Re: System tray pop-out "buy me - to fix infection" type malware...
- From: Malke <malke@xxxxxxxxxxxxxxx>
- Date: Tue, 23 Sep 2008 04:41:23 -0700
RJK wrote:
A young lady I work with 's father has aquired one of these, and I've
downloaded and updated David H. Lipmans' multi-av / av-cls - udpated it,
and burnt it to cd ...and attempted to instruct her how to run it in XP
Safe Mode.
(I have asked her to let me know exactly what the pop-out says.)
Are 4x4 CLS sweeps likely to clear this type of malware up ?
I do cast an eye through thisNG quite often, and I've seen this type of
malware being dealt with - ...d'you think I can now find one ? ..I
cannot.
Standard answer for rogues:
*****
Your system is infected with a rogue antivirus program. It is called "rogue"
because it pretends to be A Good Guy but is really Evil. Do not pay them!
Because you didn't give me the name of the program that is trying to get you
to buy it, I can't point you to specific removal steps. Look for them here:
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html
If it is XP Antivirus 2008/09, here are removal steps:
http://www.bleepingcomputer.com/malware-removal/uninstall-antivirus-2009
http://www.bleepingcomputer.com/forums/topic154529.html (earlier versions)
These may work for you and all may be well. However, in many cases the
computer will also be infected with Zlob and/or Vundo trojans and protected
by a rootkit. These machines are extremely difficult to clean.
If your machine is one of these cases, either get guided help at one of the
specialty forums below OR back up your data and do a clean install of
Windows. It is your choice. If you are unsure how to back up your data or
how to do a clean install, you can take your machine to a local computer
professional. I don't recommend using BigComputerStore/GeekSquad types of
places.
PLEASE DO NOT POST LOGS IN THE MS NEWSGROUPS.
http://aumha.org/downloads/hijackthis.zip
http://aumha.net/ - Click on the HijackThis forum. Read the announcement and
the stickies *first*.
http://www.atribune.org/forums/index.php?showforum=9
http://aumha.net/viewforum.php?f=30
http://www.bleepingcomputer.com/forums/forum22.html
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://www.malwarebytes.org/forums/index.php?showforum=7
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://spywarewarrior.com/viewforum.php?f=5
http://forums.techguy.org/54-security/
http://forums.tomcoyote.org/
http://www.thespykiller.co.uk/index.php?board=3.0
http://forums.subratam.org/index.php?showforum=7
*****
Malke
--
MS-MVP
Elephant Boy Computers - Don't Panic!
FAQ - http://www.elephantboycomputers.com/#FAQ
.
- Follow-Ups:
- References:
- Prev by Date: Re: Vundo
- Next by Date: RE: Trojan-Clicker.Win32.Tiny.h
- Previous by thread: Re: System tray pop-out "buy me - to fix infection" type malware...
- Next by thread: Re: System tray pop-out "buy me - to fix infection" type malware...
- Index(es):
Relevant Pages
|
