Helping people with computers... one answer at a time.
Every so often malware comes along that the current crop of anti-malware tools don't remove. We'll look at why, and what steps you should take.
I got hit with some sort of adware / spyware/ malware that keeps popping up a task bar icon telling me i have security problem and then it keeps trying to download XPAnti-virus or some other type of spyware blocker. I have MacAfee, Windows Defender, Ad-Aware, and Spybot S&D all loaded in my machine, yet I can't seem to get rid of this problem. It keeps popping up every 5 to 10 seconds, making doing ANYTHING almost impossible. I have even tried to do a system restore, and I can't do that either. Any suggestions?
•
I'm actually starting to hear this a lot more frequently in recent days.
As always, it's the never-ending race between the malware creators and the anti-malware tool creators.
If I found myself in your shoes, there are a few things I would look into.
•
The single, first and most important thing I would make sure of is that the anti-spyware and ant-virus software you are running is up-to-date. By that I don't necessarily mean that the program versions are the latest and greatest, though that's also a good thing. I mean instead that the databases of information they use to identify malware are as up-to-date as possible.
Most anti-malware programs have the ability to update their databases of information automatically, and you should make sure that's enabled. Updating daily is recommended, and that's no joke: new malware is being created every day. If the databases are out of date then the anti-malware tools you have won't be able to detect and deal with the latest threats.
(I'll also mention that running at least three, if not more, anti-spyware programs simultaneously concerns me. If the real time components for all are enabled, it's possible that they could conflict with each other in odd ways.)
System restore was a good idea, even though I'm not a huge fan of it. It doesn't restore everything most people think it does. It's worth a try, though it's important to realize that chances are even if it does make the problem go away, the infected files that lead to the problem in the first place are likely still around.
My next step would be to look for information specific to the product or threat that you're experiencing. Google is your friend, and searching for specific terms, names and messages that you might be experiencing can often lead you to resources and solutions.
As it turns out "XP Antivirus", "Antivirus XP 2008", "Antivirus XP 2009" are apparently relatively new, very annoying, and very difficult to remove. Anti-malware vendors are struggling to keep up, but this is clearly a case where keeping your anti-malware software up-to-date as mentioned above is a critical first step.
There are also various sites that list step-by-step manual removal procedures, or have tools specifically for this threat. My earlier article How can an infection like Antivirus XP 2008 happen? has links to some of the more reputable sources.
Finally, with increasing levels of severity, I would try:
-
The System File Checker - in case the malware affected system files that can be repaired or replaced.
-
A Repair Install of Windows - which would, essentially, replace all of Windows system files and Windows registry entries.
-
A reformat and reinstall of Windows from scratch.
Yep, that last one's pretty painful. Unfortunately, in the very strictest sense, it's the only solution that is guaranteed to rid you of any and all pests. In fact, there's a philosophy that that says once you've been infected by anything it's not your machine any more - no matter what you do you have no idea what the infection left behind. You don't know that the anti-malware tools you may have run have cleaned it off, because malware's very purpose is to avoid detection. Once infected the only way to be 100% sure that you're clean is to erase everything and start from scratch.
As you might imagine, that's not a particularly practical solution in many cases, and most people are satisfied to live with the risk of simply letting anti-malware tools do their job and assume that they are successful.
But it's also perhaps the biggest argument for prevention being much more important than most people realize.
Article C3536 - October 18, 2008
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
I find that Spyware Blaster is the best thing to use. I used to also use Lavasoft's Adaware and Spybot Search & Destroy, but for years all they found were cookies. I came to realize that Spyware Blaster was doing the job, and I've been using it with a good firewall (hardware & software) and antivirus for about 3 years now with not a single problem. I have the newest version of AVG and it has some antispyware components and it hasn't found anything yet. Not even a virus.
Posted by: Linda White at October 21, 2008 4:55 PMI would like to recommend Search-and-destroy to anyone that wants a good scan for their computer. I tired many other scanners in the past but so far I like this one the best. It’s cheaper than many of the others and it cost less. What more can you ask for? The antispyware solution from Search-and-destroy found at http://www.search-and-destroy.com is a great option whether you use your computer for work or personal use. It will keep it clear and clean of antispyware that bogs down your PC and causes it to be sluggish and annoying.
30-Oct-2008
Boot into safe mode before running / installing spybot. It will take care of the problem. I know for a fact...I had the same issue. My infection came from a fake flashplayer link.
Posted by: Curtis at October 30, 2008 4:10 PMi want to get rid of tyhat anti virus 2009 thing.it keeps popping up.and i hate it n.willl someone help me
08-Nov-2008
It seems u r nt benifitted wid the Antispywares u are using,so try some other gud antispyware.
I work on many OS Vista , Win 7,XP and have installed the combo of Macfee & Advanced System Protector , the reason of using Advanced System Protector is that it not only blocks the spyware b4 it can enter your system, will also clean the infections if any and it gives routine updates of the latest definitions and is very easy to use.
The On Execution Scanner & Alert Shields make it more efficient in the case of internet access. free version of ASP is also available which provides free scanning and cleaning.
Try this.
http://www.systweak.com/AntiSpyware/Download/
Posted by: emmatyson at August 6, 2010 3:41 AM