• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs

Not what you are looking for? Ask the experts!

Kudos4

scorpion saver adware by adpeak

This malware is horrid and difficult to remove. Stilworking on it. Why doesn't norton fix this?

Replies

Kudos0

Re: scorpion saver adware by adpeak

This malware is horrid and difficult to remove. Stilworking on it. Why doesn't norton fix this?

Kudos2

Re: scorpion saver adware by adpeak


soho1 wrote:

This malware is horrid and difficult to remove. Stilworking on it. Why doesn't norton fix this?


Hi,

Sorry you're having a problem. Norton is not designed to fix 'everything'. In fact it is impossible for any single security product to protect you 100% of the time from the thousands of threats released daily.

For qualified assistance I'd recommend that you choose one of the free sites listed and work with one of the trained volunteers there who will walk you through the cleanup process

http://www.bleepingcomputer.com
http://forums.whatthetech.com/
http://www.geekstogo.com/forum/
http://www.cybertechhelp.com/forums/

Keep us posted

Dick Win7x64 SP1 current NSBU
Kudos1

Re: scorpion saver adware by adpeak

The question which has not been answered

"Why doesn't norton fix this?"

 

 

That is because Scorpion Saver is a PUP,  It also uses a Service to run.   PUP's unless theu have crossed the line are not detected by Most AV's

 

Quads

Kudos0

Re: scorpion saver adware by adpeak


Quads wrote:

The question which has not been answered

"Why doesn't norton fix this?"

 

 

That is because Scorpion Saver is a PUP,  It also uses a Service to run.   PUP's unless theu have crossed the line are not detected by Most AV's

 

Quads


Thanks for the save.

Dick Win7x64 SP1 current NSBU
Kudos0

Re: scorpion saver adware by adpeak

It's not for you or the others.

Quads

Kudos0

Re: scorpion saver adware by adpeak

Understood, still appreciated

Dick Win7x64 SP1 current NSBU
Kudos0

Re: scorpion saver adware by adpeak

Kudos1

Re: scorpion saver adware by adpeak

I have it now too. I have Malaware installed, and it keeps removing it, but it keeps coming back after each reboot.

I have tried regedit, and uninstalled it many times. It is not listed on IE as anything, but probably disguised.

So, due to its malevalence, and increasing spread, please add Scorpionsaver to your list of malware to be uninstalled and just as importantly, block it from being installed in the first place.

Kudos0

Re: scorpion saver adware by adpeak

By installing itself without my permission and then  making itself impossible to remove, crosses the line.

BTW, when you try to uninstall it, you get an error, "software\wow6432node\microsoft\windows\current\version\browser\helper object failed to be removed.

Kudos0

Re: scorpion saver adware by adpeak


Wayned10 wrote:

I have it now too. I have Malaware installed, and it keeps removing it, but it keeps coming back after each reboot.

I have tried regedit, and uninstalled it many times. It is not listed on IE as anything, but probably disguised.

So, due to its malevalence, and increasing spread, please add Scorpionsaver to your list of malware to be uninstalled and just as importantly, block it from being installed in the first place.


Please use one of these free sites to get trained assistance in the removal process

http://www.bleepingcomputer.com
http://forums.whatthetech.com/
http://www.geekstogo.com/forum/
http://www.cybertechhelp.com/forums/

Keep us posted

Dick Win7x64 SP1 current NSBU
Kudos0

Re: scorpion saver adware by adpeak

It is still considered a PUP, even though the one I tested on my machine came with another PUP.

Quads

Kudos0

Re: scorpion saver adware by adpeak


soho1 wrote:

This malware is horrid and difficult to remove. Stilworking on it. Why doesn't norton fix this?


Hi,

No single security product can protect you 100% of the time from 100% of the thousands of threats released daily. For qualified assistance in getting your machine cleaned please select one of the free sites listed and before posting, read and be prepared to follow their rules

http://www.bleepingcomputer.com
http://forums.whatthetech.com/
http://www.geekstogo.com/forum/
http://www.cybertechhelp.com/forums/

They all have trained volunteers who can do the job. Stick with one and you will get the best results

Dick Win7x64 SP1 current NSBU
Kudos0

Re: scorpion saver adware by adpeak


Quads wrote:

It is still considered a PUP, even though the one I tested on my machine came with another PUP.

