Solved

Utility to remove pup.optional.whitesmoke.a malware

Posted on 2014-03-17
14
969 Views
Last Modified: 2014-03-19
Can someone recommend a legit utility I can download to remove pup.optional.whitesmoke.a malware?  I ran Malwarebytes and it found 1457 instances. There is no remove all, I'd have to check each box individually. Hoping for something a little quicker.  ;-)   Half the stuff I look at looks like it would just download MORE malware.

Really appreciate the recommendation of LEGIT tool.
0
Comment
Question by:adamant40
  • 6
  • 3
  • 2
  • +3
14 Comments
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39935362
I would try an offline antivirus. Just burn the CD and boot from it.

For ex: Avira Rescue System.

HTH,
Dan
0
 
LVL 4

Expert Comment

by:Kent Fichtner
ID: 39935376
Kaspersky has a good live cd, but you could also try their virus-fighting utilities

http://support.kaspersky.com/viruses/disinfection
0
 

Author Comment

by:adamant40
ID: 39935381
Most AV programs I've tried are less effective at Malware. Have you used this CD/Software to successfully identify and eradicate malware?

Thanks
0
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39935385
I've used Avira successfully on infected systems and it removed viruses and malware.
Not the particular kind you're looking for, but it *should* work.

Looks like it at least knows about it: http://www.avira.com/de/support-threats-summary/tid/7994/tlang/en
0
 
LVL 4

Expert Comment

by:Kent Fichtner
ID: 39935407
I haven't used Avira, but that article that Dan shows looks pretty good.  If that doesn't work you could always try:

http://malwaretips.com/blogs/pup-optional-whitesmoke-a-virus/

That seems to be a step 1,2,3 of how to remove it.  From looking at it the software they say to use is all free.
0
 

Author Comment

by:adamant40
ID: 39935439
I'm downloading a copy now, will have access to system tomorrow am at latest and will report back. Thanks.
0
 

Author Comment

by:adamant40
ID: 39935446
Yeah MalwareBytes did find it, but found almost 1500 instances. Not having a remove all, and having to click each one was somewhat daunting and I figured it would take about 4 hours just to check them.  :-(
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
ID: 39935491
Try the tools here:

http://securityxploded.com/tools.php

Spy BHORemover and SpyDLLRemover are excellent.
0
 

Author Comment

by:adamant40
ID: 39935506
Hey Dan,
I've downloaded the ISO from your link but when I open it with UltraISO it reads "Ubuntu-Live-Custom. Does that sound correct for the avira rescue system?
0
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39935510
Yup. It's a live CD based on Ubuntu. Just to make it pretty :)
0
 
LVL 1

Accepted Solution

by:
Techmanbrad earned 500 total points
ID: 39935799
With Malwarebytes there is actually a way to "Remove All" and it saves a lot of time!

Run the MBAM full scan until it is finished detecting all instances of malware.  Once finished, left-click on one of the detected items to highlight it and then right-click on this highlighted infection and select "Check All Items."  Next Click "Remove Selected" at the bottom.  

Enjoy!
0
 

Author Comment

by:adamant40
ID: 39937355
DOH!!! Wish I read the above post this morning before I started on Avira. Avira CD ran for 3 hours and only got 45% done. It had only detected 1 item at that time and then the user came in and I had to cancel and reboot. I will try running MBAM, see if the selecting all items works, then delete and reboot at lunch. Thanks.
0
 
LVL 61

Expert Comment

by:gheist
ID: 39940575
You have plenty of tools
http://malwaretips.com/blogs/pup-optional-whitesmoke-a-virus/
I'd try first safe mode first  with network and update antivirus that you have...
0
 

Author Closing Comment

by:adamant40
ID: 39940589
Still have to do another deep scan to confirm, but MBAM was able to remove all instances of this malware. Kind of an ID-10-T issue on not being able to select all items to remove.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now