syserror.com

Discussion in 'other anti-malware software' started by hadi, Nov 26, 2005.

Thread Status:
Not open for further replies.
  1. hadi

    hadi Guest

  2. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    The syserrors.com is an entry contained in IE-Spyad that MWAS falsely reported as being associated with IE's Trusted Zone.
     
  3. hadi

    hadi Guest

    Hi Bubba

    I don't have IE-Spyad. Is it better to block syserrors.com or allow it. Thanks
     
  4. M__

    M__ Guest

    syserrors.com is a malicious website that tries to install Spyaxe/Spytrooper (companions from Spysherrif). So it's smart to block syserrors.com ;)
     
  5. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    IE-Spyad was just one example of a program that places syserrors.com in IE's Restricted Zone. Perhaps the question needs to be are you using any program that places sites in IE's Restricted Zone and if so have you checked their respective database ?
    If it's not associated with a protection program you are using I think it goes without saying you need to find out who is attempting to add that site to one of IE's Zones(Trusted or Restricted)....obviously you are not attempting to add it :doubt:
     
  6. Aren't SpySweeper, Spybot, SpywareBlaster, SpywareDoctor just a few of the many programs that could be responsible for the entry? They all add protection to IE restricted zone also.
     
  7. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Neither Spybot nor Spywareblaster has that site listed in their respective database in regards to Restricted Sites.
     
  8. hadi

    hadi Guest

    No. not using such a program. I was doing some work when MSAS popedup with syserrors.com.
    the real time security programs I have: MSAS and NOD
    I also use these program on weekly basis through USB stick. (they are not physically installed on my system): Adaware, spybot S&D and ewido
    Also, I use online scanners on monthly basis. Thats all.


    How to find out. can you help please
    have these sites as trusted sites(I think by default) see pic.

    http://img282.imageshack.us/img282/7918/ts4dv.jpg
     
  9. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Reputable ?

    If one were to visit syserrors.com they would see scan programs such as SpyAxe, RazeSpyware, SpyTrooper....which are definetly items to stay away from.

    Unless you can exactly reproduce what you were doing at that moment in time on the 24th....it's pure speculation why syserrors wants to be added to IE's Domains key.

    Bottom line you blocked it with MWAS and suggest you move forward and be more aware the next time which might help narrow down who's attempting to add the URL.

    Edit
    There are further searches to be had in regards to syserrors and a fake Microsoft's Windows Security Center alert. One such article\blog can be found here.

     
    Last edited: Nov 27, 2005
  10. subman631

    subman631 Guest

    That is DEFINITELY malware, that I have been battling on my son's computer. It is very difficult to remove and has yet to be acknowledged by any of the big spyware people like Symantec or CA. I suspect he was infected while visiting xxx sites, sad to say. There are many discussions going on over the net about schemes to remove the malware. It's interesting because the site in Manila that sent out the malware offers to sell you software that will remove it! Now that's a novel scam.
     
  11. hadi

    hadi Guest

    @Bubba
    Thanks. one more thing : is it possible to manually blocking it by spywareblaster. if so what is its CLSID.


    @subman631
    it tried to install it self while I was writing in "Word" not visiting any site at all.
     
  12. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Manually block what....syserror.com :doubt:

    If that's what you meant....place that site in IE's Restricted Zone if it is not already there.
     
Thread Status:
Not open for further replies.