Quads


Looks like you can't even trust PUPs to play by the rules

Dick Win7x64 SP1 current NSBU
Kudos0

Re: scorpion saver adware by adpeak

Scorpionsaver has infected my machine. No solution found. Norton Symantec Please help! If Norton does not offer help to remove unwanted programs like this I do not feel that they are worthy of service renewal. It makes me wonder if Norton may be colluding with advertisers. Symantec..... Please help!

Kudos0

Re: scorpion saver adware by adpeak


DavisPH wrote:

Scorpionsaver has infected my machine. No solution found. Norton Symantec Please help! If Norton does not offer help to remove unwanted programs like this I do not feel that they are worthy of service renewal. It makes me wonder if Norton may be colluding with advertisers. Symantec..... Please help!


Welcome,

First; No single security program can protect you 100% of the time from 100% of the threats that are being released by the thousands daily.

Second; Symantec / Norton concentrates on malware that will damage your hardware and / or software. PUPs are a PITA but they do not destroy anything.

Third; Many of us recommend that you keep an on demand, free scanner on your desktop to run regularly. I run one of the two I keep handy every few days.

Lastly, if you can find a better security product please switch to it. I don't know of one.

We'll be here when you need us. Til then

Stay well and surf safe

Dick Win7x64 SP1 current NSBU
Kudos0

Re: scorpion saver adware by adpeak

I posted a fix earlier in the thread

Kudos1

Re: scorpion saver adware by adpeak

I followed your "fix" to an unmanned sight that provides links to four different tools, at least one of which could cause considerable damage.  The site owner then posts that if the user is still having trouble, he can post on a different site and go to his malware removal forum.

That is not a fix.

Under certain circumstances profanity provides relief denied even to prayer.Mark Twain
Kudos0

Re: scorpion saver adware by adpeak


delphinium wrote:

I followed your "fix" to an unmanned sight that provides links to four different tools, at least one of which could cause considerable damage.  The site owner then posts that if the user is still having trouble, he can post on a different site and go to his malware removal forum.

That is not a fix.


That's odd insofar as that "fix" (and many others on that site) has helped countless people I've recommended it to on twitter.

You obviously don't know what you're doing and you're probably best served taking it to a technician

Kudos3

Re: scorpion saver adware by adpeak

It's one thing to offer malware removal advice, but what happens if something goes wrong?

Someone who knows what they are doing and is working one on one in a protected environment can fix any problems caused by running 'advanced' tools.

Windows 7 Home Premium x64 SP1 *** Norton 360 v21.6.0.32
Kudos0

Re: scorpion saver adware by adpeak

scorpion saver  was not found by a lot of auto tools  but can be done using scripts and OTL etc.   

 

As far as I know and this is just for scorpion saver, nothing else extra also lurking,  MBAM updated detects scorpion saver  (including the service) as (PUP.Optional.Scorpion Saver)

 

Just for users with scorpion saver  only.

 

Hopefully my last message on this forum explains the difference of what we do, and the difference and those that don't.   

 

As long as users follow Instructions when something does go wrong, and it does from time to time, we still fix the added problem via script or without Windows booting.

 

There is more than 1 scorpion saver  in terms of the way they work

 

Quads

 

Kudos2

Re: scorpion saver adware by adpeak

"You obviously don't know what you're doing and you're probably best served taking it to a technician"

Absolutely!  But you also don't see me saying, try this or try that, or oh well, happens.  Better go to a tech!   We've seen too many users here with no system disc, no way of reloading if something goes wrong, barely enough English to follow instructions, and no money for "Go to a tech" 

Under certain circumstances profanity provides relief denied even to prayer.Mark Twain
Kudos0

Re: scorpion saver adware by adpeak

"You obviously don't know what you're doing and you're probably best served taking it to a technician"

 

 

It other words take it to a malware removalist.  Meaning the likes of Quads and other removers who do know what they are doing. with instructions, logs, and so on.

