Discussion in 'malware problems & news' started by cheater87, Nov 9, 2005.
spybot,adaware, msas, AOL anti spyware, or mcafee can't find it or get rid of it. PLEASE HELP
Try with an online Scan at Kaspersky & try with Ewido.
any other programs that can get rid of it? my trial to spyware sweeper just ran out so i can't scan with it *cries*
What program is giving you the indication you have that malware....Pest Patrol ?
Also....if Pest Patrol....did it give a location ?
software\microsoft\windows\current version\internet settings\zonemap\domains\sgrunt.biz ?
That's a FP. I have Pest Patrol and got that same FP. It's a false positive due to IESpyad. Try to disable IESpyad's protection and scan again and you'll see PP won't detect it anymore.
it was found by AOL anti spyware and i don't have the IEspyad thing
Try the free online scanners in my signature.
If I am not mistaken AOL uses the Pest Patrol engine. Also....that is not just an entry found in IE-Spyad if you are referring to the above registry entry.
After the scan does not AOL present you with what it found as far as the location ?
Don't cry..you are not missing much.. They still can't get it right..
Can any of them, Primrose. Spy Sweeper, CounterSpy SpywareDoctor or PestPatrol. They all seem to issue's with their real-time protection or quite few of FP's.
So true Don..
aol does no give you the location it just tells you what it found but its blocking it now so thats good if its not a false positive
Heres what I found. AOL Spyware is made by Aluria, they also make "Spyware Elminator" & Spyware Elminator is a licensed copy of PestPatrol.
I've use PP for quite awhile & have had a number of FP's with it. Jeff Levy a radio ( 1070 AM ) guru, boasts constantly (commerical) for "SpywareElminator." When I downloaded the trial version of Spyware Elminator." It was exactly the same as PP. The folks at StompSoft ( they make BackUPMyPC ) were the tech folks for Spyware Elminator. While on call regarding BackUpMyPC, I posed the question. What's the diff between PP & Spyware Elminator, & was told about the license to market Spyware Elminator as a PP clone.
Now it looks like Aluria bought StompSoft, & StompSoft had the license for the PP clone, which AOL uses in part.
Long convoluted story, eh!
P.S. I've chatted with PP tech. a new update will be out soon & I'll bet this will solve our problem, for both of us. I've excluded Trojan.win32.dialer hc in PP.
The new PestPatrol update no longer finds "Trojan.win32.dialer.hc" aka "sgrunt.biz" which is protected by IESpyad. Anyway removed the trojan from PP's exclusion list ran the scan (with new update) & the trojan was not flagged.
Interesting, I just ran PestPatrol and it sees this same trojan, using the latest updates (December 8, 2005). I do not use AOL or IESpyad. So I guess they have not cleared up this problem after all? Meanwhile I will let it quarantine this, then if anything looks like it is broken, I can always release it again.
Do you use Spybot's immunization feature ?
Yep, my older version of PP gives that FP too (together with several other FP's...):
Pest Info: Category: Dialer Release Date: 10/24/2005 0:00:00
Background Info: Click here
File Info: In Registry: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\zonemap\domains\sgrunt.biz
Certainty: Confirmed Threatens: Liability Risk: Low. Advice: Delete or ignore
The DWORD is 4
I don't use Spybot's immunization feature but use some other tools.
Aluria are involved. Remember their little deceit with Spyware Elimator and its deliberate failure to identify rubbish from When U, thanks to a cosy arrangement. I wonder did anyone else who objected to there lies and sought a refund ever get their money, I didn't.
yes i have used Spybot's immunization feature.
Separate names with a comma.