Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
How to get rid of fake Internet Security program
- Thread starter hpsait
- Start date
hairlessupportmonkey
IS-IT--Management
try "superantispyware"
its a dodgy name for a anti-malware app - but works great for me.
ACSS - SME
General Geek
its a dodgy name for a anti-malware app - but works great for me.
ACSS - SME
General Geek
goombawaho
MIS
I thought I posted this yesterday, but....
Try SuperAntispyware or MalwareBytes Anti-Malware first (from safe mode if you want) and see if they work. I know MBAM will install/update from safe mode unless you've got a rootkit preventing it.
If neither of those two will work, then I'd recommend the following:
1. Download ComboFix onto a USB flash drive from another computer.
2. Boot into SAFE MODE or regular mode (if required) and uninstall your anti-virus software. Yes - remove it. Reboot.
3. Clean out temp files and registry with CCleaner. Save before making registry changes each time until no more errors.
4. Reboot computer in Safe Mode with networking (hopefully you can attach the PC to a wired/ethernet connection vs. wireless because some wireless will not work in safe mode and you NEED internet).
5. Copy combofix to desktop and launch combofix and allow it to do its thing. Follow screen prompts and do what it says to do/NOT to do.
6. When computer has restarted for the last time, check things out.
7. Turn OFF system restore to flush out anything left
8. Reinstall anti-virus and MalwareByte's Anti-Malware. Run a full scan using each (at different times) and see if things are clean.
9. Turn System Restore ON.
Try SuperAntispyware or MalwareBytes Anti-Malware first (from safe mode if you want) and see if they work. I know MBAM will install/update from safe mode unless you've got a rootkit preventing it.
If neither of those two will work, then I'd recommend the following:
1. Download ComboFix onto a USB flash drive from another computer.
2. Boot into SAFE MODE or regular mode (if required) and uninstall your anti-virus software. Yes - remove it. Reboot.
3. Clean out temp files and registry with CCleaner. Save before making registry changes each time until no more errors.
4. Reboot computer in Safe Mode with networking (hopefully you can attach the PC to a wired/ethernet connection vs. wireless because some wireless will not work in safe mode and you NEED internet).
5. Copy combofix to desktop and launch combofix and allow it to do its thing. Follow screen prompts and do what it says to do/NOT to do.
6. When computer has restarted for the last time, check things out.
7. Turn OFF system restore to flush out anything left
8. Reinstall anti-virus and MalwareByte's Anti-Malware. Run a full scan using each (at different times) and see if things are clean.
9. Turn System Restore ON.
I've always found both Malwarebytes and SuperAnitspyware to work really well. Last time I came across this virus, it had another little trick up it's sleeve in that it recognised the name of the Malwarebytes executable and I had to rename it from mbam.exe to fred.exe before it would run and clean the thing off.
I still don't understand why people write virus software. Seems a betrayal of the programmer's art to me.
I still don't understand why people write virus software. Seems a betrayal of the programmer's art to me.
hairlessupportmonkey
IS-IT--Management
bored script kiddies.
ACSS - SME
General Geek
ACSS - SME
General Geek
goombawaho
MIS
Actually, in the last year or so, I've found that MBAM is LESS successful at getting rid of the junk. Probably because there are more and bigger/badder rootkits as opposed to the easier stuff.
Not knocking the product - blaming the malware for getting nastier.
Not knocking the product - blaming the malware for getting nastier.
by far, this may have been true in the 80's, but no longer so... The complexity of today's malware is way beyond the ability of a script-kiddie, especially where extortion is involved, it's a big big market out there...
Ben
"If it works don't fix it! If it doesn't use a sledgehammer..."
How to ask a question, when posting them to a professional forum.
Only ask questions with yes/no answers if you want "yes" or "no"
- Status
Similar threads
- Locked
- Question