Trend Micro RUBotted- crap

[Geraldo8022]

This thing tells me that someone has remotely launched malicious software on my machine.
Gives me the option of going to Trend Micro Housecall website to run a scan. Scan depends on
Java and doesn't work worth a crap. I can't get it to change to the other kernal to
run over the browser. There are just no options there. I think it acts like that recent
virus? that would tell you had an infection, hope you click on it so it sends you to their site
for a cleaning, only to get really infected. Can't think of the name of that thing right now.
Anyway at the same time I get this Trend Micro message I can no longer update AVG. So I delete it and install Trend Micro's virus checker and it finds nothing. Delete it and install the Force something from my Embarq ISP. It finds nothing. I'm about ready to delete that and install Avast.
I still think I will reinstall Saturday while watching games on tv. Any thoughts on this Trend Micro Crap? Any good, and easy to use, bot checkers out there before I spend a Saturday afternoon reinstalling unnecessarily ( I actually think)?

 

[imported_Trystero]

I've been using RUBotted for quite a while now, and just this week this same thing started happening to me. Periodically it will pop up with that same exact message about how someone has supposedly launched malicious software on my computer. I've used Housecall (their online virus scan, as you know), Ad Aware, Spybot Search & Destroy and AVG Antivirus and none of them has found anything more serious than tracking cookies. I'm baffled as to what might be causing it, but one possibility I read is that it might be triggered by the lastest version of Firefox. I'm not so sure about that. Anyway, at this point I am assuming I have nothing to worry about, and I might uninstall RUBotted if the warnings become too annoying. Oh, and even RUBotted's own activity logs don't show anything, even just moments after it gives me that warning message. Weird.

 

[whatnot]

I've had the same exact problem. I've used rubotted for several months and it never found anything. That's why it surprised me to get these alert tray notifications. I scanned with everything including a 5 hour housecall scan and it didn't find anything. I also did a pointless system restore. Finally I got sick of it and uninstalled it. It just started 2 or 3 days ago. I'm also using the latest version of firefox along with adblock plus if that could have anything to do with it? It almost seemed like an advertisement for people to buy their new Trend Micro internet security 2009? Not sure but I feel better that I found some info on the problem. I won't reinstall it until I learn a little more about the issue though.

 

[imported_Trystero]

Well, something certainly happened within the last week or so as regards RUBotted! Thanks for the information about the rather pointless system restore (you have my sympathies). I was thinking of trying that, but now I know it won't make any difference. I'm paranoid as all get-out, so I'm now running a third or fourth antivirus scan, but I have my doubts it will find anything. RUBotted is just reporting false positives like crazy. Sounds like it's time to uninstall it for the time being.

(I tried to find any sort of support forums on TrendMicro where I might bring this issue up, but so far as I can tell, they have no such thing.)

 

[Geraldo8022]

I installed and ran an Avira scan. Nothing. Installed Wireshock and checked the logs and it showed no strange Internet addresses or anything funny acting. It is just Trend Micro wanting to sell us something. I put it in the trashcan. It might very well be caused by Firefox. I never noticed if it did it on Opera or other.

 

[imported_Trystero]

Anyway at the same time I get this Trend Micro message I can no longer update AVG.

Interesting that you bring this up, since, well, yes you guessed it, I'm also experiencing this. AVG automatic updates no longer seem to want to work, but if I do a manual update, that seems to do the trick. Again, this is a very recent development, seemingly coinciding with the schizophrenic RUBotted behavior.

 

[whatnot]

I do know that AVG antispyware updates will no longer work by the end of this year. You will have to buy the antivirus to get the antispyware with updates. The free AVG antivirus will still be free just not the antispyware.

as far as what I used to scan. I have

Norton 2009 Internet security which is paid for

-A squared free

-CCleaner

-Glary Utilities

-superantispyware

-Malwarebytes Anti-Malware

none of these things found anything from the RUBotted problem

it would say "Bot Found" but then when the notification would go away you could run a check for bots and it would say "No bots found"?

I wondered if it could be like a sleeper bot? and just be activated everynow and then?? needless to say I'm pretty paranoid too.

I'm still not totally convinced it was nothing because there is just no information about the problem. (other than this) maybe it's just brand new and someone will shed some more light on the issue soon.

 

[imported_Trystero]

It's just rather frustrating that RUBotted is reporting this, yet it doesn't tell you what it is, nor does it show any log of the supposed activity. And, yes, no bots found on a regular scan. And numerous other products don't find a thing wrong. It's all a bit maddening. I suppose I could always reformat the ol' hard drive and install Windows from scratch. Fun times, ohyeah.

 

[imported_Trystero]

This may be of interest:

http://mice.org/blog/tag/adsense/

(scroll down to the Nov. 20th entry)

 

[Geraldo8022]

yes, highly interesting. I'll check out my Wireshock logs. I just didn't know what to look at in Wireschock before. I do (did) have a doubleclick cookie. I'm not going to reformat. At least yet. So if I understand this it is possible that a bot is being spread by the ads. Would this type of thing infect a Linux machine too? Aren't they the same ads? How would that work?

 

[imported_Trystero]

Good question about the Linux. I'd also wonder the same thing about a Mac. I'm still trying to figure out if my machine actually has a bot and/or if anything bad is happening. Or, if RUBotted is just detecting network traffic (for me, traffic between my PC and 150.70.89.33) it sees as symptomatic of having a bot. I have my firewall set to the most maximum security possible, and I always have. But, that may not amount to much these days. And now my anti-virus software is not even updating when I do it manually. Though that could be a temporary glitch unrelated to all this.

 

[whatnot]

I actually read that blog about the ads before coming here. It was a little advanced for me.
so you block certain url's from these ads that seemed to be linked but how do you clean the so called malicious software off of your machine?
But still.. Why would RUBotted which is a little free Beta program, find things(bots) and then
suggest you use Trend Micro HouseCall or Buy their Antivirus to fix it? And then we all scan with things that are for the most part better than the paid version they are offering (and even of they weren't you could download a trial of trendmicro 2009 internet security or whatever).
What's more likely? That a paid antivirus firewall and spyware is wrong or that the free Beta program is wrong?

 

[Geraldo8022]

I downloaded Avira again and it updates. Adaware found nothing. Avira found nothing. I am not going to sweat it, but I think Trend Micro needs to sack up and start talking.

 

[whatnot]

Here's something..http://forum.avast.com/index.php?topic=40131.0

 

[Ddraig]

I've been having the same problem here. I've tried it with Internet Explorer and I get the popup also. I do not think it has anything to do with internet ads at all. And this website http://mice.org/blog/tag/adsense/ I feel is barking up the wrong tree as in the comments on some more recent posts they flag the Trend Micro IP as the culprit. I think that this is quite possibly a False Flag and is detecting some kind of issues with Firefox as that is the only thing that got updated recently that could have caused it to send out the alert. Really hoping that trend micro puts out a patch for this or something happens with it.