Anyone good at removing viruses/spyware?

[tamithasue35]

Not sure if this is the right forum but...

Ok, I need help.

I'm on my mother's pc and it's ended up with some kind of virus on it, that I can't remove. I have no idea how it got there, but it's one of those fake anti spyware ones that says your computer is infected etc. I've been trying to get rid of it, but it won't let me run any antivirus/spyware removal programs, and it won't let me install any new ones, it just says unable to perform action, such and such a file is infected. It also keeps bringing up endless security alert pop ups on the windows task bar on the bottom right, trying to get me to activate this antivirus software (which is obviously fake) and also it won't even let me open the windows task manager, it just closes as soon as it pops up.

Has anyone seen anything like this before and got rid of it?

 

[jracer524]

Got to Money Saving Expert
http://forums.moneysavingexpert.com
register so you can post and start a thread on the techie forum there http://forums.moneysavingexpert.com/forumdisplay.php?f=29

They are really good and will talk you through everything to get the PC running back to normal.

 

[Fulgore999]

try running your antivirus from safe mode

 

[Prisoner000001]

Ok thanks for the suggestions guys. Someone on another forum suggested using one of these http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/

Know anything about those?

 

[XxMiniLovexX]

you any good with linux? Most of them are linux live disks with an av toolkit.


Try you AV from safe mode with networking - then download your updates and do a full scan.

 

[Emilye2]

Alright, thanks very much, I'll give that a try and come back

 

[Da_Man]

I seen or had this.
Look for a free, download of a program called "Malwarebytes"

 

[doubleD]

I am. Read and run all of the following. Do not skip any steps, do as it says all the way.

Should sort you

 

[i_luv_jackskellington]

Thanks for the help guys. I ran spybot from safe mode and it seems to have got rid of it. I'm going to get another antivirus and do another scan as well so hopefully it'll be sorted.

 

[tennischica]

Just make sure you don't try and run two AVs at once, not so good.

Ninjuries post links to all the correct info you need.

 

[Dafydd]

Yeah, cheers, I uninstalled what was already on and just put spybot and AVG on instead.

 

[SaraConners]

The only way I know of that is 100% effective at killing this type of infection is a full re-install of the OS. Grab an Ubuntu disc and boot the machine from that. You can use it to backup any important files to an external drive. Now use gparted to format the hard disc. Finish by installing the OS of your mother choosing. I would strongly recommend Ubuntu.

None of the Windows anti-virus or malware protection programs can protect against this sort of infection so far as I can see. This is in part due to the sophisticated nature of the programming and partly due to the social engineering or exploitation. People basically believe the infection warning is genuine because it looks genuine. They click a button and that's when the infection really takes hold. User interaction is required to get a foot hold on your system.

If your mother insists on continuing to use Windows then at least push her towards using either Firefox, Chrome or Opera as her web browser and disable IE.

 

[adam/penny]

I think it was my brother who got the virus on it, not my mother. He does use firefox though, not IE. I keep telling them never to click pop ups that ask you to download anything, but I can only assume he must have done it by mistake, or if not, just got tricked by the fact that it mimics windows security centre like you said.

 

[TREKKER]

Remember to run a few restarts and make sure the virus is gone. Some of them are so clever they write into the boot sequence and then replicate themselves.

I had to resort to reformat+reinstall to get rid of one (hooray for drunken people trying to download music)

 

[ColbyL]

More worryingly they hide in the system restore files, where most anti-virus software can't find them. Switch off system restore and clear it out. Run another scan before turning it on again.

 

[kathleen^^]

Haha, I think that is exactly how my brother managed to get the virus on

I have restarted a few times since and it hasn't came back so does that mean it's gone?

 

[AngelinaB]

Probably.

 

[CaseyD]

Do you know what the virus is called?

What is the name of the fake anti-virus it's trying to get you to install?

 

[taylorbug45]

Antispyware Soft I think.

 

[AlexisInfectious®]

What I've found with this type of virus is that once a machine has been infect it seems to be targeted for further infection. Keep a close eye on it for the next week or so.