Need some help with removing some malware
 

HI

My friends pc keeps through up warning and asking the mto purchase some anti-virus software. This one is called CleanUp Anti-virus.

I have downloaded and ran Spy bot and loads off trojans, malware and SecurityC come up. I ran the "Fix checked faults" on spy-bot S&D and some of them come back as saying cant fix acces is denied. I see CleanUp antivirus still coming up and seems to have installed itself again. I scanned again and again loads came up.

Any Idea how I can get rid of these?

Re: Need some help with removing some malware
 

Use Malwarebytes anti malware http://www.malwarebytes.org/mbam.php if it doesn't work in a normal environment try safe mode and safe mode with networking :)

Re: Need some help with removing some malware
 

You can also try this if you like....

http://www.superantispyware.com/

This is what I use.

Re: Need some help with removing some malware
 

Will that remove some of these?
win32.Delf.uv - 102entries trojans
Fraud.CleanUpAntivirus - 5 entries MalwareC
Fraud.WindowsProtectionSuites - 15 Entries Malware
Microsoft.Windows.RedirectHosts - 3 Entries SecurityC

---------- Post added at 20:06 ---------- Previous post was at 20:04 ----------

The error I get in Spybot is
Unexpect error in fixing problems
(Cannot create file
"C:\WINDOWS\System32\drivers\etczhosts". Access is denied)

Re: Need some help with removing some malware
 

Woah, if there is really that many then maybe just wipe it and start over?

Re: Need some help with removing some malware
 

don't forget to switch off restore and empty your bin as well before running AV software

Re: Need some help with removing some malware
 

As a last resort, you could try Combofix.
Either 'properly' as detailed below, or by just running it!

Gumph: http://www.bleepingcomputer.com/comb...o-use-combofix

Download: http://www.combofix.org

It has been known to yield spectacular results, but it's a bit of an unknown, due to the lack of documentation.
If it's stuff that it recognises, then you're golden.

Try the program suggestions made by the other guys first!

Re: Need some help with removing some malware
 

if the program itself is saying they are there then its a lie

make sure the program is on the screen

download and run rkill.com ( if you do not get this running right first the clean up will not work. The fake program may try to stop it running leave the warning on ther screen and run rkill.com again)

download malwarebytes and install and run

These are quite easy to get rid of just sometimes they leave a mess

Full instructions http://www.bleepingcomputer.com/viru...anup-antivirus

done loads of these lately more than ever are slipping in

Re: Need some help with removing some malware
 

right click spybot search & destroy and 'run as administrator'

Re: Need some help with removing some malware
 

the instruction I gave have worked for me with various of these type.

The main problem with these is stopping the running processes. You can run whatever you like until you stop the running process before you run it then its just gonna be back again

The rkill.com kills the process allowing your malware ap to do its job properly the only problem is sometimes it messes up user setting. Now you can spend a day sorting them out or you can create a new user which as a rule is fine.

Re: Need some help with removing some malware
 

These fake antiviruses have been a nightmare recently everyone seems to be getting them and as usual it's me that gets asked to sort them out...

Re: Need some help with removing some malware
 

Most are easy enough to sort. The worst ones shut out all external access like no access to usb or cd roms or change the hosts file to block the net.
The best one ive seen threw up a fake bsod and reboot cycle. Looked realistic until when windows "booted" any pages open prior were still open . Very clever
Most of the new ones are based on the same program just has a different name

Re: Need some help with removing some malware
 

If you don`t want to format (which is preferable as it sounds like you may have a polymorphic) maybe try a rescue cd.

Most are here with instructions http://www.techmixer.com/free-bootab...download-list/

Re: Need some help with removing some malware
 

With respect; this is about the one program you should NOT attempt to run unless you are on an HJT forum and under the direct supervision of a Trained Malware removal Expert ; you can wipe off an OS by the innappropriate misuse of this program; I guess people have not really read the ComboFix Disclaimer?


The 'lack of documentation' is one reason why it is not intended to be run outside of Malware forums
Has Malwarebytes program been run yet?

Re: Need some help with removing some malware
 

Combofix is for sissies and girls.

The best way to clean your hard drive is a Jeyes fluid / Domestos hybrid (3:2 mix) in a B&Q bucket.

Re: Need some help with removing some malware
 

it is actually a very powerful tool that can, if used inappropraitely, wipe off a computer's OS

it is also very ill -advised to put such a comment on a public forum as some poor reader may,knowing no better, sadly, do just that .....



To the OP;Has the Malwarebytes program yet been run on this computer ??

Re: Need some help with removing some malware
 

If any Virginmedia customer is having issues with Malware they can always try Digital Home Support just click HERE

Re: Need some help with removing some malware
 

Any???.......:D

Attachment 20039

Re: Need some help with removing some malware
 

As long as you are a Virginmedia customer they will deal with the issue.;)

Re: Need some help with removing some malware
 

Any cable forum member should try here first its free

---------- Post added at 08:30 ---------- Previous post was at 08:24 ----------

I can tell you categorically that there will be plenty of times they can not deal with the issue. ;)

Re: Need some help with removing some malware
 

Well i aint paying no six quid just to be told they dont support Linux.
Plus, considering they blamed non-existent viruses/malware for my initially slow 20Mb on a couple of occasions i wouldn`t hold out too much hope if i did have a Virus infested OS of some description....:erm:

Besides....
Computer says NO!!!;)

I`d have to agree with that.
I wonder if it`s offshore remote assistance...:angel:

Re: Need some help with removing some malware
 

Well they do not support Linux but we do not require their help as we know how to sort our Linux O/S systems out ourselves.

