Pop up window virus on my PC

John K · #1 26-10-2008, 07:34 PM

Hi everyone,

I seem to have picked up a pop up virus in the form of an application on my PC that is trying to get me download some free anti virus software from it's site.

I think it's a eibtm.exe type of virus.

It cannot be detected with my anti virus software and it cannot be deleted with my program manager or any other software - it lives in my program files -> applications area. Have tried to end it working by cnt alt del but it keeps working so cannot be deleted.

Attached are some images of the software and what it's doing. It also keeps making itself my internet home page. Very annoying!!!

Any suggestions how I can get rid of this thing?

Really thought that my anti virus software would kill it.

Thanks in advance for any help.

John.

p.s. I tried re-naming one of the files to the name virus so I could delete it, still not good.

Dooghan (Dooghan) · #2 26-10-2008, 08:33 PM

If it is a virus then your computer is toast. They dig themselves in so well now days that it's next to impossible to rid of every file, etc out of the system. I would just get out the install disks and backups and do a full reinstall. If it was my system I could never ever trust that system again with my private data until I did the full reinstall.

Bob · #3 26-10-2008, 08:39 PM

Hi John

Go to Tucows,download Malaware and install,run Malaware, that should get rid of your problem.

Regards Bob

monoxide · #4 26-10-2008, 09:03 PM

these ones are the worst of the lot, the 'anti virus' company infects your pc and it will constantly download more viruses until you pay their $50 or whatever to remove the problem they caused in the first place..
i dont know how its not illegal, its extortion.

whenever i get a virus (very very rarely) i format as its the only way to be sure its completely gone, too many experiences with AV software 'cleaning' system files which are needed for the pc to boot.

try AdAware and Spybot Search & Destroy (these are the best tools for removing malware)

John K · #5 26-10-2008, 09:07 PM

Thanks guys.

Quote:

Originally Posted by Bob

Hi John

Go to Tucows,download Malaware and install,run Malaware, that should get rid of your problem.

Regards Bob

Hi Bob,

have now done that and giving that a go, so lets see what happens.

Jeff · #6 26-10-2008, 09:26 PM

Also, run "msconfig" and look for rogue programs loaded at boot time in the "startup" section. This low tech approach is still used for some malware. You can remove check marks and reboot to test to see if the messages stop. Also check for / disable unwanted browser plug ins.

Good luck!

John K · #7 26-10-2008, 10:25 PM

Quote:

Originally Posted by Jeff

Also, run "msconfig" and look for rogue programs loaded at boot time in the "startup" section. This low tech approach is still used for some malware. You can remove check marks and reboot to test to see if the messages stop. Also check for / disable unwanted browser plug ins.

Good luck!

Thanks, yep tried that. It's pretty smart, as quickly as you un tick and re-ticks the box so it's always running!

monoxide · #8 26-10-2008, 10:28 PM

restart and go into safe mode, you should be able to get rid of it with AdAware or Spybot S&D:

http://www.lavasoft.com/
http://www.safer-networking.org/en/index.html

Bob · #9 26-10-2008, 10:37 PM

This program, Malwarebytes' Anti-Malware.
Solved the same problem on a friends computer.

John K · #10 26-10-2008, 11:02 PM

Quote:

Originally Posted by Bob

This program, Malwarebytes' Anti-Malware.
Solved the same problem on a friends computer.

Malware is an absolute winner. Cannot believe how much stuff it cleaned out. All fixed.

thanks very much everyone.

john k.

wasyoungonce (Brendan) · #11 27-10-2008, 08:20 AM

Quote:

Originally Posted by Bob

This program, Malwarebytes' Anti-Malware.
Solved the same problem on a friends computer.

2nd that.

This program is "the only one" that has removed multiple Trojans and virus's from the one computer and cleaned it completely, for me.

Trojan's have a habit of opening your computer to other worms and malware so they can be difficult to clean. Get the Malwarebytes' Anti-Malware from the source and update it before running:

http://www.malwarebytes.org/

jjjnettie (Jeanette) · #12 27-10-2008, 08:52 AM

Glad you solved the problem.
I wonder how many people out there have paid the extortion fee, then have to keep on paying?

GrampianStars (Rob) · #13 27-10-2008, 09:41 AM

I got this once used "Avast" anti virus and it shows the file name it resides in memory as well so I re-boot in safe mode then delete before std. start
"its Gone"