Jump to content
You can join Shetlink with your Facebook, Google or Twitter accounts. Post in the forums, customise your activity stream and more.... ×

Antispyware Soft!

Ghostrider

By Ghostrider,
in Science & Technology

 Share

Recommended Posts

Ghostrider

Ghostrider

Posted
Posted

Hey, hooooooooo!! The joys of computing. :roll:

 

Anyone have any experience of getting rid of the above SOB? For the uninitiated (consider yourselves lucky) its a trojan that automatically downloads a fake "anti-virus" program, disabling most real anti-virus software in the process. Then proceeds to make the machine nigh on unuasble through countless pop ups begging you to run their "anti-virus".

 

I've Googled, but I'm getting lost in a sea of hits for sites offering downloadable programs which supposedly gets rid of it, but there's no way of knowing if they work or whether they're as fake as the trojan they're supposed to get rid of, its a case of everyone blowing their own trumpet, most of whom are trying to make a quick buck off the back of this.

 

If anyone knows of an effective, reputable, and preferable operatable online rather than as a download program, which can wipe this thing, I'd appreciate it. Thanks.

Link to comment
Share on other sites
  • Replies 36
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Guest Anonymous

Guest Anonymous

Posted
Posted

This might sound a bit like shutting the stable door after... but I have a golden rule that I never click anything the screen that i don't completely trust. Not that I get many pop-ups but I allways use the task manager to close them if I do. A lot of screen invasions are 'buttons', click any part (including the exit box) and you'll either be directed to another site or initiate a second screen.

Try looking in the task manager for anything that appears out o the ordinary, it might not cure the problem but it could make browsing tollerable until a sollution is found.

Hope that's of some help. :?

Link to comment
Share on other sites
Spinner72

Spinner72

Posted
Posted

^^ Best to grab it from the official site : http://www.malwarebytes.org/

 

That way it won't be bloated with the "extras" sites like filehippo etc add on.

 

MWB is unlikely to clean Antispyware Soft! if it's one of the more recent "random filename" versions, I personally reccomend manually removing it, the steps are quite simple, but there is also a dedicated remover here : http://remove-malware.net/how-to-remove-antispyware-soft-rogue-anti-spyware/

 

This might sound a bit like shutting the stable door after... but I have a golden rule that I never click anything the screen that i don't completely trust. Not that I get many pop-ups but I allways use the task manager to close them if I do. A lot of screen invasions are 'buttons', click any part (including the exit box) and you'll either be directed to another site or initiate a second screen.

Try looking in the task manager for anything that appears out o the ordinary, it might not cure the problem but it could make browsing tollerable until a sollution is found.

Hope that's of some help. :?

 

Excellent advice, but remember this won't apply if the user is using Firefox with default setup, as it will just let the malware install without warning you.

Link to comment
Share on other sites
Colin

Colin

Posted
Posted

This one can be an absolute sausage to get rid of.

 

Best I have found is Mawarebytes Anti-Malware but the trojan can be a bit clever and stop you downloading it (and anything else)

 

Another caveat is that the trojan can replace/remove your file associations and the only easy cure to that is a manual registry edit.

 

I would suggest that you get someone with a 'clean' PC to download it for you.

 

Rename the download with a '.com' extension instead of '.exe' and burn it to a CD. The trojan does not prevent '.com' programs from running.

 

Boot your PC in Safe Mode and run the progam install direct from the CD.

 

Rename the installed '.exe' as '.com' before you run it.

Link to comment
Share on other sites
Ghostrider

Ghostrider

Posted
  • Author
Posted

Thanks for those links, I've give it a try tomorrow and see how it goes.

 

The most annoying thing about this is, I have no clue where it came from, I am ultra cautious to the point of almost being anal about clicking on or out of anything with the computer concerned, to the point of copy/paste posted links and Googling them to preview a site before actually going direct to it. Its the best machine I have, so I like to keep it clean, and I've been nowhere and done nothing with it as far as I'm aware that could be considered anything more dodgy than visiting Shetlink. :wink:

 

Nobody else uses it, and it was unattended when it downloaded and set it up, bypassing and disabling AVG and another spyware program thats on there that I can't remember the name of, so I'm stumped. The last time I picked up anything more offensive than a low grade tracking cookie was 6 or 7 years ago.

