OT: "Internet Security 2010"

[Chad Thorne]

Has anybody else picked up this bloody spyware program? Any suggestions on how to get rid of it?

[MoodyBluesKeys]

MalwareBytes can remove it, IF you can get it installed. You may have to rename the executable and run in safe mode. You may also have to run it more than once. There was a similar program last year that I spent over 8 hours removing from a client's computer.

 

Sometimes, it is necessary to use some of the programs that can kill a process even when the process won't let Task Manager kill it. This particular spyware also hides some files that are capable of reinstalling it after a reboot - it is nasty to remove.

 

Proactive steps for those not infected - have MalwareBytes already installed, and keep it updated. It is not a traditional anti-virus program, it does not run in the background and keep stuff out, but it does get rid of some stuff that none of the major A/V and A/S programs find.

 

Be sure to make a Google search to find out any filenames to hunt for and delete to keep it from coming back.

 

[Chad Thorne]

Thanks, MBK. I actually had Malwarebytes loaded on already. I ran it for about 2.5 hrs. last night & got frustrated & shut it down. I'm going to run it today until it finishes its scan.

[Paul K]

I ran it for about 2.5 hrs. last night & got frustrated & shut it down.

 

That makes me think that maybe nothing was happening. Before I start these things I often make task manager run in the background to see if things are actually happening or if the computer is just locked up.

 

My father's computer had some real cranky virus. I had to load malwarbytes and others onto a USB dongle from my computer, run his computer in safe mode, and run the antivirus thingies from the dongle. That worked. I have also used an old but functioning hard drive set as the master to load the operating system and the antivirus things, and set the original "dirty" hard drive as a slave, then run the antivirus things in safe mode.

 

I feel for you. Might be easier to reformat and start over.

[MoodyBluesKeys]

One of the symptoms of the earlier version was that MalwareBytes would be started, but never finish loading. The name of the executable program is mbam.exe - and the virus looks for that name and prevents it from fully running. copy it (in the same directory to a new file name (like "chad.exe") then try starting it with chad.

 

[Chad Thorne]

I feel for you. Might be easier to reformat and start over.

Do you mean reload Windows? Because I can do that.

[Paul K]

yes, but more. If you end up choosing this route, you'll need to reformat the hard drive. That wipes out everything on your hard drive, and you're starting from square one. After re-installing the software that came with your computer, you'd end up with the same computer that you originally bought. It's a lengthy process, and you'd have to either save all your data beforehand, or do without. And then you'd have to reinstall all the software that you had on the machine, and re-do all the windows updates that gets your machine up to current standards. It's best done next Sunday when there are a couple football games to watch, and beer to be drunken. Each step takes a long time and the machine need so to be rebooted a bunch of times; hence the need for the NFL and it's frequent commercial breaks. It's guaranteed to work, but is a hassle. Try the other stuff first.

[blackbass]

www.ubuntu.com - Free yourself from the licensed tyranny, and the viruses.

[Chad Thorne]

Well, Staples offers "EasyTech." For 129 bucks a tech connects into your PC remotely and cleans it out, etc. Pretty cool. I went that route and it worked wonderfully.

 

Blackbass, thanks for the link to Ubuntu. I'll check it out.

[slowfinger]

My day job is computer technician in a K-12 school where I look after about 600 laptops, and this kind of malware (comes in several varieties but all produce many annoying popups which make the 'pooter practically impossible to use) is one of the banes of my life. While the A/V software we use is supposed to detect and remove this kind of thing, it does not reliably fix the problem. The best way for me to fix it is to re-image the machine, but this is often the worst way for the student, as they have to reinstall all their precious apps (Skype, iTunes etc).

 

An A/V tool that works well for us is a bootable CD with Sophos SAV32CLI on it - we make a new one about once a week with fresh signatures on it. It's not too hard to use and works fairly well. Sometimes several runs are needed. (see http://www.sophos.com/support/knowledgebase/article/13251.html )

 

As for Ubuntu - it's one of the easiest linuxes to install and use, it works well alongside Windows and installing new software is a breeze - once you suss out how to do it.

[Paul K]

This Ubuntu thing. I couldn't find the system requirements on the web site. I ask because I have an ancient laptop that I use at work for e-mail, etc....not for saving work documents. It was originally a win 98 machine, and it sort of chokes on win2000 pro. Is this a sufficient machine for Ubuntu?

 

Never mind....I found it.