So my friend asked me to help her with her laptop, it was full of desktop pop ups and random malware. After a few hours iv removed all of it but one which i cant seem to permanently remove for good as it keeps coming back after reboot. Its called Optimizer Pro, after its uninstalled, it comes back with a desktop icon. I have Avast and Malwarebites installed and although they have both removed loads of crap they are not picking up Optimizer Pro at all. Also tried Kaspersky's rootkit removal tool (tdsskiller). Google search come up with lots of people with the same problem but no fix's. Thanks in advance!
Try safe mode, or look in start up folder for a link, or something like that. In the past I have found a link in the start up folder that looks odd, trace it round to a folder with the dodgy software. There is also another place to look, but after midnight my brain turns to mush. I'll dig it up in the morning, The other thing to try would be a Linux live boot disc, then scanning with some Linux av/malware, as it won't run anything like exe's or dll's etc that would otherwise be running in a windows environment ...
After digging around in appdata and removing edgy looking files seems to of done the trick. Will report back after a day or two to be sure its gone for good. Thanks for the replys.
Yup exactly what I was thinking of thanks! My brain was in a lot of different places last night, none of them had my full concentration.
Well been pottering about on the laptop for a few hours with a number of reboots and seems to of gone!
For future reference, try Revo Uninstaller. Will pick up almost everything, and will wipe every file that came along with it.
Auto runs is also pretty handy for looking up hidden startup nasties.... http://technet.microsoft.com/en-gb/sysinternals/bb963902.aspx
If all else fails, manually ripping out registry entries usually prevents the return of the mack(ware).
And for a fire-and-forget tool to deal with rubbish like this, Combofix very often gets it. It gets everything in the grey area between real infections and legitimate nuisanceware. Then ADWC and JRT get the latter. They only automate a process you can go through yourself with CCleaner, autoruns and digging through various folders, but they can be a time saver.
Something I like to do is to take the drive out, put it in an external enclosure, and scan it from another pc. Removes the safe mode hassle and all that. Plus, I'm usually too lazy to mess about with cables and connections (speaking for fixing desktops at least). Personally, I've yet to find something that malwarebytes hasn't been able to remove, but I'd imagine there are some more advanced viruses and malware that would require more effort to remove.