 

Quads

Kudos0

Re: scorpion saver adware by adpeak


Krusty13 wrote:

It's one thing to offer malware removal advice, but what happens if something goes wrong?

Someone who knows what they are doing and is working one on one in a protected environment can fix any problems caused by running 'advanced' tools.



Krusty13 wrote:

It's one thing to offer malware removal advice, but what happens if something goes wrong?

Someone who knows what they are doing and is working one on one in a protected environment can fix any problems caused by running 'advanced' tools.



Krusty13 wrote:

It's one thing to offer malware removal advice, but what happens if something goes wrong?

Someone who knows what they are doing and is working one on one in a protected environment can fix any problems caused by running 'advanced' tools.


Do you mean "one on one" and "can fix any problems" behind the veil of a forum in the comfort of their living room??


Kudos0

Re: scorpion saver adware by adpeak


delphinium wrote:

"You obviously don't know what you're doing and you're probably best served taking it to a technician"

Absolutely!  But you also don't see me saying, try this or try that, or oh well, happens.  Better go to a tech!   We've seen too many users here with no system disc, no way of reloading if something goes wrong, barely enough English to follow instructions, and no money for "Go to a tech" 



delphinium wrote:

"You obviously don't know what you're doing and you're probably best served taking it to a technician"

Absolutely!  But you also don't see me saying, try this or try that, or oh well, happens.  Better go to a tech!   We've seen too many users here with no system disc, no way of reloading if something goes wrong, barely enough English to follow instructions, and no money for "Go to a tech" 



delphinium wrote:

"You obviously don't know what you're doing and you're probably best served taking it to a technician"

Absolutely!  But you also don't see me saying, try this or try that, or oh well, happens.  Better go to a tech!   We've seen too many users here with no system disc, no way of reloading if something goes wrong, barely enough English to follow instructions, and no money for "Go to a tech" 


And I've seen too many users thank me profusely and take great pride in being able to fix something that seemed completely irredemable without having to spend tons of money for a tech whose credentials may be dubious at best and could very well make the problem worse, or create new ones down the line. I've personally encountered enough of those


Kudos0

Re: scorpion saver adware by adpeak


Quads wrote:

"You obviously don't know what you're doing and you're probably best served taking it to a technician"

 

 

It other words take it to a malware removalist.  Meaning the likes of Quads and other removers who do know what they are doing. with instructions, logs, and so on.

 

Quads


For some people that's the best course of action. For a good amount with some know how, study and patience, there's a very good chance you can do it yourself. If the choice was bringing it to Erik Loman or Jerome Segura and doing it yourself, I would say all things considered bring it to them. You're not either of them - you're pretentious and more interested in showing off how much you know than in actually helping anyone.

Kudos0

Re: scorpion saver adware by adpeak

No!

Windows 7 Home Premium x64 SP1 *** Norton 360 v21.6.0.32
Kudos0

Re: scorpion saver adware by adpeak

Think what you like.  Yiu have said you have NONE  so it means you have far less than me as I trained, in the use of tools, infect my system, learn systems, symptoms etc..

I can see why you have none as you think the training and working on tools and proccedures etc  as stated "Yours or their training is essentially useless"

I have also helped Techs and repair shops 100's of system fixed over the net, helped other Malware removers who are trained, also shops like retail stores and supermarkets etc. I also remove the malware From my system myself when testing,  I have 

All I can say is your admitting to none for training etc.  When people have none that is what makes it  dangerous and what makes a forum that is not protected dangerous as people with no training turn up..

"showing off how much you know than in actually helping anyone"   I do help users with infected systems  you just choose not to see them.   and that is fine to as I could see that  what I have done in fixing the systems in the correct steps is "essentially useless"  

 

But the people that count are the people I have fixed their system for and Malware removers all do what I do.

 

Quads

Kudos0

Re: scorpion saver adware by adpeak


Quads wrote:

Think what you like.  Yiu have said you have NONE  so it means you have far less than me as I trained, in the use of tools, infect my system, learn systems, symptoms etc..

