Popup advert on startup - spyware?

Samfau2

Samfau2

Samfau2

Associate
Joined
2 Oct 2008
Posts
225
Hi, i seem to have some kind of spyware infection. Whenever i start up my computer this comes up in IE.

http://s253.photobucket.com/albums/hh76/samfau2/?action=view&current=Capture.png

I've run spybot S&D, Ad-aware NOD32 and windows defender and none of them have found anything wrong so i'm now stumped as to how to get rid of it. Additionally, when pressing alt tab, windows shows an extra application open that does not appear in task manager and is still there when i close everything i have open (not sure if the two problems are related), here is a picture.

http://i253.photobucket.com/albums/hh76/samfau2/Untitled.jpg

Hope someone can help, cheers.
 
Sounds like it might be a rootkit. I'm not that experienced in removing them but you should probably try running some sort of rootkit detection/removal software to check.
 
sorry to ressurect this thread but after finally getting round to running spybot and malwarebytes in safe mode i still have the same problem on startup. Any other ideas?
 
Ran everything in safe mode a while back and nothing found it, then tried spybot again in safe mode and it found something. Restarted and it was gone woohoo!

BUT..

a few days later i did a system restore and it came back. Now nothing, not even spybot will get rid of it...
 
D/load rkill,& run it ,if its a malicious process rkill should stop it. Boot into safe mode & run Malwarebytes.
 
Samfau2 said:
Ran everything in safe mode a while back and nothing found it, then tried spybot again in safe mode and it found something. Restarted and it was gone woohoo!

BUT..

a few days later i did a system restore and it came back. Now nothing, not even spybot will get rid of it...
Click to expand...

You actually system restored to a time when you had a rootkit infection?
What on earth do you do with your PC?
Why would you do that? Why did you need to system restore?
 
Before you spend time running multiple scanners, have you installed any 3rd party software for Microsoft instant messenger program?

Don't remember the name of it, but in the terms and conditions it states the inclusion of this style of advertisement feature, and many scanners will not flag it up as its commercial company. If does get disabled by a scanner partly cleaning some of it up, it will eventually resume as I found out. So I eventually removed the 3rd party software and the adverts ceased.

Edit: This is what I was referring to. Messenger Plus advertising feature.
 
Last edited:
Right click My Computer on Desktop, goto Properties > Goto System Protection.
Disable system restore on your drive. This deletes any of your old restore points.
When those are deleted and System restore is disabled, re-anable it so that a fresh Restore point is then created.

This Restore point will contain the Virus. It's usage will be only used if you mess up your PC when trying to remove the Virus.

Do your Virus removal process as usual and hopefully you'll remove it. Once your system is running all fine and you are happy. Again, disable the system restore to delete the restore that contained the virus, then recreate a new system restore of your PC in it's current state, hopefully without the Virus!.
 
Yeah i know, it was kind of dumb.

It wasn't actually to a time before the rootkit was there. It was only to the previous day because my sister had deleted a bunch of software so I didn't think it would reinfect my PC.

No i don't have msn plus and cheers Macca that's what ill try now.

EDIT: Just to clarify so i don't sound like a complete douche, there was like a month in between me getting rid of the rootkit and doing the system restore.
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom