Wife's computer got malware

[tallyho8]

My wife's new computer is shut down right now because it got infected with "antivirus soft" malware while she was surfing Facebook.

Our eTrust antivirus program on the computer did not pick it up and stop it. Now it has control of her computer and I will have to use mine to download software and install on her computer in safe mode.

My question is "what is the best site to go visit to download a reliable removal tool for this malware?"

There are so many fake antivirus sites that are really viruses that I don't know who to trust anymore.

 

[Jimbrown]

This one will fix it right up. Did one a couple of days ago.

http://www.malwarebytes.org/

 

[GPintheMitten]

Some options for you...Symantec Norton's Antivirus, McAffe, or Avast. I've used Symantec (Norton's) and am using Avast now.

 

[NSBound]

I use SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware! . It seems to be doing a good job.

 

[/pine]

Most of the popular Anti-Virus programs do not protect against malware..in fact most of the new malware scripts the first thing they do is disable your anti-virus software etc...some malware will also prevent you from downloading the fixes from sites like malwarebytes.org

There is no single cure for multiple intrusions...I suggest following a guide set up by those in the industry...there are several computer forums that have removal guides...the one I recommend most often is here:
READ & RUN ME FIRST. Malware Removal Guide - MajorGeeks Support Forums

good luck

 

[charlz]

This one will fix it right up. Did one a couple of days ago.

Malwarebytes.org

I second this one for malware.

 

[Mickey_Fx]

Everyone has their own opinion and experience.

The first program that came to mind for me was the one Jim Brown mentioned, Malwarebytes.

Have had AVG on the machine for yrs and its OK but I've found it fast asleep several times when the laptop picked up a bug until Malwarebytes did a scan and only then did AVG wake up AFTER Malwarebytes found the offending bug.

Haven't allowed Norton software on my machine in years. First heard about Malwarebytes on the McAffe forum when a McAffe employee mentioned it when a customer couldn't rid his computer of a bug with McAffe's program.

 

[MossRoad]

My wife's new computer is shut down right now because it got infected with "antivirus soft" malware while she was surfing Facebook.

Our eTrust antivirus program on the computer did not pick it up and stop it. Now it has control of her computer and I will have to use mine to download software and install on her computer in safe mode.

My question is "what is the best site to go visit to download a reliable removal tool for this malware?"

There are so many fake antivirus sites that are really viruses that I don't know who to trust anymore.

Ain't E-Trust great? Grrrr. We have e-trust on our corporate stuff and we get hit by the Anti-Virus 2010 about twice a week.

As someone else mentioned, malwarebytes free edition will take care of it. However, they recommend you run a program called rkill.exe first. Rkill will stop the fake anti-virus from running, then you can install malwarebytes and do a complete scan. It will find and kill the malware. After that, it needs to reboot. After rebooting, you should uninstall malwarebytes and re-install it again and run it again. It has something to do with the malwarebytes program removing some of its own files to get rid of the infection.

Anyhow, it works.

 

[timswi]

Yup..Malwarebytes....Great tool..

 

[jinman]

I use SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware! . It seems to be doing a good job.

I had very good luck with SuperAnti-Spyware free version cleaning out my problem malware/spyware. On the infected system I could not download the software, so I had to do it on another system and transfer it on a thumbdrive. I also found that the malware (sysguard.exe and Anti-virus 2010) would not let me execute Windows Task Manager so I could look at running processes. If I opened Windows XP and immediately opened Task Manager, I could see the software executing and stop the process. That allowed me to search for the program and delete it. This let me have enough control that I could install Super Anti-Spyware. It found several infections and cleaned them out easily from my registry and other locations. I like Super Anti-Spyware so much that I paid for their professional version at $29. It just gave me a key number for unlocking the free version I'd already installed. I've been happy with the result.

 

[MossRoad]

... I also found that the malware (sysguard.exe and Anti-virus 2010) would not let me execute Windows Task Manager so I could look at running processes. ...;

That's where the Rkill.exe program does it's magic. It kills running malware and as long as you don't reboot(which will relaunch the malware) you can then install malwarebytes, or any other anti-malware/anti-virus program.

 

[Dutch445]

I have had great results with a site full of
helpful people that can guide you thru a cleanup.

What the Tech - Tech Answers

formely the tom coyote forum,
they will instruct to download , install, and update the
software "hijack this" and then run the program and post
it's result log for them to analyze, and they go from there.
here's a start page for that, again from the same source.

