the icon just randomly showed up on my desktop and led me to the site below:
http://adserver.softwareonline.com/PrimaryLanding/landingaro.aspx?Referrer=w1-A12intlicon-aro&cm_mmc=Windsor-_-INTL-_-Icon-_-Icon%3A%20Other%3A%20A12%3A%20usicon%3A%20aro
and then asked me to download and run the software…has anyone else seen this icon before on their computer?
Tagged with: adserver • amp • aro • aspx • intl • w1 • windsor
Filed under: Windows Repair Software
I have an automatic download from Windows for all critical fixes. I have not heard of any such problem or gotten any download from the Windows site. I have installed a registery cleaner before from a legitimate site, and have not heard of any problem from them, either. When I first got the message you are talking about in my e-mail, I marked it as spam and deleted it. I never open any e-mail I do not recognize, and I never download anything from a link inside any e-mail that I receive. I go directly to the sites I deal with by typing the address into my address bar (and that is NOT the address given inside any e-mail). E-mails often direct you to phony sites that look like the real site. They are not easy to identify as a phony site. If you give them your credit card or bank information, they can drain your account before you can realize it has happened. I would recommend that you delete the e-mail without opening it, that you ignore it, and that you ignore any spam that you have or have not recognized. My philosophy is if I didn’t ask for it, I don’t need it, and I probably don’t want it. If I want it, I’ll find it myself. Most spam is from crooks.
If you do not use MacAfee SiteAdvisor I suggest you install it on both Internet Explorer and FireFox. Below is a link you what MacAfee reports about the site.
http://www.siteadvisor.com/sites/softwareonline.com
Here is the link to MacAfee’s SiteAdvisor.
http://www.siteadvisor.com/
It’s not a virus, but it IS spyware. Any link that sends you to something that starts with "ad" or "adserver" is usually not somewhere you want to go.
I recommend downloading Ad-Aware and a pop-up blocker in the future to help you with these issues, and stay away from downloading toolbars and other "fun" gimmick tools on the internet, because most of them come with spyware and other junk that you don’t even realize is running when you install it – like the "Registry Cleaner" icon that appeared on your desktop.
Well since the icon magically appeared on your Desktop (assuming you didn’t deliberately install something that created it), your computer may also have spyware or a hidden program installed.
Don’t download that software, and run a Spyware cleaner.
You link does not work but McAfee Site Advisor (free) warns about the site.
Per McAfee Site Advisor
http://www.siteadvisor.com/sites/softwareonline.com
softwareonline.com
Feedback from some users indicated this site engaged in one or more questionable activities.
====================
Why didn’t you run Windows Live OneCare (free)
Windows Live OneCare
http://onecare.live.com/site/en-us/default.htm
Full scan: Backs up registry and then cleans registry, virus and spyware scan, disk cleanup, disk fragmentation (if needed), updates windows, and checks for open firewall ports.
Clean up scan: Backs up registry and then cleans registry, updates windows.
Other OK cleaners
RegScrubXP
http://fileforum.betanews.com/detail/RegScrubXP/1040020223/1
http://www.majorgeeks.com/download.php?det=2048
CCleaner: Do not install toolbar option
"Scan for Issues" function is the registry cleaner.
Clean function deletes unused files, history, and tracking cookies.
In options:
Set to run cleaner when computer starts.
Place cookies you want to save in the save list.
http://www.ccleaner.com/
============================
You have malware installed on your system. If you follow all the following steps it should get rid of your problem and prevent future problems. All programs listed are free.
Securing a Personal Machine
http://safecomputing.umn.edu/studentchecklist.html
OS Reinstallation vs. Virus Removal
http://safecomputing.umn.edu/guides/rebuild_repair.html
———————————————————
Update your antivirus and run a full scan in safe mode
If you do not have full time (active) virus protection install (only one) all are excellent:
AVG Antivirus 7.5 Free Edition
http://free.grisoft.com/freeweb.php/doc/avg-anti-virus-free/lng/us/tpl/v5
http://www.download.com/AVG-Anti-Virus-Free-Edition/3000-2239_4-10669237.html?tag=lst-0-1
or
Free antivirus – avast! 4 Home Edition
http://www.avast.com/eng/avast_4_home.html
or
AOL Active Virus Shield
http://www.activevirusshield.com/antivirus/freeav/index.adp
———————————————————
Install Windows Defender (full time spyware protection)
Perform a full scan.
http://www.microsoft.com/athome/security/spyware/software/default.mspx
———————————————————
Install the following five programs and run weekly or at least monthly. You need all five. They will greatly increase your protection. They are not a substitute for full time spyware and virus protection.
