My computer is completely run over by spyware and crapware and fuckyouware and malware and adware and whatever-else-they-call-it-ware right now. It is most emphatically NOT COOL.

I'll summarize what's going on in the hopes that someone can assist me.

Around lunchtime today I noticed that I was getting pop-ups (I mentioned this on DLP's IRC at the time actually) I have a pop-up blocker so this was abnormal and I ran CCleaner (not a spyware or virus catcher, I know, but it's a very quick thing to do first). It worked. Then I tried to run Malwarebytes' Anti-Malware and it had an error.

About this time I noticed that a Anti-Virus/Mal-ware program I'd never seen before was informing me that my computer was inundated with viruses and malware. Now I'm pretty informed on what I put on my own computer and I didn't recognize this thing so I immediately assumed that whatever virus I had was mimicking an anti-virus program in order to screw me.

I was right. I google'd the infection that it told me I had instead of clicking on anything and it turns out that -- lsas.blaster.keyloger -- looks and acts like a fake anti-virus program. I was glad I had been skeptical.

So my AVG Anti-Virus program isn't working any more than Malwarebytes was, so I google how to get rid of this POS thing on my computer and end up downloading SpyDoctor or something. It finds things on my computer but insists that I pay to remove them. I uninstall this.

I download a new virus program called IObit Security 360 along with an updated version of AVG and Ad-Aware. I install things. I have to restart my computer to use them but my computer decides to restart itself.

This is when it gets really bad. Upon getting back into my computer I notice first of all that my wallpaper is gone and replaced by a pure blue background.

Then I noticed that 90% of .exe programs simply WILL NOT RUN. This includes all of my security software. Hell I even tried to open the task manager and my damn computer fake-anti-virus-but-actually-a-virus thing informed me that the Task Manager was attempting to send my credit card number off somewhere (bull shit) and so it stopped it for me. It does this for everything ending in .exe that I tried with the exception of firefox/IE.

So I can't seem to run anything. Or if they are running I can't see them so I assumed it closed them. And I can't check the task manager either.

I looked up a way to remove this crap manually but I can't find the files it mentions and I can't stop the processes because I can't get into the task manager. So apparently I can't remove it manually either.

I re-started, hit F8, and ran Windows in Safe Mode (I have XP by the way). The virus thing does not plague me here. I installed the software I couldn't get to install earlier (there was one or two) and I run Ad-Aware (which is a POS because it didn't find anything), the new IObit software (which finds 6 things), AVG command line scan (which found something), and CCleaner. I fix/remove everything these guys find.

I restart my computer in normal mode intending to do all this again (I know running scans in safe mode isn't that effective but I had hoped it found enough to help me get things started in normal mode) but I am right back where I started.

I install a few of these programs on my flash drive using a computer in the library (where I am now) and try running from those, but again no luck.

Does anyone have any ideas? I am in the library right now writing this, but I *think* I will be able to access the internet from my computer when I get home. It was letting me earlier just constantly giving me pop-ups and that stupid fake-security thing telling me my credit card is heading out to parts unknown via every program on my computer. (this is constant and very irritating). I also saw online where someone had this and even SAfe Mode ceased working -- so I am concerned.

Ideally I could find a program that does nothing but remove this crap and can do it from Safe Mode, but that might be wishful thinking. I have a little time to google in the library before I have to leave.

Help would be appreciated. Also, I thought about just... re-formatting or whatever and starting over. However I'm not sure if the CD that this computer came with can fully re-install Windows. Don't you sometimes just get... a CD that doesn't do that or something? I don't know, but I heard you can't always count on that.

 

I have most of my data backed up, but I am not sure if I have the correct CD to allow me to re-install. I will have to find it first I guess.

Boot Time Scan -- got it.

I haven't tried Avast but I have tried Spybot and remember being unimpressed compared to Malwarebytes. I am getting it again though in hopes that something will offer a boot-time scan. That's a brilliant idea I just have to find a program that does it, and apparently that's Avast. Awesome! *goes to try this*

 

I can't get Avast installed. I downloaded the install file in the library but when I can't do it from safe mode since it has to download something else that saves somewhere automatically.

I can't run the exe file from normal mode to get it to work, and I can't figure out how to access the internet from Safe mode (ideas on internet from safe mode?)

 

If it were me, I'd probably say "fuck it" and format and reinstall Windows. If you don't have the Windows XP CD, I would download it. As long as you have a working key, usually found on a sticker on the bottom of your laptop or the side of a desktop, it's all legal.

 

I appreciate the help folks. Giving all of this a go now.

I've got Avast running via the "Safe Mode with Networking" (thanks for the heads up about that option) to DL it (didn't stay in library long enough to read about the other downloadable file, but that's a good idea to have on a flash drive for the future) and it did the scan at Boot option so hopefully that will work.

If it doesn't then I'll try getting Windows re-installed somewhere. Spent a good 6-8 hours last night making sure I had everything important backed up so it should be OK if I go that route.

Thanks!

 

Cheddar, the only way to guarantee you get rid of everything is a complete format and reinstall. After that, first thing you do is get AVG or avast, Malwarebytes Anti-Malware, and SUPER Antispyware and have them running at all times. Run light scans weekly, in-depth ones monthly, and if you're super paranoid, format and reinstall every couple of months too.

That said, the best way to avoid viruses is common sense. Avoid visiting dodgy sites, filesharing programs like limewire and bearshare, and don't insert removable drives that you don't know exactly what is on them.

 

This. That being said, if you want to try getting rid of stuff, run Malwarebytes from Safemode, and install Avast (run its boot-time scan, then uninstall because it's crap).

 

Thanks guys.

What I ended up doing (all on suggestions from here) was getting Avast! (I forget how I managed to get it downloaded finally) and running a boot time scan. That caught some stuff but the virus was still there. It got enough though to let me run .exe files from normal mode again.

Every time I tried to install Malware Bytes it would delete the mbam.exe file, even from safe mode. So after about 4 tries in Safe Mode I managed to rename the file and then I was able to run it.

Between those 2 programs I think I finally got the crap that was plaguing me. I've also run a few other things like IObit Security and AVG and MalwareBytes another 5 times. I am not getting popups anymore and the rest of the system seems to be working fine -- but it's slower than it was before all of this.

I'm still concerned it's lurking somewhere though so I'll probably take everyones advice here and re-format soon. I just have to make sure I can get some of my programs re-installed again. There are a few I can't do without and don't have CDs for, etc.

Thanks again all. I'd probably have ended up needing to pay someone to fix it without your help.