Inactive [InActive] antispywarexp 2009 bug

okay folks i know someone out here has been hit by this really bad bug. so what have you found is the best way to get rid of it. i have had so many machines lately that have got hit by this thing its unreal and when i use malwarebytes, spyware doctor 6, spybot, smitfraud, antivir programs on the drive attached to another machine as a slave. when i put the drive back in the machine when i get to the desktop literally all the icons malfunction. i mean literally every icon. when i click an icon it comes up and browses for the application. this bug has me beat and ive done everything researching on the web suggest and stilll it keeps biting my ass.

only thing ive been able to do is back the data up and rebuild these machines back to defaults. anybody have a 100% way of removing this bug without damaging the other apps. ive been doing this stuff for decades and this bug has me beat and ****** at whomever developed it. excuse my french.

 

I'm jumping over to this forum only to philosophize for a brief moment. Lets look at what you are doing from a logical pespective.

You said you are removing the system drive from a troubled machine, putting in another machine, slaving it and then trying to clean it. When you do this, you are using the "other" machine's operating system and registry - OK - you know that. Now, let's suppose for a minute that an infection or a part of it may be imbedded in the operating sytem or the registry or somewhere else that is no longer active when the drive is "slaved" to run off another machine's operating system. The software you are using isn't looking for what I will call the "dormant" system files or registry entries & etc. on the slaved drive and it isn't doing anything with them. Now you pull the problem drive and put it back in the problem machine and those embedded rogues become active once again. What do you know? - the same problems are still there.

May I suggest that you leave the problem drive in the problem machine and then try using something like MBAM for starters. Now you are going to be able to get to those "active" files that were "dormant" when the drive was slaved in another machine. There is a lot more to it than that however and that's why you need to follow the general procedures outlined in a sticky at the top of this forum. Trust me, the way these threats are bundled these days, one needs expert assistance. Today's malware writers aren't just good, they are phenominal at their respective craft.

Fortunately, we have people like noahdfear, Geri, Blender, Juliet and suebaby41 who eat this stuff for breakfast, lunch and dinner and know how to clean up these threats.

The way I see it you have two options. You can either solicit their assistance and follow their directions or you can continue to reformat and reinstall.

 

Rockster2U

the main reason why is was attaching problem drive as a slave was to get rid of the files that reside in either the program folder, windows or windows\system32 folder. after i clean the machine up i put back in original machine and run those scans again. usually i get errors when i boot the machine back up because the registry is trying to do things but cant find the associated files on the drive. i also search the registry and manually remove the program i.e. antispywarexp 2009.

am assuming mbam is malwarebytes - true not true. it would be nice to have a quick and simple way to remove this bug cuz its giving me stress even tho rebuilding isnt a big problem. these malware writers like you say are incredible at what they do. the bugs disable task manager and regedit. i know the fixes to get those functions back but a little lost at why the icons when i go back in the system are non-functional. thats the big reason why i end up rebuilding cuz no icons work and im not sure why thats happening.

i will contact these people you mention but not sure what you mean by the sticky at the top of the page tho.

thanks greg

 

Greg,

Yes, MBAM is Malwarebytes Anti-Malware. Some of these things aren't too difficult to clean if one has the right tools and knows what they are doing but that's also where the problem arises. Because many of these malware threats have several variants and the authors are continually changing and fine tuning the active payloads, it takes an expert to keep up with this.

The point I was trying to make is that we have some of the absolute best people in the industry right here at WindowsBBS. That's not a Rah-Rah Pep talk, its a fact. Use the resources that are available to you on this board and you'll understand exactly what I'm talking about.