Link to comment
Share on other sites
Ghostrider

Ghostrider

Posted
  • Author
Posted

@Colin: Thanks for that. Is burning to a CD the only option with that download, or can it be put on something like a Flash Drive? The infected computer doesn't have a functional CD drive, something in the software for it didn't install right when it was last reformatted, and I've never bothered doing anything with it as I've had no need for that drive on that computer.

Link to comment
Share on other sites
zebbidy

zebbidy

Posted
Posted
^^ Best to grab it from the official site : http://www.malwarebytes.org/

 

That way it won't be bloated with the "extras" sites like filehippo etc add on.

 

what extras are you speaking about as i have been downloading from that site for a while now and have yet to see any extras? i forgot to include the malwarebytes.org link as-well cheers for saying it for me :D

Link to comment
Share on other sites
Colin

Colin

Posted
Posted
@Colin: Thanks for that. Is burning to a CD the only option with that download, or can it be put on something like a Flash Drive? The infected computer doesn't have a functional CD drive, something in the software for it didn't install right when it was last reformatted, and I've never bothered doing anything with it as I've had no need for that drive on that computer.

 

Copying and running from a pen drive is fine. It's what I do a couple of times a week...

Link to comment
Share on other sites
Ghostrider

Ghostrider

Posted
  • Author
Posted

Back on the road again, or a least I think so. The Malwarebytes' Anti-Malware seems to have knocked it on the head, no sign of anything rebooting after the scan and quarantineing anyway.

 

Thanks for the help, a second opinion is always better for these things rather than stumbling ahead blindly.

Link to comment
Share on other sites
Spinner72

Spinner72

Posted
Posted

Glad you got it sorted GR.

 

^^ Best to grab it from the official site : http://www.malwarebytes.org/

 

That way it won't be bloated with the "extras" sites like filehippo etc add on.

 

what extras are you speaking about as i have been downloading from that site for a while now and have yet to see any extras? i forgot to include the malwarebytes.org link as-well cheers for saying it for me :D

 

Sites like filehippo, downlod.com, tucows etc invariably have repacked installers with bundled "optional" extra's, usually a toolbar (yahoo, google or ask are most common). AVG is a perfect example of this.

 

Plus, of course, you may not get the latest version and you will have wasted time downloading something you dont want. Well, i've yet to meet anyone who actually uses a toolbar anyway! :lol:

Link to comment
Share on other sites
zebbidy

zebbidy

Posted
Posted

but its a simple click away and all versions are updated with the main sites, i have yet to see an out of date version of anything i have downloaded. plus all downloads are clean thats why i use that site but each to their own i suppose.

 

glad you got your pc sorted Ghostrider :D

Link to comment
Share on other sites
Guest Anonymous

Guest Anonymous

Posted
Posted

Oops.. Think I spoke too early about my "golden rule".

I appear to have the 'Antipiracy foundation scanner, fake alert' trojan on my other tower! :oops:

 

If your unaware of this, It genarally locks you out of your pc and holds it hostage for a ransom (the 'settling out of court option'). It is possible to open IE, though there's been attempts to hijack this. I'm currently and rather embarrassingly downloading Ad-aware..

Fingers crossed, eh? :?

Link to comment
Share on other sites
zebbidy

zebbidy

Posted
Posted
Oops.. Think I spoke too early about my "golden rule".

I appear to have the 'Antipiracy foundation scanner, fake alert' trojan on my other tower! :oops:

 

If your unaware of this, It genarally locks you out of your pc and holds it hostage for a ransom (the 'settling out of court option'). It is possible to open IE, though there's been attempts to hijack this. I'm currently and rather embarrassingly downloading Ad-aware..

Fingers crossed, eh? :?

 

sounds to me like its another malware problem but ad-aware might solve it for you but if it does not then go here http://www.malwarebytes.org/

and this should clean up your system :)

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...