Anyone good at removing viruses/spyware?

Discussion in 'Off Topic Area' started by GojuKJoe, May 2, 2010.

  1. GojuKJoe

    GojuKJoe Valued Member

    Not sure if this is the right forum but...

    Ok, I need help.

    I'm on my mother's pc and it's ended up with some kind of virus on it, that I can't remove. I have no idea how it got there, but it's one of those fake anti spyware ones that says your computer is infected etc. I've been trying to get rid of it, but it won't let me run any antivirus/spyware removal programs, and it won't let me install any new ones, it just says unable to perform action, such and such a file is infected. It also keeps bringing up endless security alert pop ups on the windows task bar on the bottom right, trying to get me to activate this antivirus software (which is obviously fake) and also it won't even let me open the windows task manager, it just closes as soon as it pops up.

    Has anyone seen anything like this before and got rid of it?
  2. adouglasmhor

    adouglasmhor Not an Objectivist

  3. Fish Of Doom

    Fish Of Doom Will : Mind : Motion Supporter

    try running your antivirus from safe mode
  4. GojuKJoe

    GojuKJoe Valued Member

  5. adouglasmhor

    adouglasmhor Not an Objectivist

    you any good with linux? Most of them are linux live disks with an av toolkit.

    Try you AV from safe mode with networking - then download your updates and do a full scan.
  6. GojuKJoe

    GojuKJoe Valued Member

    Alright, thanks very much, I'll give that a try and come back
  7. 47MartialMan

    47MartialMan Valued Member

    I seen or had this.
    Look for a free, download of a program called "Malwarebytes"
  8. Ninjuries

    Ninjuries The Man Who Genbukan Supporter

  9. GojuKJoe

    GojuKJoe Valued Member

    Thanks for the help guys. I ran spybot from safe mode and it seems to have got rid of it. I'm going to get another antivirus and do another scan as well so hopefully it'll be sorted.
  10. adouglasmhor

    adouglasmhor Not an Objectivist

    Just make sure you don't try and run two AVs at once, not so good.

    Ninjuries post links to all the correct info you need.
  11. GojuKJoe

    GojuKJoe Valued Member

    Yeah, cheers, I uninstalled what was already on and just put spybot and AVG on instead.
  12. aikiwolfie

    aikiwolfie ... Supporter

    The only way I know of that is 100% effective at killing this type of infection is a full re-install of the OS. Grab an Ubuntu disc and boot the machine from that. You can use it to backup any important files to an external drive. Now use gparted to format the hard disc. Finish by installing the OS of your mother choosing. I would strongly recommend Ubuntu.

    None of the Windows anti-virus or malware protection programs can protect against this sort of infection so far as I can see. This is in part due to the sophisticated nature of the programming and partly due to the social engineering or exploitation. People basically believe the infection warning is genuine because it looks genuine. They click a button and that's when the infection really takes hold. User interaction is required to get a foot hold on your system.

    If your mother insists on continuing to use Windows then at least push her towards using either Firefox, Chrome or Opera as her web browser and disable IE.
    Last edited: May 2, 2010
  13. GojuKJoe

    GojuKJoe Valued Member

    I think it was my brother who got the virus on it, not my mother. He does use firefox though, not IE. I keep telling them never to click pop ups that ask you to download anything, but I can only assume he must have done it by mistake, or if not, just got tricked by the fact that it mimics windows security centre like you said.
  14. illegalusername

    illegalusername Second Angriest Mapper

    Remember to run a few restarts and make sure the virus is gone. Some of them are so clever they write into the boot sequence and then replicate themselves.

    I had to resort to reformat+reinstall to get rid of one (hooray for drunken people trying to download music)
  15. aikiwolfie

    aikiwolfie ... Supporter

    More worryingly they hide in the system restore files, where most anti-virus software can't find them. Switch off system restore and clear it out. Run another scan before turning it on again.
  16. GojuKJoe

    GojuKJoe Valued Member

    Haha, I think that is exactly how my brother managed to get the virus on

    I have restarted a few times since and it hasn't came back so does that mean it's gone?
  17. aikiwolfie

    aikiwolfie ... Supporter

  18. holyheadjch

    holyheadjch Valued Member

    Do you know what the virus is called?

    What is the name of the fake anti-virus it's trying to get you to install?
  19. GojuKJoe

    GojuKJoe Valued Member

    Antispyware Soft I think.
  20. aikiwolfie

    aikiwolfie ... Supporter

    What I've found with this type of virus is that once a machine has been infect it seems to be targeted for further infection. Keep a close eye on it for the next week or so.

Share This Page