• We should now be fully online following an overnight outage. Apologies for any inconvenience, we do not expect there to be any further issues.

I have Malware - recommendations?

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.

Ketchup

Elite Member
Sep 1, 2002
14,559
248
106

Here is a list I posted if you haven't looked yet:

If spyware/hijackers are obvious, turn off system restore.
Go to programs and features and remove toolboars and questionable programs.
Open up msconfig and deal with programs are allowing the intrusion through.
Clean out user temp folders.
Clear browser history and any add-related toolbars still installed.
After that, Superantispyware and Malwarebytes for anything else.
 

cubby1223

Lifer
May 24, 2004
13,518
42
86
I have used VLC for years and never seen a pop up like that.

New malware is using popups trying to "inform" you to update software on your computer, only to provide you a download not of the updated software but some other malicious software to execute.
 

futurefields

Diamond Member
Jun 2, 2012
6,470
32
91
i tried running malwarebytes in safe mode, it finds nothing but im still getting the popups

i think im going to reformat, i want to upgrade my hd anyways and ill need to reinstall windows + a few games
 

John Connor

Lifer
Nov 30, 2012
22,757
619
121
I know. I almost felll for it, but I was blocking scripts and knew that pop up for flash couldn't have been generated.

The OP more than likely has a PUP/adware and I bet ADwcleaner gets rid of it.



New malware is using popups trying to "inform" you to update software on your computer, only to provide you a download not of the updated software but some other malicious software to execute.
 

MongGrel

Lifer
Dec 3, 2013
38,466
3,067
121
I switched to Potplayer from VLC years ago, so no idea on that one.

I guess you all ready did Malwarebytes.

I know. I almost felll for it, but I was blocking scripts and knew that pop up for flash couldn't have been generated.

The OP more than likely has a PUP/adware and I bet ADwcleaner gets rid of it.

More than likely.
 

cubby1223

Lifer
May 24, 2004
13,518
42
86
i tried running malwarebytes in safe mode, it finds nothing but im still getting the popups

i think im going to reformat, i want to upgrade my hd anyways and ill need to reinstall windows + a few games

Go into Chrome's settings and remove any extensions you do not recognize.

And sometimes you just have to connect the hard drive to another computer and run a scan from there.
 

futurefields

Diamond Member
Jun 2, 2012
6,470
32
91
Its still there guys, after running Malwarebytes in Safe Mode and ADWCleaner, which said it found 34 things, but then today the pop ups are back.
 

Matt1970

Lifer
Mar 19, 2007
12,320
3
0
Its still there guys, after running Malwarebytes in Safe Mode and ADWCleaner, which said it found 34 things, but then today the pop ups are back.

Try this.

Open Internet Explorer. On the Tools menu click Internet options, click the Advanced tab and then reset.

I typically run Malwarebytes, Combofix, Spybot, and then Super Anti-Spyware on infected customer machines.
 

John Connor

Lifer
Nov 30, 2012
22,757
619
121
Its still there guys, after running Malwarebytes in Safe Mode and ADWCleaner, which said it found 34 things, but then today the pop ups are back.


Okay, run Hijackthis and chose to save log file. Upload the log here please.

And I would use Autoruns and save the .ARN file. Use a file host like Dropbox and post the link here. We can't help if you don't take the advice. I've cleaned a lot of crap off computers before.

Like others are saying look for rouge plugins and/or addons in your browser. There may be a script that is running on your computer. It might take safemode to remove it. Or the use of unlocker for the file.
 

futurefields

Diamond Member
Jun 2, 2012
6,470
32
91
im just going to reformat, i bought a new hard drive, i am going to use the 500gb for OS and 3tb for games

evenetually the 500gb will be swapped out for an ssd as well
 

compcons

Platinum Member
Oct 22, 2004
2,270
1,340
146
Did I miss the part when the OP actually went and checked for bs programs and uninstalled junk? Did I also miss the part where the OP killed bs extensions for web browsers?

Seems like some basic stuff before formatting.
 

inachu

Platinum Member
Aug 22, 2014
2,387
2
41
Woah! all these posts in this thread to clean up to spend many hours to fix your pc up.

It boils down to this. TIME VS MONEY. Do you truly want to invest lots of time to clean the pc spending money on anti virus/malware programs Versus just formatting the hard drive and starting from scratch?

Many times a infected pc that was cleaned up will be a lot slower than a pc that was newly reimaged "AS NEW"

So yeah if you do not care about time and money invested then yes go and use the all the paid and shareware and freebies to clean your system but just backing up and reinstalling windows would be a lot better in the long run.
 

inachu

Platinum Member
Aug 22, 2014
2,387
2
41
im just going to reformat, i bought a new hard drive, i am going to use the 500gb for OS and 3tb for games

evenetually the 500gb will be swapped out for an ssd as well



I skipped the above post and did not see it at first!


GOOD JOB!:D
 

futurefields

Diamond Member
Jun 2, 2012
6,470
32
91
Reformatted, reinstalled Windows, but something is very wrong with my PC now. Windows Update is not working -

2eoh5w5.png


Will start a new thread since this is a new problem.
 

VirtualLarry

No Lifer
Aug 25, 2001
56,587
10,225
126
Is it possible that you have ROUTER malware? If your router was set to a default password and IP address, then this is possible. Something might have changed your DNS settings in your router, such that your web accesses for things are being re-directed through a proxy site, that is injecting those ads into your HTTP stream, and interfering with Windows Update.

Just a theory, at least. Worth checking out.

Edit: That would explain why Malwarebytes didn't find anything on your machine.
 

Ketchup

Elite Member
Sep 1, 2002
14,559
248
106
Windows 7: Warning - KB3004394 corrupts system files..

http://borncity.com/win/2014/12/10/...tificate-in-windows-7-windows-server-2008-r2/

http://www.sevenforums.com/windows-...-warning-kb3004394-corrupts-system-files.html

Problems with update KB3004394.. Google it..

Microsoft screwed the pooch..

Installed it today on two Win7 machines with no issue (and magnifier still works).

I would recommend you go to his new thread with this though.
http://forums.anandtech.com/showthread.php?t=2412246&highlight=
 
Last edited:

futurefields

Diamond Member
Jun 2, 2012
6,470
32
91
Is it possible that you have ROUTER malware? If your router was set to a default password and IP address, then this is possible. Something might have changed your DNS settings in your router, such that your web accesses for things are being re-directed through a proxy site, that is injecting those ads into your HTTP stream, and interfering with Windows Update.

Just a theory, at least. Worth checking out.

Edit: That would explain why Malwarebytes didn't find anything on your machine.

my router was secured with a private password. how common is router malware?
 

Ketchup

Elite Member
Sep 1, 2002
14,559
248
106
my router was secured with a private password. how common is router malware?

Quite rare. One test would be other computers on your network. If there are other computers on your network getting updates w/o issue, I think it is safe to assume your router is fine.
 

Bubbleawsome

Diamond Member
Apr 14, 2013
4,834
1,204
146
My windows updates have been broken for the past 6-9 months. There are manual installs somewhere if you don't feel like reinstalling.