HijackThis Quick Start! | What the Tech

 

[beenthere]

Some options for you...Symantec Norton's Antivirus, McAffe, or Avast. I've used Symantec (Norton's) and am using Avast now.

My two grand daughters and grand son all got the malware and had Norton and McAffe antivirus operating at the time. Took about an hour of computer guru's time to fix the mess.

It has come up three times on my computer (looks just like a real windows program that says something like "27 virus's have been cleaned out, but there are 35 more detected" Do you want them cleaned up as well?
If you try to cancel, or try to X out of the window, you have taken the malware poison. I've found out if I turn the power off and reboot the system, then I avoid taking in the malware (worked so far).

 

[pennwalk]

Tally,
I have heard that Mac computers have a much lower incidence of malware/spyware/virus. If it happens often maybe it would be worth switching. I wouldn't want you to think that just because I have some Apple stock in my IRA that I am trying to influence you in any way.

Chris

 

[tallyho8]

This one will fix it right up. Did one a couple of days ago.
Malwarebytes.org

The votes seemed to be for this site so I used it. It had very good instructions for a novice like me to follow and I easily followed their instructions and have cleared my wife's computer of malware.

My wife and I thank all of you for your quick responses and I have earned enough brownie points now that she may allow me to get two hurricanes tomorrow (Mardi Gras Day).

One important thing that I learned and stressed to my wife was the fact that if a window pops up on the computer telling you that it has a virus, don't click on it and don't even click on the X to close it because this rogue program usually installs the virus on your computer. Simply unplug your computer and reboot and hope the window doesn't pop up again.

 

[buckeyefarmer]

Yea, I got AVG once because someone in the house clicked on it.

 

[JB4310]

don't click on it and don't even click on the X to close it because this rogue program usually installs the virus on your computer. Simply unplug your computer and reboot and hope the window doesn't pop up again.

I just went through this the other day, The Norton tech told me when you click the X you are giving permission for the software to download, basically an executable fie (EXE) the more you try and close it the stronger it gets.

They told me that you can close a suspicious window or pop-up by hitting keys; (Alt F4), that prevents the hijack.

I had it bad, some kind of fake windows security update, couldn't even go online, they had to talk me through a tricky work around to create a new user account just to get on line, then they did the remote access thing, it's pretty cool seeing them work on your computer from the other side of the world.

Costs $99. but worth it when you really need it, like I said I couldn't even get online so that free site would not of helped.
I asked them why I should have to pay since I have their Internet security package, but they said when you click on an executable file they can't stop it?

This type of virus is not about just causing you aggravation, thought up by some mischievous geeks. This is a well organized attempt at large scale identity theft.

JB.

 

[MossRoad]

Yea, I got AVG once because someone in the house clicked on it.

AVG is a very good anti-virus program. I think you might mean you got the fake anti-virus program because someone clicked on it.

 

[MossRoad]

I can't emphasize enough how important it is for people to have an anti-virus program AND an anti-spyware program AND a firewall/router, AND a good backup of your important data on a physically different device like an external USB drive.

Even with all of those, however, things like this nasty Anti-Virus 2010 still get in by getting YOU to install it for them by clicking on it. It resides in an advertisement on a website. You go to a website (even legitimate websites are infected with this thing) and a screen pops up telling you you are infected and need to click on a button to scan your computer. You click it because it looks official. You just installed it. This thing is insidious. Protect your data and don't be fooled by fake warning screens.

Read about it here.... (if you trust clicking on this link ).
How to remove Antivirus 2010 (Uninstall Instructions)

 

[jinman]

Even with all of those, however, things like this nasty Anti-Virus 2010 still get in by getting YOU to install it for them by clicking on it. It resides in an advertisement on a website. You go to a website (even legitimate websites are infected with this thing) and a screen pops up telling you you are infected and need to click on a button to scan your computer. You click it because it looks official. You just installed it. This thing is insidious. Protect your data and don't be fooled by fake warning screens.

Read about it here.... (if you trust clicking on this link ).
How to remove Antivirus 2010 (Uninstall Instructions)

Yeah Moss, what gave me the instant clue was that it popped up a window that looked like My Computer and started counting "viruses" it found. I glanced at the screen and realized that it was not a copy of My Computer on my system. It was a bogus screen. I immediately shut it down, but it turns out my wife was not as savvy as I am, and she did the wrong thing. It got into our system and no matter how many times I deleted its files, it kept coming back until I cleaned it out with Super Anti-Spyware.