If you use e-mail, then you know that SPAM has become an epidemic in recent years. The problem with SPAM these days is that the creators make the e-mails look so legitimate that often a user receiving the e-mail won't know it is actually SPAM until it is too late. This is shown with a new SPAM being sent with the subject of CNN.com Daily Top 10 or CNN Alerts: Breaking News. The CNN.com Daily Top 10 or CNN Alerts SPAM pretends to be a legitimate e-mail from CNN where they link to the Daily Top 10 stories or breaking news alerts. In reality, though, none of the components of this SPAM/Malware infection are related to CNN at all. Instead, when you click on any of these links, you will be taken to a site and be presented with a screen stating that your Flash player is the incorrect version and that your browser cannot display the site without you downloading the newer version first. It will then prompt you to download the get_flash_update.exe or adobe_flash.exe file, which are actually Trojans. The get_flash_update.exe and adobe_flash.exe files are detectable by most anti-malware companies as the following names:
If the get_flash_update.exe or the adobe_flash.exe file is downloaded and installed on your computer, they will proceed to download further malware that are set to start on your computer automatically when you reboot. When the whole infection process is complete, you will notice a variety of changes have occurred. The first change you will notice is that your Windows desktop background has been changed to a warning stating that Spyware was detected on your computer. Next, your screen saver will be changed to use SysInternals BlueScreen Screen Saver, which when running, emulates your operating system crashing into a blue screen of death. Some of the messages that will appear on this blue screen are:
Though the screen saver will make it appear that your computer has crashed, and even make it look like your computer is rebooting, in reality it still is only a screen saver. Simply press the space bar and you will go right back to your desktop. The malware will also disable your ability to change your desktop or screen saver by modifying the Windows Registry so that the tabs to change these settings are not visible. Last, but not least, the CNN Daily Top 10 malware will also download and install a rogue anti-spyware program onto your computer. Currently the rogue being installed is one called Antivirus XP 2008. This program will automatically run and scan your computer. When done, it will display a variety of false risks on your computer that cannot be removed unless you first purchase the software. Please do not buy this software, but rather use the guide below to remove all of the malware installed by this SPAM.
This guide will walk you through removing the CNN.com Daily Top 10 and CNN Alerts malware pack .
Self Help Guide
If you are uncomfortable making changes to your computer or following these steps, do not worry! Instead you can get free one-on-one help by asking in the forums.
- Print out these instructions as we will need to close every window that
is open later in the fix.
- At this point you should download Malwarebytes Anti-Malware, or MBAM, to scan your computer for any any infections or adware that may be present. Please download Malwarebytes from the following
location and save it to your desktop:
Malwarebytes Anti-Malware Download Link (Download page will open in a new window)
- Once downloaded, close all programs and Windows on your computer, including
- Double-click on the icon on your desktop named mb3-setup-1878.1878-22.214.171.1249.exe.
This will start the installation of MBAM onto your computer.
- When the installation begins, keep following the prompts in order to continue
with the installation process. Do not make any changes to default settings
and when the program has finished installing, make sure you leave Launch
Malwarebytes Anti-Malware checked. Then click on the Finish button. If MalwareBytes prompts you to reboot, please do not do so.
- MBAM will now start and you will be at the main screen as shown below.
Please click on the Scan Now button to start the scan. If there is an update available for Malwarebytes it will automatically download and install it before performing the scan.
- MBAM will now start scanning your computer for malware. This process can
take quite a while, so we suggest you do something else and periodically
check on the status of the scan to see when it is finished.
- When MBAM is finished scanning it will display a screen that displays any malware that it has detected. Please note that the infections found may be different
than what is shown in the image below due to the guide being updated for newer versions of MBAM.
You should now click on the Remove Selected button to remove all the listed malware. MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so. Once your computer has rebooted, and you are logged in, please continue with the rest of the steps.
- You can now exit the MBAM program.
- Now that MBAM has removed the Malware, we need to restore some of your settings
back to their defaults and clean up some extra items. The first thing we are
going to do is delete the rogue anti-spyware icons left in your Start Menu.
To do this click on the Start button and then right-click on each of the Antivirus
XP 2008 icons and select the Remove from This List option.
Once you have removed the two icons, please continue with the next step.
- Right-click on an empty portion of your desktop and left-click on the Properties
- You should now be in your display properties at the Theme tab. In the Theme:
drop down menu, select the Windows XP theme. Once selected,
click on the Apply button and then the OK
button. This will reset your desktop colors and background back to the original
Windows XP defaults.
- At this point you can customize your computer's display settings as you
Your computer should now be free of the CNN.com Daily Top 10 and CNN Alerts: Breaking News program. If your current anti-virus solution let this infection through, you may want to consider purchasing the PRO version of Malwarebytes Anti-Malware to protect against these types of threats in the future.