?
Solved

Spyware Alert Pop-Up Ads

Posted on 2007-03-29
6
Medium Priority
?
7,314 Views
Last Modified: 2008-03-03
Somehow I got an anti-spyware ad stuck in my system tray. Every 15 seconds or so a balloon pops up that tells me I have possible spyware on my system and I should download the latest anti-spyware programs. Needless to say, I don't trust this, I don't want it, I didn't download it, but I can't get rid of the message.

I just ran Spybot Search and Destroy, Lavasoft's AdAware, and Webroot Spy Search. My NAV is up to date and functioning properly, and I have my pop-up blocker enabled. Even as I am typing this, the balloon saying "System Alert!" has popped up, stalling anything I'm working on. I just "X" it, but it keeps coming back.

The anti-spyware that's being pushed is: "Spy Locked," "Malware Wiped," and "Pest Capture," but if I go to those web sites I'm notified that they can't be opened. I'm sure they are all bogus, but I'd like to get rid of the ad popping up.

I'm using Windows XP.  Thank you!
0
Comment
Question by:Trisha5
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 88

Expert Comment

by:rindi
ID: 18818526
Use msconfig to disable the msm messenger service. Then check if the popups still show.

Check your system for malware using a bootable LiveCD, the UBCD4Win and use it to clean the system.

http://ubcd4win.com
0
 

Author Comment

by:Trisha5
ID: 18819867
Thank you very much.  That did not resolve the problem, but I appreciate the response just the same.  I'm going to have somebody take a look at the computer "in person" this weekend or early next week, so that should resolve it.  Thanks again.  I appreciate your wonderful responsiveness.

0
 
LVL 23

Expert Comment

by:phototropic
ID: 18819894
This sounds like a Smitfraud infection. Take alook at this:

http://www.bleepingcomputer.com/forums/topic58401.html

Download the smitfraudfix.exe tool and run a search. If the infection is found, follow the instructuions in the link above.
0
 
LVL 47

Accepted Solution

by:
rpggamergirl earned 1500 total points
ID: 18827255
phototropic is spot on!
It is smitfraud and it can be removed easily with smitfraudfix, no need to pay someone to clean it(the Tech guy might not even know smitfraud, lol)

Just run smitfraudfix(option 2) in safe mode and that's all it's needed, then run option 3 in normal mode to make sure they can't come back.

It's also helpful if you post the rapport.txt(result) to see if it came with a new variant.

SUPERAntispyware also removes smitfraud. It's a good on-demand free scanner(if you don't want to pay for the real-time monitor) with updates all year round.
http://www.superantispyware.com/
0
 

Author Comment

by:Trisha5
ID: 19420571
Sorry if I didn't close it out correctly.  When I said "Thanks," and explained that I was going to have somebody take a look at it, that was the end of it.  Hope it's closed out okay now.

T
0

Featured Post

Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It started not too long ago. It was at first annoying. My keystrokes seemed to be randomly generated, not the ones I typed on the keyboard. For some reason this only happened in certain applications (especially browsers such as IE11, Firefox and Chr…
You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses
Course of the Month8 days, 3 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question