Windows 7 anti spyware 2011 (Fake virus)

D

darkhunter139

Supreme [H]ardness
Joined
Mar 7, 2008
Messages
6,173
Well about a week ago some bull shit fake anti virus popped up on my desktop and basically crippled my PC. It broke my windows security essentials install, turned off my firewall, and would not let me use my web browsers at all.

I finally had the time to try and get rid of it today and when I turn on my PC its no longer there! I was able to reinstall MSE and turn back on my firewalls. After doing a full scan with MSE it turned up nothing. Think I am in the clear or should I reformat? I really don't want to do that but I don't want all my passwords stolen either.

Edit: Grr nvm it wont let me turn on the Windows Security Service Center. When I click turn on it says service can not be started. Is there anyways I can get that back on somehow?
 
So, just how does this stuff get such a strangehold with UAC a standard part of the picture etc....? Or did you approve a UAC requester too?
 
No that's the thing, I have not even downloaded anything recently on this computer I don't think. And I am almost certain I would not approve a UAC requester if I did not know what it is, I guess its possible though.
 
take drive out install into external enclosure,
boot another PC with CURRENT antivirus/malware
attach drive and let antivirus do it's thing.,
scan again and again until the drive reports clean,
scan again one more time.
remove drive and install back into PC
Boot clean drive.

My friend got hit by a similar malware/virus and that is what I did to remove it.
 
First of all you always close the hole first where malware gets thru

JAVA
ADOBE FLASH

Update Adobe and you java and uninstall the older versions of java. Very important.
Then run Ccleaner and clean out all your temp files. Disable your antivirus and cd emulation software then Go to cmd prompt

And enter

Netsh winsock reset

Reboot

Superanti spyware
Malware bytes
Combofix
Tdskiller

When its done.
Go to system restore. disable it reboot then enable it.

switch your av back on update and run a full system scan
 
Spooony said:
First of all you always close the hole first where malware gets thru

JAVA
ADOBE FLASH

Update Adobe and you java and uninstall the older versions of java. Very important.
Then run Ccleaner and clean out all your temp files. Disable your antivirus and cd emulation software then Go to cmd prompt

And enter

Netsh winsock reset

Reboot

Superanti spyware
Malware bytes
Combofix
Tdskiller

When its done.
Go to system restore. disable it reboot then enable it.

switch your av back on update and run a full system scan
Click to expand...

+1

that is good stuff
 
There are lots of tools listed in the Malware stickied thread over in the network and Security forum..check out those tools. There's a whole stickied thread there filled with information on malware cleaning.

Don't forget your PDF reader updates...one of the biggest ones you need to keep updated.
 
I was able to run MSE on my computer without removing the drive and it came up with 5 or 6 things that I deleted. Now I will do all that other stuff you recommended thanks!

Are there any other free spyware/virus programs I should be running along with MSE? I can't afford for something like this to happen on my laptop.
 
@ Darkhunter139

You can use Malwarebytes Antil-Malware (free version). It's an excellent program that catches alot malware (specially fake anti-viruses) and gets rid of them

Malwarebytes Antil-Malware
 
Last edited:
Malwarebytes is probably the best, but the free version only really helps after an infection. It is well worth paying for the pro version that gives real time protection as well.
 
boot into safe mode

malware bytes antispyware should whipe it clean

and Yes, you did click to install this, it is how it gets in and bypasses everything.
 
I have seen many systems that didn't click anything but attempt to exit the pop up. It comes through many websites through flash player advertisements delivered by Google ads. About the only way to avoid getting hit is to control + alt + delete and shut down the browser. I have seen this crapware evolve since 2007 and it gets more and more tricky and harder to remove every time. I have seen systems that were left on over night with a web page up that just kept updating the ad that also got infected. The app itself usually falls under spyware and then downloads viruses and trojans as it pretends to detect them. That is why many anti-virus programs don't stop you from getting infected. You need a really good all in one security suite or a really good real time protection anti-malware like Malwarebytes.
 
darkhunter139 said:
Are there any other free spyware/virus programs I should be running along with MSE? I can't afford for something like this to happen on my laptop.
Click to expand...

Yes...like I mentioned above...there is a Very informative thread that is stickied in the network and Security forum which members took a lot of time to contribute to...which lists pretty much every tool and procedure you can do to clean up malware. Here...I'll link it for you.
http://hardforum.com/showthread.php?t=1426658

With the tools available today, and steps mentioned in that thread (take the time to read it)...you can clean up even the most infested rigs fairly easily.
 
Gilthanis said:
Malwarebytes is probably the best, but the free version only really helps after an infection. It is well worth paying for the pro version that gives real time protection as well.
Click to expand...

+1 to that point. My daughter got a fake-AV virus last year. I spent several hours on Thanksgiving day trying to clean up her system. All the usual AV didn't work. Killing processes and then erasing the exe files that appeared to spawn them didn't help. Cleaning out the startup file lists didn't help. MalwareBytes AM fixed the problem.

From now on, that's my go-to program when my normal security suite (which is lots more than anti-malware) doesn't do the job.
 
You must log in or register to reply here.
Back
Top