Persisntant Malware Popup problem

[techwanabe]

As in the title, somehow my daughter got some bad malware on my 2nd computer while she was using the internet.

(somone suggested I post there here too)

The symptom is IE goes to a webpage advertising a spyware removal program and pops open a small window saying windows may have spyware etc. (I'm at work and can't quote the message). Also, the Windows Automatic Update is turned off and I can't seem to turn it back on. The malware pop-up and the windows automatic update turned off both happened concurrently and seem to be symptoms of the same malware I got. Googling this seems to confirm there is a malware that turns off windows automatic updates and makes it impossible to turn it back on while the malware is present.

The first thing I did was update and run Adaware and then Spybot Search & Destroy but those spyware removal programs were useless.

If I can't find a solution, I'll employ the tried and true save important files and nuke the hard drive and re-install Windows, drivers, updates and all that time consuming BS. Has anyone experienced this malware which advertises a malware removal program while at the same time installs malware on your computer and disables automatic windows updates? Its pretty bad. If a solution is overly complex, saving my files, formating my hard drive and reinstalling windows looks easier.

Help!

 

[akhilles]

Adaware & Spybot are pretty useless now compared to other more capable anti-malware programs. i.e. cureit from Dr. Web is free and is on demand. Run it to do a full scan on the OS drive. It'll force you to do a quick scan at first. Do that. After, look for SuperAntispyware. Another good freebie.

BTW, either lower security clearance or create a limited account for your daughter.

 

[techwanabe]

Originally posted by: akhilles
Adaware & Spybot are pretty useless now compared to other more capable anti-malware programs. i.e. cureit from Dr. Web is free and is on demand. Run it to do a full scan on the OS drive. It'll force you to do a quick scan at first. Do that. After, look for SuperAntispyware. Another good freebie.

BTW, either lower security clearance or create a limited account for your daughter.

I agree. There are a coupe times now, this being the second, that I got a bad malware and Adaware and Spybot both were impotent against. Seems like those are only good against the garden variety adware junk these days but any bad spyware/malware, they can't touch.

 

[xgsound]

Superantispyware is effective in general and even better in safe mode. Malwarebytes is used in normal mode and is also an effective fixer. If it finds Smitfraud or vundo you may need more specific fixes. This link http://wiki.castlecops.com/Mal...d_Prevention:_Overview gives you more info to work with.

Sdfix and several of the recommended programs reestablish default settings for task manager, IE, updates, hosts file and so on.

These procedures give you a chance to have the malware gone and your programs intact.


Jim

 

[akhilles]

I totally forgot Malwarebytes which I schedule to run every day. Get that too. Throw in a good free antivirus. You're all set.

 

[fb0252]

wow. i think i've just got the same thing. from Latvia. spyware pop ups all over the place. I am disappointed that my Symantec failed to catch this. anybody have any ideas on that?

 

[fb0252]

also, i'm thinking. what if you just buy the damn product to get rid of them. is that possible. its an anti-virus program they're trying to sell.

 

[akhilles]

If you're saying what I think you're saying, that's extortion. A security company plauges a # of computers to force the users to buy their products to get rid of the plague. Unless that's not what you're saying.

 

[fb0252]

yes, that's it. you get a 4 x 3 inch "Security Alert" that pops up about every 60 seconds. if you click on it, Internet Explorer pops up with a Spyware Program to purchase. Extortion, I know, but thinking it might be worth the $70 bucks to just get rid of the thing instead of hours trying to get rid of it or reloading everything. Dr. Webb thus far has been ineffective and I'm still at a loss why my Norton 360 failed to stop this bug.

 

[MadAmos]

Originally posted by: fb0252
yes, that's it. you get a 4 x 3 inch "Security Alert" that pops up about every 60 seconds. if you click on it, Internet Explorer pops up with a Spyware Program to purchase. Extortion, I know, but thinking it might be worth the $70 bucks to just get rid of the thing instead of hours trying to get rid of it or reloading everything. Dr. Webb thus far has been ineffective and I'm still at a loss why my Norton 360 failed to stop this bug.

Don't!!!!!! pay them anything they will then have your credit card # and any one who would use spyware as a selling tool is NOT to be trusted ever for any reason...really just don't. Who says they will cure it any way they could just hide it and hold you up again later in the meanwhile using your computer as a bot or logging your every keystroke for any thing they can get. If you don't want to format yet try one of the excellent forums that can provide assistance like this one and there are others as well. But do not pay and do not even contact them unless you want your addy on every spam list around.

Amos

 

[fb0252]

Spybot Search and Destroy--which is the first program on the website--may have done the trick. txs very much for some good advice. Carlin must be smiling!. feb.

 

[dandragonrage]

You can try BugHunter too which is included on the Ultimate Boot CD. You boot from it and scan that way so nothing can hide from it. It doesn't detect all spyware though so it is to be used in combination with other things like mentioned above.