Spyware mess help :(

[Treasure_Hunter]

Try getting into your start menu and set a restore point or system restore you just set a date before the crud showed up malware bytes works too.

I would recommend that method too.
I have removed many malewares like that !

When mine was infected the first thing I did was try the restore points, none of the restore points would work, they were all infected as far back as I could go...This thing has a way of corrupting your restore points, it is very vicious program......Hitman will also find problems that AVG and Malwarebytes doesn't see, even though both are great spyware programs and I update both several times a week... I keep Hitman PRO for the really vicious infections you run into every now and then that Malwarebytes and AVG can't fix...........

 

[Kiwijohn]

Boot into safe mode with networking.

Download Malwarebytes Anti-malware. Allow malwarebytes to update its virus database.

Run a full scan. This should take one to two hours. When the scan is complete be sure that all infected files are checked for removal. If malwarebytes sees it, it shouldn't be on your computer.

Reboot. You will be good to go.

You can do a system restore to before the virus popped up, but I would still run malwarebytes after the restore. I'm betting you have more than just that virus.

I do Virus Removal as a side business. I haven't seen malwarebytes not be able to remove any of the 2010/2011 fake virus programs yet.

JoeMoto has the answer to this...

But may I try to explain it a little clearer.
1.. Turn on your computer. While it is booting tap F8 key till you get the option screen.
2.. Select "Safe mode with networking"
3.. When it has started in safe mode, open your web browser.
4.. Go to Tools > internet options > connections > (tab) > lan settings. Uncheck both
proxy server settings.
5.. Refresh web page.
6.. Go to 'www.malwarebytes.org'
7.. Download free version. Click and install. Allow update.
8.. Select 'quick scan'
9.. Click 'ok' to show results.
10. 'Restart"

Don't be afraid to try this.

 

[Iron Patch]

Boot into safe mode with networking.

Download Malwarebytes Anti-malware. Allow malwarebytes to update its virus database.

Run a full scan. This should take one to two hours. When the scan is complete be sure that all infected files are checked for removal. If malwarebytes sees it, it shouldn't be on your computer.

Reboot. You will be good to go.

You can do a system restore to before the virus popped up, but I would still run malwarebytes after the restore. I'm betting you have more than just that virus.

I do Virus Removal as a side business. I haven't seen malwarebytes not be able to remove any of the 2010/2011 fake virus programs yet.

JoeMoto has the answer to this...

But may I try to explain it a little clearer.
1.. Turn on your computer. While it is booting tap F8 key till you get the option screen.
2.. Select "Safe mode with networking"
3.. When it has started in safe mode, open your web browser.
4.. Go to Tools > internet options > connections > (tab) > lan settings. Uncheck both
proxy server settings.
5.. Refresh web page.
6.. Go to 'www.malwarebytes.org'
7.. Download free version. Click and install. Allow update.
8.. Select 'quick scan'
9.. Click 'ok' to show results.
10. 'Restart"

Don't be afraid to try this.

ok going good but #4... I click "tools" then "options" ... and I do see something called "tabs" but when I click it, it's just about what to do with the tabs, and i see nothing about settings. Any idea where I'm going wrong? I'm using Vista by the way.

 

[Copperhead]

Malwarebytes should be able to remove the virus….IF you are able to run it…

I’ve seen some viruses that won’t allow ANY .exec file to be run…Not from safe mode…not from a CD…not from a flash drive…But they usually will allow a .com file to run…

Rkill.com

http://www.bleepingcomputer.com/download/anti-virus/rkill

If you have access to another computer download it to a CD or flash drive…

Download Malwarebytes too if you don’t already have it…

Boot your infected computer….access the device containing the Rkill file..(You should be able to do this)

Run Rkill…Immediately run Malwarebytes…Reboot

It might not get everything…but should get you back to where you can handle the rest with other virus removal programs..

 

[Iron Patch]

Malwarebytes should be able to remove the virus….IF you are able to run it…

I’ve seen some viruses that won’t allow ANY .exec file to be run…Not from safe mode…not from a CD…not from a flash drive…But they usually will allow a .com file to run…

Rkill.com

http://www.bleepingcomputer.com/download/anti-virus/rkill

If you have access to another computer download it to a CD or flash drive…

Download Malwarebytes too if you don’t already have it…

Boot your infected computer….access the device containing the Rkill file..(You should be able to do this)

Run Rkill…Immediately run Malwarebytes…Reboot

It might not get everything…but should get you back to where you can handle the rest with other virus removal programs..

Right now I'm running Spyware Doctor with antivirus through safe mode and it seems to be working. Once I'm through that, I'll use the one above too.

 

[Iron Patch]

ok, I'm back to good!

Ran malwarebytes in safe mode and it did the trick. Thanks again!

