Solved

Spyware Alert Pop-Up Ads

Posted on 2007-03-29
6
7,291 Views
Last Modified: 2008-03-03
Somehow I got an anti-spyware ad stuck in my system tray. Every 15 seconds or so a balloon pops up that tells me I have possible spyware on my system and I should download the latest anti-spyware programs. Needless to say, I don't trust this, I don't want it, I didn't download it, but I can't get rid of the message.

I just ran Spybot Search and Destroy, Lavasoft's AdAware, and Webroot Spy Search. My NAV is up to date and functioning properly, and I have my pop-up blocker enabled. Even as I am typing this, the balloon saying "System Alert!" has popped up, stalling anything I'm working on. I just "X" it, but it keeps coming back.

The anti-spyware that's being pushed is: "Spy Locked," "Malware Wiped," and "Pest Capture," but if I go to those web sites I'm notified that they can't be opened. I'm sure they are all bogus, but I'd like to get rid of the ad popping up.

I'm using Windows XP.  Thank you!
0
Comment
Question by:Trisha5
6 Comments
 
LVL 87

Expert Comment

by:rindi
ID: 18818526
Use msconfig to disable the msm messenger service. Then check if the popups still show.

Check your system for malware using a bootable LiveCD, the UBCD4Win and use it to clean the system.

http://ubcd4win.com
0
 

Author Comment

by:Trisha5
ID: 18819867
Thank you very much.  That did not resolve the problem, but I appreciate the response just the same.  I'm going to have somebody take a look at the computer "in person" this weekend or early next week, so that should resolve it.  Thanks again.  I appreciate your wonderful responsiveness.

0
 
LVL 23

Expert Comment

by:phototropic
ID: 18819894
This sounds like a Smitfraud infection. Take alook at this:

http://www.bleepingcomputer.com/forums/topic58401.html

Download the smitfraudfix.exe tool and run a search. If the infection is found, follow the instructuions in the link above.
0
 
LVL 47

Accepted Solution

by:
rpggamergirl earned 500 total points
ID: 18827255
phototropic is spot on!
It is smitfraud and it can be removed easily with smitfraudfix, no need to pay someone to clean it(the Tech guy might not even know smitfraud, lol)

Just run smitfraudfix(option 2) in safe mode and that's all it's needed, then run option 3 in normal mode to make sure they can't come back.

It's also helpful if you post the rapport.txt(result) to see if it came with a new variant.

SUPERAntispyware also removes smitfraud. It's a good on-demand free scanner(if you don't want to pay for the real-time monitor) with updates all year round.
http://www.superantispyware.com/
0
 

Author Comment

by:Trisha5
ID: 19420571
Sorry if I didn't close it out correctly.  When I said "Thanks," and explained that I was going to have somebody take a look at it, that was the end of it.  Hope it's closed out okay now.

T
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

INTRODUCTION "Virut" is a nasty, polymorphic file infector, and it infects every executable and screensaver file on access.  Some variant also infects .htm, html, .rar and .zip archives, and latest variants infects php and asp.  It patches system…
The intent of this Article is to provide the basic First Aid steps for working through most malware infections. The target audience includes experienced IT professionals and the casual user who just wants to make the infection go away. **********…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now