Ad-Aware SE Personal (update + full scan)
http://www.lavasoftusa.com/products/ad-aware_se_personal.php
Spybot Search & Destroy (update + immunize + scan)
Do not enable Tea Timer and SDHelper
After installation: update + scan + immunize
http://www.safer-networking.org/en/mirrors/index.html
SpywareBlaster: Update then open and click “enable all protection”.
http://www.javacoolsoftware.com/spywareblaster.html
SUPERAntiSpyware free version: (update + scan)
http://www.superantispyware.com/
CCleaner: Do not install toolbar option
Removes tracking cookies, unneeded files, history
In options.
Set to run when computer starts.
Place cookies you want to keep in save list
http://www.ccleaner.com/
————————————————————-
Note if a scan detects a problem but is unable to remove, start the computer in safe mode with the internet line disconnected and run a full scan.
In severe cases your system restore files will also be infected. In these cases you will need to turn off system restore to prevent malware hiding in the system restore files and reinfecting the computer during removal or during a future system restore. Turning off system restore deletes the system restore files.
Right click on "my computer"> Properties > System Restore Tab > Check box turn off system restore
After the malware is removed turn on system restore.
————————————————————-
Run this time only.
CWShredder: run
http://www.trendmicro.com/cwshredder/
Roguefix.bat
http://www.internetinspiration.co.uk/roguefix.htm#uninstall
Shoot The Messenger
http://www.grc.com/stm/shootthemessenger.htm
SmitFraudFix
http://www.geekstogo.com/forum/How_to_use_SmitFraudFix-t109268.html
Vundo Fix and
VirtumundoBegone (if VundoFix does not work)
http://www.bleepingcomputer.com/forums/topic18610.html
VX2 tool for Ad-Aware and run tool (Install and run)
http://www.lavasoftusa.com/support/securitycenter/vx2_cleaner.php
———————————————————————-
Additional run this time and monthly.
Microsoft Update "Custom Mode" install everything
http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us
Microsoft OneCare Live, run “full service scan”
Updates windows, virus and spyware scan, disk cleanup, disk fragmentation (if needed), backs up registry and then cleans registry, and checks for open firewall ports
http://onecare.live.com/site/en-us/default.htm
Malicious Software Removal Tool (run “full scan”)
http://www.microsoft.com/security/malwareremove/default.mspx
——————————————————-
RootkitRevealer v1.71
http://www.microsoft.com/technet/sysinternals/Security/RootkitRevealer.mspx
Rootkit Removal Guide
http://safecomputing.umn.edu/guides/scan_unhackme.html
Rootkits Removers
Pick any 2 install and run one each month
AVG Anti-Rootkit
http://www.grisoft.com/doc/products-avg-anti-rootkit-update-app-art/?ver=1.1.0.29
F-Secure BlackLight
http://www.f-secure.com/blacklight/
Sophos Anti-Rootkit
http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html
———————————————————-
———————————————————-
Online Free Scanners:
Run Trend Micro, Kaspersky, and Panda Scan now.
Run a different one each month.
Trend Micro: HouseCall Free Scan (removes what it finds)
http://housecall.trendmicro.com/
BitDefender Online Scanner http://www.bitdefender.com/scan8/ie.html
Kaspersky Labs Online Scanner http://www.kaspersky.com/virusscanner
McAfee http://us.mcafee.com/root/mfs/default.asp?affid=294
Panda ActiveScan Free Online Scanner http://www.pandasoftware.com/products/activescan?
Symantic Online Scanner http://security.symantec.com/sscv6/ssc_eula.asp?langid=ie&venid=sym&plfid=23&pkj=ALUFRHYTINMHDKDCWLL&vc_scanstate=2
——————————————————-
Additional Information read:
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Overview
http://wiki.castlecops.com/Malware_Prevention:_Prevent_Re-infection
http://www.castlecops.com/f67-Hijackthis_Spyware_Viruses_Worms_Trojans_Oh_My.html
http://aumha.org/a/quickfix.htm
http://aumha.org/secure.htm
http://aumha.org/a/parasite.php
http://www.castlecops.com/t102301-Hijackthis_Guidelines_Read_Before_Posting.html
http://www.techsupportforum.com/security-center/hijackthis-log-help/15968-updated-important-read-before-posting-log.html
http://forum.aumha.org/viewtopic.php?t=4075&sid=901703d08c2ace31389ffef2d84b6607