Page 1 of 1

Adware Agent

PostPosted: 07 Jun 2013, 16:04
by Fugitive
I don't even use Skype but since I clicked to accept an update on my laptop I have horrid adverts popping up inviting me to chat with girls, telling me my computer needs a boost, gambling websites and so on.

I did a Malware and it tells me it will remove Adware Agent as it is a threat. It hasn't gone away though and neither have all the unpleasant things. I use Avast on my laptop and I've done a Windows Defender but neither of these have identified Adware Agent.

I've stopped using this laptop for online banking and using debit/credit cards to buy stuff as I'm really worried Adware Agent is one of those spy things that can grab my passwords and personal details. On websites these unwanted adverts are described as 'ads not by this site'

Any suggestions please and should I be as afraid as I feel?

Re: Adware Agent

PostPosted: 07 Jun 2013, 21:37
by Workingman
You are right to be concerned Fugi.

Can you do a system restore to a point before all this happened? If so do it.

Get the 14 day trial of Malwarebytes Pro form here and run it, but make sure to get updates first.

http://www.malwarebytes.org/products/malwarebytes_free/

Also get Spybot and update it before using.

http://www.safer-networking.org/dl/

If those two do not kill it you might also like to follow the instructions here: http://forums.malwarebytes.org/index.ph ... pic=124957

Don't bother with the logs etc., just follow the hints from Mr Charlie.

Re: Adware Agent

PostPosted: 08 Jun 2013, 09:13
by Fugitive
Thanks WM.

Done the malware several times before and it finds the Adware as the only threat, removes it but it keeps coming back every time I check. I did the updated Spybot this morning and it found 240 undesirable threats (gulp), all low level except for a block of things that said they were high risk. Lots of them were Babylon and Delta. Cleaned them.

Funnily I'd found Mr Charlie's forum before but dear me he is very techie and goes into places on my computer I am very unsure about.

The sex adverts seem to have gone. Still getting gaming webpages popping up. Still getting 'ads not by this site' on webpages.

I shall study Mr Charlie later.

Re: Adware Agent

PostPosted: 08 Jun 2013, 09:53
by Workingman
Yes, Mr C can ga a bit deep. Try this as a backup, it has good and clear links to removal tools.

Re: Adware Agent

PostPosted: 09 Jun 2013, 12:25
by Suff
Perhaps you could try downloading and running the Kaspersky rescue disc 10. You download the iso file and then burn it to a CD or DVD. In Vista and higher, you should be able to rick click on the iso file and select to write it to a CD or DVD.

You then boot the machine with the CD. If it is not set up to boot from CD you'll need further instructions, sometimes F12 allows you a one time boot menu otherwise it's done from the bios.

The obvious advantages of a boot time disk is that Windows (and the malware), is not running and can't avoid the scanner. I've only had to use this once with a particularly nasty Trojan (not my machine I might add) and it worked perfectly.

Just a thought, it's obvious that these infections are agile and designed to survive disinfection and reboot.

Worth a try.

Re: Adware Agent

PostPosted: 27 Jun 2013, 10:32
by Fugitive
Thanks again for your advice. This weekend Avast kicked in and asked me if I wanted to do a pre-boot scan so I accepted, the screen went black, white text, flashing cursor, it took hours and hours and the result is I have no more 'Text Enhancer' flashing up, no more highlighted text in forums with pop-up boxes, no more invites for sex chats, no more gambling websites, windows telling me my PC needs to speed up, no more 'ads not from this site' so I feel clean again. What a relief!!!!

Re: Adware Agent

PostPosted: 27 Jun 2013, 11:34
by Suff
Good to know that it's gone. It is one of the reasons I said to go with the Kaspersky boot disk, same effect.

Modern viruses load into memory and then undo what the virus/malware scanners fix on shutdown. It is one of the reasons I run a complete suite. Norton won’t allow known malware to even start to run it has a memory scanner. Even after a malware program has loaded, Norton watches what it does. If it starts doing malware type stuff, it kills the program there and then and cleans the mess.

Today, allowing a virus to run into memory is fatal. As soon as they are running they start to inject themselves into totally legitimate areas of the machine. It is far, far, too late to report the virus once it’s there. It has to be stopped before it even begins.

Fortunately Avast has a boot time scanner. But, even then, there is malware which can subvert even this. On my Son in law’s machine I found a virus that I could only remove with the Kaspersky boot disk. All others failed. I don’t blame Norton for failing to remove it all that much, it would have never let it in, so the focus is not on getting rid of it.

It’s good to be virus free, but you have to look at your security suite and ask yourself “Why did it get there in the first place”. I go to places that immediately try to infect your machine. You don’t even have to click anything, just open the page. Granted I’m more wary than most, I would never have clicked on “update” unless I knew exactly what I was updating. However nobody is that careful. Hence a comprehensive security suite.

Re: Adware Agent

PostPosted: 27 Jun 2013, 15:45
by Fugitive
I was careless with the Skype update because there was a list of add-ons in the download box and I didn't check if they were ticked until it was too late and I'd accepted! I usually un-tick anything like that. What was I thinking?

I've got Norton on my desktop in my office and even though it says it covers several networked computers I've never added my laptop because it was already set up with Avast so I left it as it was.

I went here http://botcrawl.com/how-to-remove-text-enhance/ following advice from another forum who told me I'd been got at by 'Text Enhance' but when I went into Tools/Manage add-ons the only weird thing I could find was 'llivid' but it wouldn't uninstall manually.

So when the pre-boot thing came up with Avast I remembered your suggestion and thankfully it was the right thing to do. The pleasure now racing through the web without that 'Text Enhance' window popping up is heavenly.