Hunting down malware infections like aaa_soft

  • Thread starter Thread starter D-man
  • Start date Start date
D

D-man

I ran ad-aware se on my system and found 1500!
infections. I was able to remove all of them. However,
one folder refused to be deleted: aaa_soft. It actually
appeared in numerous places and I was successful in
removing all instances of it except one. This one folder
would not let me delete it no matter what I tried. I got
an error message saying "ERROR - Cannot delete folder."
When I tried to open the folder or any of the three sub-
folders, I got the error message: "Error - Cannot open
folder." I suspect this was the last remaining piece of a
huge network of linked reference in the registry and if I
had been able to remove it, it would have eliminated this
malware on my system altogether. Because I was not
successful in removing it, I still get a single pop-up ad
about every 10-15 minutes while I'm on-line. It always
opens the same way, usually to a page called paypopup or
something. Occasionally to something else.

I've searched and searched trying to find another instance
of aaa_soft in my registry, but haven't been able to. I
think it renamed and moved itself.

Can anyone provide further insight into the way this
particular malware works?
 
D-man said:
I ran ad-aware se on my system and found 1500!
infections. I was able to remove all of them. However,
one folder refused to be deleted: aaa_soft. It actually
appeared in numerous places and I was successful in
removing all instances of it except one. This one folder
would not let me delete it no matter what I tried. I got
an error message saying "ERROR - Cannot delete folder."
When I tried to open the folder or any of the three sub-
folders, I got the error message: "Error - Cannot open
folder." I suspect this was the last remaining piece of a
huge network of linked reference in the registry and if I
had been able to remove it, it would have eliminated this
malware on my system altogether. Because I was not
successful in removing it, I still get a single pop-up ad
about every 10-15 minutes while I'm on-line. It always
opens the same way, usually to a page called paypopup or
something. Occasionally to something else.

I've searched and searched trying to find another instance
of aaa_soft in my registry, but haven't been able to. I
think it renamed and moved itself.

Can anyone provide further insight into the way this
particular malware works?
Click to expand...

The first step is to reboot into safe mode and rescan with Ad-Aware,it
should be able to remove it then.
 
Back
Top