needs to be are you using any program that places sites in IE's Restricted Zone and if so have you checked their respective database ?

If it's not associated with a protection program you are using I think it goes without saying you need to find out who is attempting to add that site to one of IE's Zones(Trusted or Restricted)....obviously you are not attempting to add it

 

Aren't SpySweeper, Spybot, SpywareBlaster, SpywareDoctor just a few of the many programs that could be responsible for the entry? They all add protection to IE restricted zone also.

 

Neither Spybot nor Spywareblaster has that site listed in their respective database in regards to Restricted Sites.

 

No. not using such a program. I was doing some work when MSAS popedup with syserrors.com.
the real time security programs I have: MSAS and NOD
I also use these program on weekly basis through USB stick. (they are not physically installed on my system): Adaware, spybot S&D and ewido
Also, I use online scanners on monthly basis. Thats all.

How to find out. can you help please
have these sites as trusted sites(I think by default) see pic.

http://img282.imageshack.us/img282/7918/ts4dv.jpg

 

Reputable ?

If one were to visit syserrors.com they would see scan programs such as SpyAxe, RazeSpyware, SpyTrooper....which are definetly items to stay away from.

Unless you can exactly reproduce what you were doing at that moment in time on the 24th....it's pure speculation why syserrors wants to be added to IE's Domains key.

Bottom line you blocked it with MWAS and suggest you move forward and be more aware the next time which might help narrow down who's attempting to add the URL.

Edit
There are further searches to be had in regards to syserrors and a fake Microsoft's Windows Security Center alert. One such article\blog can be found here.

 

That is DEFINITELY malware, that I have been battling on my son's computer. It is very difficult to remove and has yet to be acknowledged by any of the big spyware people like Symantec or CA. I suspect he was infected while visiting xxx sites, sad to say. There are many discussions going on over the net about schemes to remove the malware. It's interesting because the site in Manila that sent out the malware offers to sell you software that will remove it! Now that's a novel scam.

 

@Bubba
Thanks. one more thing : is it possible to manually blocking it by spywareblaster. if so what is its CLSID.


@subman631
it tried to install it self while I was writing in "Word" not visiting any site at all.

 

Manually block what....syserror.com

If that's what you meant....place that site in IE's Restricted Zone if it is not already there.