My computer’s been infected, and I’ve used Malwarebytes Antimalware and Spydoctor, and both show my system to be clean. Yet I still get the popups.
I don’t know enough to delete the thing manually, so is there anything I can do to get rid of it, short of wiping my system clean and reinstalling my OS (Vista)?
Mods, move where necessary. Thanks in advance for any and all help.
I would try Microsoft Security Essentials.
Malwarebytes Antimalware and Spydoctor don’t always catch things and MSSE will catch things these miss.
I would also try AVG. Note that AVG will not run if you have MSSE installed. It’s one or the other. I would install MSSE first then run it. If the problem is still there, then I’d uninstall MSSE and install AVG and run it.
I will assume you also have Vista updated through Windows update? If not make sure you do.
Start-> Type “Windows Update” (without quotes) and then in upper left look for “check for updates” and install any if needed.
Maybe you are not finding a virus because you don’t have a true virus. Maybe you just inadvertently downloaded a program that is running those pop-ups. Check the items that are starting when you start the computer and you may find the culprit. Uncheck it and go delete all the files. Also, check the add-remove menu and be sure you can identify everything there as what you want. You may find the offender there and can uninstall it.
You have not described enough to suggest a virus anyway and reinstalling an OS for such a simple thing as a pop-up is really overkill.
Antivirus 2010 makes changes to your hosts file, so after you run MalwareBytes, you have to delete the hosts file and create a new one. Not too difficult, here are the instructions:
Also, did you update malwareBytes after you installed it? It has to be manually updated, the default definitions are from April 29, 2010, and won’t accurately detect any infections newer than that.
I’ve installed Microsoft Security Essentials, and it found some stuff, but I’m still getting the popups. I’ll try the other advice given next.
Thanks for your help.
There are a lot of possible exploits that could cause popups and can’t possibly be found by any automated detection software. I’ve cleaned up many systems on which every one of the apps mentioned here have been run, but there were still browser plugins (BHOs) and registry entries that they can’t tell aren’t legit. It takes something like HiJackThis (though I prefer to use the simpler StartupList) which produces a log of everything that is loaded, and then some “safe mode”, manual deletion, registry editing, etc. to clean everything up.
If you’re not able to do that stuff yourself, though, it’s not hard to find someone who can, online. Someone already posted a link to bleepingcomputer, but here’s a specific forum aimed at helping people clean up malware problems:
http://www.bleepingcomputer.com/forums/topic182397.html
Read through the instructions on that page first, then start a forum thread with your logs and people will reply to guide you through your cleanup.
Heck, even if you know what you are doing, you can miss stuff. There were a couple of things on my uncle’s computer that even HijackThis missed; I had to manually deal with it in the recovery console, use a LiveCD antivirus ot kill a rootkit, and then reinstall a file from the Windows CD before I got everything running properly.
The guy who he paid to do it apparently didn’t know what he was doing, as he was reinfected just a couple weeks later, but has been totally clean since I fixed it.
As a computer shop owner, I feel obligated to point out that no mater who you pay, a computer can be reinfected the next day if it encounters new “in the wild” virus. Good shops will take care of it if you come up with a reinfection shortly after the fix, but its more about av apps having the profile to kill a given virus than skill.
Just as an update, I updated Malwarebytes, downloaded Microsoft Essentials, and used Spydoctor. Between the three of them, my problem seems to be solved. At least there’s nothing in the system tray, and there are no more popups.
I appreciate the help and advice.
Here’s how I dealt with that particular malware recently:
I pulled the hard drive from the infected PC and hooked it up to a clean pc and then ran scans on the drive using Malwarebytes and Avast. It found 3 infections between the 2 of them.
Then when I put the hard drive back into the original pc it booted up just fine with no problems.
Just my $0.02 worth here.