Anybody had this bullshit Antisoft Malware on their computers (Help Needed Please)
 

I have the bullshit antisoft spyware on my computer and cant get rid of it I have tried changing the lan settings in IE even though I dont use it as it somehow uses a proxy and changes your homepage Then I ran Rkill Then Malwarebites which does pick it up and deletes it but as soon as I load up firefox or EI it just comes back agian IV been trying all sorst to get rid of this and it dont work

I also have avast running which does not seem to pick it up at all

Anybody know how to get rid of this

Are you making sure to close it out in task manager, and do those other steps in safe mode?

Yep I have tried it in safe mode and also using RKill to stop it from running which should I think close it down in task manager. All this was done in safemode

I use a combination of HijackThis / MalwareBytes and Super Anti-Spyware all in Windows Safe mode to remove rouge software like this. Sometimes you get one that hooks on to windows so fucking bad you need to rebuild the local profile ...sucks :(

Hijack this will show any suspicious software / reg keys that are on your box ...dump a log on here...maybe i can help you out.

I got it last week somehow and got rid of it quickly. It stopped pretty much anything from opening, including the Task Manager.

I found a link that recommended Malwarebyte's Anti-Malware software. I booted into Safe Mode, installed the app (freeware) and it got rid of the issue on the first try.

http://download.cnet.com/Malwarebyte...=dl&tag=button

OK we will just boot the computer back up in safemode and do that

i hate removing problems

I just got this and was able to remove it by doing a system restore. I had to run it from the f8 menu on reboot though (windows 7). it wouldn't let me do it from the system restore program in programs/accessories/system tools.

I have tried using Malewarebytes as I have this running on my computer
and it does pick it up and delete it but a soon as I boot back from safemode it just comes back

ok if all else fails I will try that as well

thanks guys

My Home computer picked this up this morning from gfy. Is there a way to get to system restore in XP like you did in windows 7?

thanks

I don't surf anything on this Windows box and this GFY is the only place I've gotten any sort of warning lately.

So I'm wondering if it came from here as well.

I can't 100% remember, but i don't believe xp has a restore option on the f8 menu, but you could try booting in safe mode and then trying to run system restore from programs/accessories/system tools

Get a copy of Hiren's boot cd from a clean machine, then trying running some of the programs off of it in safe mode.

hmm...me too, i just randomly got it this morning and i believe i had gfy open at the time. I had other browsers open at the time too though

This blocked me out of everything. Couldn't open Chrome, IE or Firefox. Couldn't open the Task Manager. Couldn't open AVG. Couldn't open Defender.

I was surfing GFY using Chrome when things went downhill. GFY and a handful of techblogs (Gizmodo, Engadget, etc) are all I surf from this box.

Those suggested solutions are a great combination, use them in Safe Mode, preferrably even create a NEW computer admin account to run them from. Add to the other programs it Spybot Search & Destroy with it's immunization function, run the above mentioned programs first to clear out any nasties. Then immunize the system with SpyBot S&D, restart and then restart again. After second restart, run all program again, but this time in normal mode. That will clear almost anything available. Return here if you need more help and I'll be around to follow up on you.

thanks andy & selena...will deal with it when i get home....
I am almost positive it was from here...I hit the bookmark, went out to have s moke, and when i returned my screen was lit up with fake warnings, and nothing on the screen was clickable.
(although I have spectorsoft on my home machine, if i do a system restore i will lose the video capture from this morning, i seem to recall seeing a 'brief' pop from adobe updater?)
which i 'clicked Not Now'
but it was definitely java type (i noticed the hard drive clicking away and gfy not loading right) so i immediately closed gfy (too late)
it was early and no coffee yet, so it could have been a fake

I have had good success using the free BitDefender Live CD. It boots into linux and scans. Windows never starts, so the bugs don't have a chance to load.
http://www.techmixer.com/bitdefender...tion-features/

I am also starting to think it was from GFY cause My comp was fine last night and after I logged in to GFY I all of a sudden had this shit on my computer

Let's keep this bumped and hopefully they will address it. It looks like there are others who've gotten stung by this too.

GODDAMMIT, I just got it too, going to safe mode then use S&D to try to destory it

weird ...been on here for a few hours now ...not a hiccup!

Did you see the adobe updater popup? I just saw it again (it was blocked on this machine).

Just wanted to mention that when I first logged in to GFY this morning, IE warned me that it blocked some software download. I didnt think much about it until I saw that Java was running. So I logged back out and closed down everything and came back. This time there was no download attempt warnings or java.

The last time I got that malware you're talking about, it came in a PDF file. I try not to open those anymore except local pdfs.

It hit me yesterday. Restart computer in safe mode and run Malwarebytes. Restart computer and when you open FireFox/IE/Chrome you need to view the internet options and remove the proxy setting that the malware installed.

IP: 127.0.0.1 Port: 5555

It got me on a torrent site. I was trying to get last weeks episode of Survivor.

Tried that still dont work :(

Ah yes thats right! It sets a proxy in your browser(s) for you to go reset.

Yes it does do that but you reset it and reboot the computer it just comes back again after trying all the above steps with malewarebytes also used hijackthis and have saved the logfile My son has posted this on a tech forum and they are going through the logs

Boot Safe Mode
Run Malware Bytes
Reboot
Change Proxy Setting

This is all I did and it worked no problem.

ok gonna try that again thanks

I remember there'd been 2 different files I think that had been added to my startup files (trying to remember, was on another computer). They had gobblygook names. I also stopped adobe from running ANYTHING in the background since it acts like a conduit.

As I recall, AVG never knew something was wrong, I had to download Avast free version and that did find it.

Thats what I said. Worked for me too.

i've had to remove that shit off 3 family members pcs in the past month..
though i do the manual removal method.. (safe mode with networking/lan settings/delete registry entries/delete files)
followed by a malware bytes scan..

Ok I seem to have got rid of it now by running malewarebytes in safemode and then changing the proxy settings. And Im also running noscript as well

Thanks guys for all of your help

Ok im now running a full scan with avast and it has come up with this JS:Pdfka-AFK [Expl]

so whether that has or had anything to do with it I do not know

I have no idea. Good luck, halfpint.

thanks I have got rid of it now, just in the process of cleaning my machine