It is remote help from either Scotland or Texas so it makes no real difference.

Re: Need some help with removing some malware
 

You know i`m just pulling your leg.:)

I still dont think i`d let them anywhere near any dirty Windows though, not for £6 and not even for free. And i doubt i`d ever install any of Virgin Media`s software again, even if i did still use Windows on my own machine/s.

Re: Need some help with removing some malware
 

I know but they do a good job as these guys are seriously techy regardless of country.;)

If you think how much you could spend at PC World or even your local computer shop it is pretty good value and offeres peace of mind if you are unsure of how to sort out your computer.

Re: Need some help with removing some malware
 

So what`s happens in a potential situation where they cant help remotely? Is the customer refunded or will they send somebody out?

I`ve had a look through....
....And i cant see any mention of a situation where just gaining the initial remote access is being prevented because of some insidious bit of Malware.

EDIT:
Sorry, i should have probably posted this question in the DHS thread.

Re: Need some help with removing some malware
 

It is no fix no fee and if they cannot gain remote access they can guide you through the process as with the old PC Help the only difference is the call is absolutely free regardless of call length.

Re: Need some help with removing some malware
 

This thread appears to have been well and truly hijacked

Did the OP yet manage to run the Malwarebytes program?

Re: Need some help with removing some malware
 

He never replied back but Digital Home Support is another option for people who are not happy trying to fix their own computers, so offering help in a quite constructive way.;)

Re: Need some help with removing some malware
 

To be fair to any thread hyjackers the thread is over a month old so i`m sure the OP will have fixed their issue one way or another by now.
I do apologise for any perceived thread hyjacking on my part but i`m sure the good folks here dont mind a little light relief, or indeed the DHS recommendations that caught my attention in the first place, albeit for the wrong reasons.

Happy days.

Re: Need some help with removing some malware
 

Still off orig topic but felt it needed to be added

Just a quick note. Digital Home Support is pretty much replacing PCHelp (which I believe ends 11pm 05/05/10 according to our shifts) and yes support over the phone is provided to get customers on line, downloading and installing remote software (VM Hub) but it will cost, either by subscription (6 month contract) or a one off fix even with over the phone support. Best give them a ring for true prices as I cannot remember them but think virus/malware removal is about £60 (known as a big fix) without a subscription but half price if a subscription is taken out but the phone number is free so no charge to be told you need to pay for the service or take out a subscription.

£60 (or £30 with sub) may sound a bit much but as well as removing the virus/malware they will also perform a deep clean of customers pc's as well as removing unwanted programs and start up items along with some other things. Will know more when I'm there full time ;-)

And with that can I just say BYE BYE PCHelp it's been fun.

Re: Need some help with removing some malware
 

Good info and quite correct but it is no fix no fee and it is up to the customer if they want to subscribe.;)

Re: Need some help with removing some malware
 

not all malware removal is a "big fix" in fact all but 1 or 2 machines that have come here have had simple malware issues which I have only needed to spend 10 minutes on withy a half hour scan. Hardly worth 60 quid is it? also these deep scans you mention do these guys stay online while it scans ? do they just use the software mentioned in the other thread or do they go further? do they run hijackthis ? do they do manual clean up of reminants? because for 60 quid they need to be doing.

The malware in this thread would have been imo be an easy fix and a quick google would have found the information to clean it up

http://www.bleepingcomputer.com/viru...anup-antivirus

oh look its exactly what I said ages ago for free with added need to sort out Hosts a simple fix

---------- Post added at 16:42 ---------- Previous post was at 16:36 ----------

bleeping computer has pretty much all the information needed to clean up these fake av/malware jobbies.

Hijackthis forums have qualified security techs that will help you sort out other malware and information is readily available for the cleaning of most viruses and root kits although in the case of a badly infected system the best cure is a reformat ( which VM wont be doing remotely)

What you do have to bare in mind a lot of viruses when cleaned correclty with leave the system unbootable due to file changes etc something else VM will not be able to fix remotely and chances are would find it hard to put right over the phone

Re: Need some help with removing some malware
 

agree with you there, that not all malware removals are a big fix but they treat everything the same i.e. you get the same service for a small malware issue as a big malware issue to ensure there is nothing lurking in the background plus a full clean up.

yes as it is quite a lengthy process, as stated they do a full clean up at the same time. They even check start up programs to ensure they only have what they need running at start i.e. qttask (QuickTime) is an example of one start up program that gets switched off.

yes again

again yes

That's ok if you know where and what to look for as a lot of people will do but what you need to bear in mind is that this is a service for VM customers that will not have that knowledge or will not know where to look for it. It is surprising how many people don't know the difference between a screen saver and a desktop as you most probably know yourself.

not remotely but supposedly over the phone support (still waiting to see how that is going to be achieved) to help with a reinstall providing customers have the relevant disks and keys if reqd.

30 quid if you take out a subscription ;-) ................. lol
does seem a bit excessive but when you compare it with other companies offering the same sort of service it is competitive although there are some that are cheaper but like anything in life if you shop around you'll get a better deal.


To be honest for anyone that knows what they are doing with a pc this service will not be for them but for all VM customers that have not got a clue I personally think it is peace of mind for them.