I can see why you have none as you think the training and working on tools and proccedures etc  as stated "Yours or their training is essentially useless"

I have also helped Techs and repair shops 100's of system fixed over the net, helped other Malware removers who are trained, also shops like retail stores and supermarkets etc. I also remove the malware From my system myself when testing,  I have 

All I can say is your admitting to none for training etc.  When people have none that is what makes it  dangerous and what makes a forum that is not protected dangerous as people with no training turn up..

"showing off how much you know than in actually helping anyone"   I do help users with infected systems  you just choose not to see them.   and that is fine to as I could see that  what I have done in fixing the systems in the correct steps is "essentially useless"  

 

But the people that count are the people I have fixed their system for and Malware removers all do what I do.

 

Quads


As I said, I can line up for miles all the people I've helped. And without any of the "training" you babble on about.

And you still never said what guarantee you give for a satisfactory outcome of your work. I'm sure it's none. It's just like rolling the dice with you, all your "training" notwithstanding

Kudos2

Re: scorpion saver adware by adpeak

jmachats

All we are trying to point out is that you are suggesting users go to sites with advanced tools that have the ability to disable a users Windows installation if not used properly, that have no experts on hand to supervise.

In the forums here, we prefer to take a safe route by only suggesting basic scanning tools, and if those do not help, we recommend one of the free Malware Removal sites.

The fact that you may have not had anyone you 'Helped' run into this kind of trouble is fortunate. What would you have done if someone had come back to you saying that the tool you suggested caused their Windows to not boot?

Things happen. Export/Backup your Identity Safe data.
Kudos0

Re: scorpion saver adware by adpeak


peterweb wrote:

jmachats

All we are trying to point out is that you are suggesting users go to sites with advanced tools that have the ability to disable a users Windows installation if not used properly, that have no experts on hand to supervise.

In the forums here, we prefer to take a safe route by only suggesting basic scanning tools, and if those do not help, we recommend one of the free Malware Removal sites.

The fact that you may have not had anyone you 'Helped' run into this kind of trouble is fortunate. What would you have done if someone had come back to you saying that the tool you suggested caused their Windows to not boot?



peterweb wrote:

jmachats

All we are trying to point out is that you are suggesting users go to sites with advanced tools that have the ability to disable a users Windows installation if not used properly, that have no experts on hand to supervise.

In the forums here, we prefer to take a safe route by only suggesting basic scanning tools, and if those do not help, we recommend one of the free Malware Removal sites.

The fact that you may have not had anyone you 'Helped' run into this kind of trouble is fortunate. What would you have done if someone had come back to you saying that the tool you suggested caused their Windows to not boot?


I'd tell them any malware removal is inherently risky (which is the first thing I've told several), you don't know that the tool caused the machine to not boot (a huge assumption considering your machine is infected) and to grab your disc and reinstall your OS

That's what I'd tell them

Kudos0

Re: scorpion saver adware by adpeak


jmachats wrote:


I'd tell them any malware removal is inherently risky (which is the first thing I've told several), you don't know that the tool caused the machine to not boot (a huge assumption considering your machine is infected) and to grab your disc and reinstall your OS

That's what I'd tell them


Our point is that the malware removal experts at the sites we recommend are able to monitor the user's system from the start of the procedure, and should the system be or become unbootable, they have to tools and expertise to repair the system without reinstalling the OS and losing all the data on the system.

Quads has also made mention of some extremely nasty malware that can survive a drive format and OS reinstall. The experts would be the ones to eradicate that kind of infection. I do not think you would find a non expert using any tools, advanced or not, that could fix that kind of problem.

Things happen. Export/Backup your Identity Safe data.
Kudos0

Re: scorpion saver adware by adpeak


peterweb wrote:

jmachats wrote:


I'd tell them any malware removal is inherently risky (which is the first thing I've told several), you don't know that the tool caused the machine to not boot (a huge assumption considering your machine is infected) and to grab your disc and reinstall your OS

That's what I'd tell them


Our point is that the malware removal experts at the sites we recommend are able to monitor the user's system from the start of the procedure, and should the system be or become unbootable, they have to tools and expertise to repair the system without reinstalling the OS and losing all the data on the system.

