Please register or login. There are 0 registered and 1458 anonymous users currently online. Current bandwidth usage: 326.30 kbit/s December 17 - 10:20pm EST 
Hardware Analysis
      
Forums Product Prices
  Contents 
 
 

  Latest Topics 
 

More >>
 

    
 
 

  You Are Here: 
 
/ Forums / Windows XP, 2000, 98 /
 

  That darn malware Windows Security pop-up...urgh! 
 
 Author 
 Date Written 
 Tools 
Norm Muelleman Mar 10, 2011, 11:43pm EST Reply - Quote - Report Abuse
Private Message - Add to Buddy List Replies: 3 - Views: 2282
Hey all,

So, I'm at home and my step mom calls me. She is running a Dell AMD Dual core with Win XP SP3.

She said she had clicked on an email, and then an alert box popped up saying "Microsoft Security Center", and that she had a bad trojan...and wanted her to click "scan now". Of course, this is that POS malware that tries to get you to click scan..and it then wants credit card info, embeds itself, etc. She said she never clicked on anything and called me because she was suspicious.

Well, she tried to click off it with the x button, nada. I had her try running Malwarebytes..wouldnt load.

So, I had her reboot computer into Safe Mode. I've had luck wtih that before, going into SafeMode and then running Malwarebytes to remove that damn thing (on a work computer). Anyway, guess what popped up in safe mode?? She was able to click on Malwarebytes from teh Start button, and did hit "scan", but then the Fake security pop-up came back and Malwarebytes screen went away. She tried to start Task Manager, but it wouldnt load, just kept showing that darn security center screen.

Any thoughts on how to get this stupid thing off now? I was thinking of doing a system restore, but I dont know if it can be done with that stupid pop-up showing up in Safe Mode.


Norm Muelleman
Cisco CCNA
CompTIA Security+
CompTIA Network+
Certified Ethical Hacker (CEH)
Working on A+ and MCSA

My computer ate your computer for lunch :)
Want to enjoy fewer advertisements and more features? Click here to become a Hardware Analysis registered user.
Meats_Of_Evil Mar 11, 2011, 01:12am EST Reply - Quote - Report Abuse
Private Message - Add to Buddy List  
>> Re: That darn malware Windows Security pop-up...urgh!
As good as Malware bytes is for a lot of things it can fail time. If the pop-up still appears in safe mode and even blocks the task manager then its a nasty one alright.

My suggestion for now is to try other software. Supposing, of course that it lets you install it. If not, then try running from jump drive. I've had luck removing nasties with Avast! in the past. It can remove things without booting into Windows.

Check here for other anti-malware tools:
http://filehippo.com/software/antimalware/

-------------------------------------------------------------------------------------------------------------------------
Everything I write is Sarcasm.
john albrich Mar 12, 2011, 08:45am EST Reply - Quote - Report Abuse
Private Message - Add to Buddy List

Edited: Mar 12, 2011, 08:49am EST

 
>> Re: That darn malware Windows Security pop-up...urgh!

Might also try these. Author website might have most current versions.
Multiple links provided as they sometimes change.

Kaspersky Rescue Disc
(self-booting = Keeps system out of Windows entirely while trying to scan/fix. Can help address malware that relies on defeating Windows-based AV programs)
http://www.majorgeeks.com/Kaspersky_Rescue_Disk_d6501.html
http://support.kaspersky.com/kav6mp2/rescue

Kaspersky Virus Removal Tool
(designed to be a 'one-shot' AV scan/fix run under Windows but later replaced by a 'permanent' AV program)
http://majorgeeks.com/Kaspersky_Virus_Removal_Tool_d4515.html
http://www.kaspersky.com/removaltools
http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/ <--Download page



Also, I often run a program called Process Explorer (sysinternals/Microsoft) or System Explorer.

http://www.microsoft.com/technet/sysinternals/default.mspx
http://www.majorgeeks.com/Process_Explorer_d4566.html
http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
http://download.sysinternals.com/Files/ProcessExplorer.zip <==download link
http://www.sysinternals.com/ntw2k/freeware/procexp.shtml

http://majorgeeks.com/System_Explorer_d6381.html
http://systemexplorer.mistergroup.org/

Whenever something like that pops-up, I "kill" the process involved (e.g. firefox) rather than using the "X" or a "Close" tab. It may or may not prevent the malware from being triggered, but at least you're not clicking on something that "they" provided.

Norm Muelleman Mar 12, 2011, 11:19am EST Reply - Quote - Report Abuse
Private Message - Add to Buddy List  
>> Re: That darn malware Windows Security pop-up...urgh!
Well, with me being about 1800 miles away, not much I could do from afar...
They had someone local come by the house. She had some tools on a USB drive that she was able to get logged in and get the darn thing removed. It took her an hour to finally get rid of it.

I'm going to get some of those programs loaded on my flashdrive...been meaning to do that, but with all the stuff going on with me and the new job in Arizona, I've been putting stuff off :(

Norm Muelleman
Cisco CCNA
CompTIA Security+
CompTIA Network+
Certified Ethical Hacker (CEH)
Working on A+ and MCSA

My computer ate your computer for lunch :)

Write a Reply >>


 

    
 
 

  Topic Tools 
 
RSS UpdatesRSS Updates
 

  Related Articles 
 
 

  Newsletter 
 
A weekly newsletter featuring an editorial and a roundup of the latest articles, news and other interesting topics.

Please enter your email address below and click Subscribe.