Malware removal

N

N. Freeman

Hi,
my daughter uses Windows Vista on her laptop. Today, pop-up windows
appeared, telling us we needed to buy an antivirus program. I had had the
problem once in December. I tried to use the files which I had received then
but this malware won't let me run the mbam file, saying it is infected. Can
you please help?
thanks

Nathalie Freeman
Le Nozach Translations
(e-mail address removed)
703-815-8238
 
M

Michael

N. Freeman said:
Hi,
my daughter uses Windows Vista on her laptop. Today, pop-up windows
appeared, telling us we needed to buy an antivirus program. I had had the
problem once in December. I tried to use the files which I had received
then but this malware won't let me run the mbam file, saying it is
infected. Can you please help?
thanks

Nathalie Freeman
Le Nozach Translations
(e-mail address removed)
703-815-8238
Click to expand...
Try Booting into Safe Mode, then give Malwarebytes a try. Also, see if you
can download and install Superantispyware and run it.
 
P

Peter Foldes

Download, install, run, update and perform a full scan (separately) with the
following two applications (freeware versions are the ones to use for this):

SuperAntiSpyware
http://www.superantispyware.com/

MalwareBytes
http://www.malwarebytes.com/

After performing a full scan with one and then the other and removing
whatever they both find completely, you may uninstall these products,
if you wish.

Download and run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx

Reboot.


--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.
http://www.microsoft.com/protect
 
N

N. Freeman

I downloaded the 2 programs on a zip drive from my non-infected laptop. Then
I tried to install them on the infected computer but the virus attacks the
programs before I get a chance to run them. Do you have any other
suggestion?
thanks
 
N

norm

I downloaded the 2 programs on a zip drive from my non-infected laptop.
Then I tried to install them on the infected computer but the virus
attacks the programs before I get a chance to run them. Do you have any
other suggestion?
thanks
Click to expand...
Install, update and run malwarebytes in safe mode with networking. That
should clean enough malware out to then allow the install, update and
running of superantispyware in normal mode. When done with that, rerun
malwarebytes in normal mode.
 
S

Shenan Stanley

Peter said:
Download, install, run, update and perform a full scan (separately)
with the following two applications (freeware versions are the ones
to use for this):
SuperAntiSpyware
http://www.superantispyware.com/

MalwareBytes
http://www.malwarebytes.com/

After performing a full scan with one and then the other and
removing whatever they both find completely, you may uninstall
these products, if you wish.

Download and run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx

Reboot.
Click to expand...

*grin*
 
N

N. Freeman

Thanks for your help. It finally worked (I also changed the internet
connection options back to no proxy since it had been 'highjacked', which
gave me my access back to internet and I found the name of the program
running this malware, so I was able to stop it in the task manager menu
before running the malwarebytes program. I don't know if these two steps
were necessary if I had try to run the programs in safe mode first but it
did the trick.

thanks again
Nathalie
 
G

Gene E. Bloch

Hi,
my daughter uses Windows Vista on her laptop. Today, pop-up windows
appeared, telling us we needed to buy an antivirus program. I had had the
problem once in December. I tried to use the files which I had received then
but this malware won't let me run the mbam file, saying it is infected. Can
you please help?
thanks

Nathalie Freeman
Le Nozach Translations
(e-mail address removed)
703-815-8238
Click to expand...

Now that you're running again, I can safely point out (gently, I hope) that
you were scammed. This is also for anyone else who reads this and hasn't
had the experience or doesn't know about it.

Those pop-ups are malware. They are very scary when they pop up, and very
convincing, unfortunately.

My preferred method to kill them is to press Alt-F4 (when the pop-up is
highlighted), or to completely exit the browser, and I absolutely avoid
clicking in the pop-up window.
 
J

John

Gene E. Bloch said:
Those pop-ups are malware. They are very scary when they pop up, and very
convincing, unfortunately.
Click to expand...

It's either convincing or scaring the hell out of the user to a point that
they don't want to use the PC any longer. My relative got one of these
malware recently (Antivir Solution Pro - it's malware, it's not the real
Avira Antivir software). She got so scared. She turned off her notebook
computer (of course her PC is infected already). She then called me and
asked me to have look at it on the weekend.
My preferred method to kill them is to press Alt-F4 (when the pop-up is
highlighted), or to completely exit the browser, and I absolutely avoid
clicking in the pop-up window.
Click to expand...

Alt F4 = close the window, correct? Won't that trigger a "close" event where
the programmer may insert the payload (codes) in the "close" event?

My preferred method is to pull up Task Manager and End Task the pop up
window. That'll crash the pop-up window. Turning off the computer without
clicking anything may be a good approach too.
 
G

Gene E. Bloch

It's either convincing or scaring the hell out of the user to a point that
they don't want to use the PC any longer. My relative got one of these
malware recently (Antivir Solution Pro - it's malware, it's not the real
Avira Antivir software). She got so scared. She turned off her notebook
computer (of course her PC is infected already). She then called me and
asked me to have look at it on the weekend.
Click to expand...

True, and very sad.
Alt F4 = close the window, correct? Won't that trigger a "close" event where
the programmer may insert the payload (codes) in the "close" event?
Click to expand...

Could be. I'm totally out of practice in programming Windows apps - I
retired a significant while ago, and I wasn't even programming Windows
then...
My preferred method is to pull up Task Manager and End Task the pop up
window. That'll crash the pop-up window. Turning off the computer without
clicking anything may be a good approach too.
Click to expand...

I'll take that under advisement. Just kidding - yes, your idea is better,
if I can find the pop-up window in TM (or Process Explorer). Time to for me
to practice and learn something, I think.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Analysis of a Malware Compromise - my first malware 3
CCleaner Compromised to Distribute Malware for Almost a Month 10
Five Steps to Ditching Malware 1
How does this malware target the system? 8
Complete Antivirus 2008 Removal 4
Is System Restore Being Subverted and Used by Current Malware? 2
FBI takes down coreflood botnet (after 8 years in operation?) 7
Trying to repair registry - can't overwrite SAM and default 11

Top