Quads has also made mention of some extremely nasty malware that can survive a drive format and OS reinstall. The experts would be the ones to eradicate that kind of infection. I do not think you would find a non expert using any tools, advanced or not, that could fix that kind of problem.


That's interesting. Such a support apparatus (monitoring system from begining to end, repairing system without data loss and reinstall) didn't sound like anything I've encountered at malware removal forums but just to double check I asked Adam from BleepingComputer.

He didn't concur that any of those procedures were in place.

Kudos0

Re: scorpion saver adware by adpeak


peterweb wrote:
Our point is that the malware removal experts at the sites we recommend are able to monitor the user's system from the start of the procedure, and should the system be or become unbootable, they have to tools and expertise to repair the system without reinstalling the OS and losing all the data on the system.

Quads has also made mention of some extremely nasty malware that can survive a drive format and OS reinstall. The experts would be the ones to eradicate that kind of infection. I do not think you would find a non expert using any tools, advanced or not, that could fix that kind of problem.


That's a very good point.   One example of this, with a standard (default) two-partition Win 7 HDD install (the "System Reserved" and main partitions) is that the Master Boot Record is not located in either partition.  I wasn't aware of this until recently.  I had thought the the MBR resided within the System Partition.

Since the MBR (512 bytes) is located at Sector 1 on the HDD and the first partition begins at Sector 2048, the MBR won't be removed if the partitions are deleted.

The part that's interesting to me is the part where someone will reinstall the OS (in this case Win 7 as an example) and still have an infection/issue present on their HDD.  This assumes that there's no BIOS issue in this example (ie no prior BIOS intrusion).  I would have thought that a new OS install would write over the orignal MBR and create a new MBR in the same place on the HDD. That's only my uneducated guess on how it would work though.

When using a cloning tool or restoring a full-disk Image, the orignal MBR will get overwrtten since the entire HDD gets copied over to the Target HDD.

If a rootkit is present in the MBR and the user removes, deletes the partitions and reformats the HDD, the infected MBR would still be residing on the HDD.

In that event, one could use a disk-wipe utility such as DBAN or a similar tool to overwrite the HDD.

When I removed an infected HDD last year, in the bad old days before I joined the Norton AV gang , I removed the HDD and booted up with a HDD utility tool, deleted the partitions and ran a disk-wipe tool on the HDD. 

Then I recloned that same HDD, installed it and booted up, ran with it a while and returned it to the shelf as a tested replacement HDD.

Kudos4

Re: scorpion saver adware by adpeak

Yes, MBR is not the only thing that can survive a reformat, but other malware using other techniques.

That is why we use logs to confirm what is suspected by what the user said or to see what variant.  OR go OH OH OH, you are infected by more than what Norton is detecting or what you are seeing.

In theory for instance the system that had Zeroaccess + Pihar and maxSS (active partition) would have survived a reformatand fresh install Windows.

The classic  "So I reformatted my Hard Drive, Installed Windows and Norton, and it is still there".

Quads

Kudos0

Re: scorpion saver adware by adpeak

It took me several days, but I was finally able (fingers crossed!) to get rid of Scorpion Saver in the following way:

1.  I used Revo Uninstaller Pro to remove the Scorpion Saver Program along with all traces it could find..

2.  I ran MalwareBytes using their latest, updated database.  (I think they have been working hard on this, because when I tried MalwareBytes last week, it missed something, and Scorpion Saver mysteriously reappeared as an installed program.)

So far, so good. 

I strongly suggest running MalwareBytes every day or so with their latest database update--at least until it stops coming up with any pieces of Scorpion Saver or other PUPs.

Kudos0

Re: scorpion saver adware by adpeak

PS:  Use Malwarebytes to clean any backup hard drives and USB thumb drives as well.  When I first ran Malwarebytes to try to get rid of Scorpion Saver, it found "PUP"s on these as well.

Good luck!

Replies are locked for this thread.