Removing malware experience
Mrs. F downloaded a virus while looking up information on baby crib safety – imagine that of all topics to use to add malware to a website. If their assumption is that people researching baby cribs are not as tech saavy, I suppose they are correct in this case as Mrs. F started to yell for my help. At least she is smart enough to recognize the pop-up saying that she needs to update her anti-virus software was in fact the virus.
As she works for a technology firm, she called her tech support and they tried some basic troubleshooting, telling her to download an anti-spybot program. Unfortunately, the virus actually blocks you from accessing much of the internet, so she wasn’t able to download the software. Her tech support then told her she needs to take the computer in to their in-person tech support staff to solve the problem.
As it’s a Saturday and she’s not really interested in waiting to visit tech support in person, she left it to good old Sigmoid to give it shot. Luckily, even with Google’s major overhall (which is maybe why she wound up on a Malware site in the first place) I was at least able to locate an excellent resource which seems to have worked in getting rid of the virus. (Briefly – I’d follow their recommendations in the two youtube videos, but then I’d download malwarebyte’s free program instead of the pay one they recommend).
The site links to some youtube videos which make things pretty clear and it actually doesn’t seem to have been too hard to get her back online, once I followed their steps. You just have to make sure that after you delete the virus file that you do turn off proxy settings in internet explorer. They provide a nice explanation in the second youtube video on how to turn off proxy settings.
In my case, renaming the file, rebooting, deleting the file, then removing proxy settings allowed me to get online and download some antispyboy software. Running her company’s recommended program (Spybot) detected 66 problems, but I’m none of them looks specifically like AV Security Suite. Perhaps one that is labeled under Microsoft Windows. I went ahead and had it fix all 66 problems.
I next downloaded Spyware Doctor with Antivirus as recommended on the above mentioned website. I’m guessing they get some kind of kickback as they have a special 10% off coupon code. Going to the spyware doctor website is a bit confusing as it says that there is a 30 day moneyback guarantee but then farther down it says it’s the easiest to use free spyware and antivirus scan. Something doesn’t add up. The program downloaded find and ran fine without asking for any form of payment. It ran and detected several more threats including one it labeled as a medium risk program that looks like it could be AV Security Suite. But – here comes the rub – you then have to PAY to use Spyware Doctor in order to delete the programs. That’s almost as bad as the malware programs approach.
I then resorted to a program I’ve used several times in the past with these types of problems: Malwarebyte’s Anti-malware which I’ve always had great luck with – and it really is free to use. There is a paid version which will allow real-time scans and some other features that I really don’t need (or at leats I don’t think I need). Running that scan found the proper spyware/malware, but then the computer gave me an error saying it couldn’t continue and I had to close the program. I restarted and aborted the scan as soon as it found the malware and then the program was able to successfully delete the program. I tried re-running malwarebyte’s but it again gave me the error part way through running.
I read up a bit on the malwarebyte’s forum and saw a few possible things causing the problem. I removed the program, ran the mbam-clean program, rebooted, etc etc, and reinstalled the program. I also deactivated the antivirus software to run another scan. Still didn’t work. I managed to do a quick scan though and that detected 4 more problems, and it successfully fixed and removed them. I still couldn’t get a full scan to work. Read some more – tried a few more things – nothing could get a full scan to work. I’m guessing it’s just a weird configuration on Mrs. F’s computer. At this point, it appears that I got rid of whatever was causing the problems, so I’m stopping here.
I hate malware and viruses. I wish someone found a way to sue the idiots who make and implement this crap – or at least find a way to force them to listen to Vuvuzela’s .