- This topic has 17 replies, 1 voice, and was last updated 15 years, 5 months ago by .
-
Posts
-
Has anybody else dealt with this recently?
A couple of weeks ago I removed a similar, though simply annoying, piece of malware from my dad’s laptop with this name or something close to it. Simply downloading and running Malwarebytes’ Anti-Malware worked last time, but I can’t get to it this time.
Last night he contracted this program again, but now it’s completely evil. It has killed Avast, Ad-Aware, hijacks IExplore from time to time, does not allow a start up in Safe Mode and also won’t allow a System Restore.
I have tried to use a manual removal instruction list, but no go, as half the files aren’t there, and the main program files can’t be deleted while the damn thing is running, obviously. And I’m not all that programming/Windows/Computersavvy to go tinkering any more.
Does anybody have an ideas? I’ve messed around with it this evening some, but probably tomorrow it’s going to go to someone with more expertise than I. And afterward, Dad will be using Firefox and Adblocker if I have to beat him ’round the head with a bat.
Is it the anti-malware program itself that’s causing the problem? I’ve never heard of anything like this; it’s like the program is doing the opposite of what it should be doing. I don’t know how to fix this; maybe Adraenyse can help?
It’s posing as an Anti-virus program, but it really isn’t. It wants credit card information, you can’t shut it off and it most certainly isn’t behaving like a real AV program. A google search IDs it as a critical threat, there’s multiple sites with instructions on how to remove it, but I can’t remove this version.
It will get taken care of one way or another, I was just poking around to see if I could do it this evening somehow, but it’s looking less and less like something a novice like me can handle.
I’m a computer idiot so probably no help, but whenever I have trouble I run SpySweeper (have a subscription) and SuperAntiSpyware Free Edition. Once I had something that SpySweeper couldn’t fix, and my friend told me to DL SAS Free, that took care of my problem!
Use Malwarbytes! I’ve had to deal with this malware several times, and it works every time. McAffee on the other hand treats it as benign and even let it set up a notice that interfered with my scans. I’ve told McAffee about it and they don’t care. In fact they told me I should remove the Malwarebytes scan which I told them I wouldn’t do.
Link: http://www.malwarebytes.org/mbam.php
Edit: Okay I just thoroughly read your first post. The following is for a Windows OS. When everything else fails, I usually use the Windows Live OneCare scanner. Here’s the link if you’re interested. It takes about four hours to run though. (After the scan say no to further downloads.)
Well, if I can get to it to download it again, I’ll use your link to get there. I tried using google, but the damn thing is blocking Google searches.
It’s a mell of a hess right now, honestly. It’s like a hostile computer takeover.
yah, I got it a week and a half ago…that thing was EVIL o_o
My husband got the computer to boot to safemode then scanned with malewarebytes and AVG(the free version) so far, it’s tried coming back every so often, but I think it’s because I use instant messengers. I since have deleted my yahoo and aim from the computer, but am using windows live messenger…and that might be what is causing it to reoccur.
worst comes to worst, you’ll have to reformat :
got malewarebytes from download.com as a free trial version.
AVG you can get from their site: http://www.avg.com/Also, husband said that as malewarebytes scans, the virus/trojan copies itself to a portion that has already been scanned. Well, when it moves like that, AVG pops up saying something has changed and if you want to delete the file. The two programs work in tandem.
Good luck <3
~Nakasewww.nakaseart.com
Rusti wrote:Well, if I can get to it to download it again, I’ll use your link to get there. I tried using google, but the damn thing is blocking Google searches.
It’s a mell of a hess right now, honestly. It’s like a hostile computer takeover.
Yes, it is quite hostile if you’re unable to recognize it and combat it within about 2 seconds. If I see it, I click all the windows closed and runs scans immediately. However, if you give it time, it takes over. Be persistant and keep trying the links. When you do manage to get a scan running you will have to babysit it and click everything that comes up closed or it will pause your scans. It took me from four in the afternoon to about two in the morning to get rid of it the first time. I had to hide the alert icon that came up in the toolbar in order to get about a five minute reprieve.
Nakase wrote:yah, I got it a week and a half ago…that thing was EVIL o_o
My husband got the computer to boot to safemode then scanned with malewarebytes and AVG(the free version) so far, it’s tried coming back every so often, but I think it’s because I use instant messengers. I since have deleted my yahoo and aim from the computer, but am using windows live messenger…and that might be what is causing it to reoccur.
worst comes to worst, you’ll have to reformat :
got malewarebytes from download.com as a free trial version.
AVG you can get from their site: http://www.avg.com/Also, husband said that as malewarebytes scans, the virus/trojan copies itself to a portion that has already been scanned. Well, when it moves like that, AVG pops up saying something has changed and if you want to delete the file. The two programs work in tandem.
Good luck <3
~NakaseHow did he get it to boot in safe mode? I tried several times, and each time I got the blue screen telling me Windows had encountered an error and shut down and I could go no further from there.
Tomorrow evening when I get home, if my mother hasn’t taken the afflicted laptop to someone else, I’ll try again.
He says at the level of infection you have, it would be better to take it to Geeksquad and have them scan it, or have them make it into a slave drive so they can scan it from there.
www.nakaseart.com
Well, it’ll go to someone, but it won’t be Geeksquad. I think it started last night and Dad fooled around with it for a few hours, then fooled around with it some more this evening before I got home, so I never had a chance to stop it before it got this bad.
Times like this I’m quite relieved I have a Mac.
Edit: BTW Nakase, you could try Trillian (a client) or Meebo (a website) for IMing. Trillian will load your lists from Yahoo, AIM and MSN Messenger, and so will Meebo. Give them a try.
Oh yeah, before I forget…
I have heard of people getting attacked by this on Firefox, but they knew it was fake pretty quickly since it brought up an IE window. I just want you to be aware. The best way to get rid of it (in my experience) is to act very quickly and close the pop ups and start scans. Like Nakase mentioned, it will replicate itself in places that were already scanned, so it will always take several scans to ensure you are rid of everything.
From your description of how this thing acts it sounds like the crap that infected my mother-in-law and brother-in-law’s computer a few months ago. We ended up having to take the computer in and have it completely reformatted. They now have Kaspersky for and anti-virus program and it works beautifully.
On another note, I’ve had MSN messenger, AIM and Y!M for years and never, ever* had a virus come in through them.
There might be another cause to the virus. I know that if you use file sharing programs (like Limewire and WinMX when it exsisted) you would have to be careful when you download files. I used those briefly and would run a scan on a file as it was downloading and after the download would complete.
*Knocking on wood
Well, it first showed up when I opened yahoo messenger a few weeks ago. So husband now thinks that the messengers open the ports which also let the trojans/worms/etc in. He also says he thinks trillian opens those same ports, while the website based one won’t. So, if I go to aim.com and use their aim express, it might be safe.
If anyone gets it here, don’t click the window. Open your task manager and end program, then scan with your real antivirus programs. I’ll probably have to reformat anyways, since it’s not really going away, and I hate seeing in malewarebytes that I have keyloggers and backdoors on my computer D8
www.nakaseart.com
- You must be logged in to reply to this topic.