 

[Copperhead]

 

[Bum Luck]

ok, I'm back to good!

Ran malwarebytes in safe mode and it did the trick. Thanks again!

Sorry I missed the excitement. Had this bugger about a year ago.

Keep your MWB up to date, and run it again periodically in safe mode, but I imagine that they got this bug down by now.

I use Avast, now the best AV.

 

[Frankn]

Someone hacked into my sons Email and sent me an Email as if it came from my son. I opened it and it was one of those sales pitches about how to make money at home on your computer complete with the usual testimonials. At the bottom it said to click for sign up info. At this point I deleted it but it kept coming back. I clicked on Norton and went to the problem section. It said to use the Norton Eraser-N.P.E. so I loaded and ran it. It took out the problem.
Frank

PS We now use a subject code to verify.

 

[Smee]

Someone hacked into my sons Email and sent me an Email as if it came from my son. I opened it and it was one of those sales pitches about how to make money at home on your computer complete with the usual testimonials. At the bottom it said to click for sign up info. At this point I deleted it but it kept coming back. I clicked on Norton and went to the problem section. It said to use the Norton Eraser-N.P.E. so I loaded and ran it. It took out the problem.
Frank

PS We now use a subject code to verify.

Probably no one hacked the account, it's more likely that someone you know has opened an infected email and has a virus or has downloaded a virus with some "free music", "free movie" or "free program" from a filesharing program.

Some of these email spam to everyone in your address book, from your email account.

Some download your address book and send spam emails spoofing every email address in your address book, branding your friends and family as spammers.

At least it wasn't a porno spammer . . . yet.

 

[Kiwijohn]

ok, I'm back to good!

Ran malwarebytes in safe mode and it did the trick. Thanks again!

Glad to hear it IP, and happy to be of help.

The malware program you were infected with is one of thousands of new rogue anti-spyware programs that pretend to be legitimate computer protection tools. These programs are defragger clones that pretend to find HDD read/write errors.
The programs try to trick the user into thinking their PC is infected and need immediate clean up, so then rogue security program will offer you to purchase its supposedly legitimate version. This is a scam which expects to steal your money or even get credit card numbers and attempt to make personal information fraud that could even lead to identity theft.
Once active it imitates computer scans and displays numerous fake warning messages that state your PC is infected.
It is spread via a trojan and will often beat even the best real-time anti virus programs.
Usually the first indication that you have a problem is when it starts running, as in IP's case.
Malware and various computer infections are very sneaky and difficult to find on your computer.
One of the most effective ways to search for spyware and malware on your PC is to start the computer in safe mode. By running your system in a safe mode the PC runs only the Microsoft services necessary for the computer operations. This ensures that the computer will be scanned carefully and spyware will be removed.

 

[SeaninNH]

Also download windows cleaup. It removes all the temp files, cookies, history, and all the packages and files that websites store on your computer.

http://www.stevengould.org/index.php?option=com_content&task=view&id=29&Itemid=72

I run it once a week.

It's like CCleaner only much better. Windows Cleanup finds temp files that CCleaner leaves behind.

This and Malware bytes will keep your system clean and running well.

 

[TheDane]

Boot into safe mode with networking.

Download Malwarebytes Anti-malware. Allow malwarebytes to update its virus database.

Run a full scan. This should take one to two hours. When the scan is complete be sure that all infected files are checked for removal. If malwarebytes sees it, it shouldn't be on your computer.

Reboot. You will be good to go.

You can do a system restore to before the virus popped up, but I would still run malwarebytes after the restore. I'm betting you have more than just that virus.

I do Virus Removal as a side business. I haven't seen malwarebytes not be able to remove any of the 2010/2011 fake virus programs yet.

JoeMoto has the answer to this...

But may I try to explain it a little clearer.
1.. Turn on your computer. While it is booting tap F8 key till you get the option screen.
2.. Select "Safe mode with networking"
3.. When it has started in safe mode, open your web browser.
4.. Go to Tools > internet options > connections > (tab) > lan settings. Uncheck both
proxy server settings.
5.. Refresh web page.
6.. Go to 'www.malwarebytes.org'
7.. Download free version. Click and install. Allow update.
8.. Select 'quick scan'
9.. Click 'ok' to show results.
10. 'Restart"

Don't be afraid to try this.

Hi.
I had this evil b-a-s-t-a-r-d too !!
I used the method and got rid of it perfectly !!

Thank you

NOTE:

AFTER THE SHORT SCAN AND THE REBOOT OF THE COMPUTER, WHERE IT REMOVED THE MALWARE,
I MADE A FULL SCAN !!!
I scanned the computer C: and my external harddrive. That lasted almost 3 hours !!
The programme found 2 additional TROJANS !!



So it might be a good idea for you guys to make that FULL scan too.