4:56 PM
Nobody
Most virii and malware/spyware programs are quietly stealing information in the background. key loggers and other malicious goodness steal your personal information and send it off to a scammer somewhere in Russia, or Nigeria, maybe Greenland? I don't know. There are however, a new breed of computer bugs out there that are adept at fighting dirty. These new binary bad guys have a two pronged approach aimed at forcing you to give up your personal information and your wallet. The Fake Anti-Virus..uhh...virus.
These sometimes convincingly real fake anti-virus programs are best known for their ability to give you a headache. After infecting your system they go to work making sure that your real anti-virus or anti-malware program stops working all-together. Then they go to work adding more malicious software to your machine. Now that your unprotected, and infected, they cleverly pop-up on your screen and tell you that...YOU HAVE A VIRUS!!! Dismissing the box only works for a short time before it pops up again. If you have the good sense to know this is not your anti-virus program and you try to clear it out you are met with a massive roadblock.
Your anti-virus programs won't work. To make matters worse, they make changes to your connection settings that block or redirect any attempt to access a good portion of sites that contain real anti-virus or anti-malware programs. Should you not know what the cause is and decide to "Scan For Infections" as the increasingly annoying pop-up screen informs you to do. It will inevitably find a host of real and make-believe viruses to scare you out of your wits. So far, so good, right? It found the viruses, and there is this button that says click here to clean my system. So you click the button and it tells you that you need to go to 'websiteX' and purchase the full version of the program. So you miraculously manage to make it to this convincing looking website, where you input your credit card information and get to enjoy your bevy of viruses, and the phone call from your bank telling you your checking account is now empty. Probably over drawn, and you owe them a boatload of fees.
There is a way to save yourself, but it's going to take a lot of patience, and the ability to suppress the urge to throw your computer out of a window..into a fire, than hit with a baseball bat, dousing it in acid, than throwing it into the river with a rock tied around it. I'm going to give you a quick guide to possibly getting yourself back on the right track.
Since the virus/malware has disabled your anti-virus, you are going to need to find some more. The easiest way to get yourself a USB stick/key/drive/etc. and bring it to an uninfected computer. You will need a few tools to guarantee that you get the job done right. The three programs I use for clearing out malware are: Malwarebytes Anti-Malware, SuperAntiSpyWare, and Spybot-Search and Destroy. Why all three? Because even though Malwarebytes is usually good enough, it has a flaw, it doesn't store it's virus database in the same directory as it's installed, so until you can get past the roadblock the fake anti-virus put up, it's not going to do anything.Reboot the computer in Safe-Mode(Press F8 during startup and choose the safe-mode+networking support option.) Run Spybot, Than SuperAntiSpyware. This should clear out a good portion of the nasties on your machine.
Before I go any further let me give you the full list of things I keep on my USB virus fighter toolkit.
1.Malwarebytes AntiMalware
2.Spybot-Search and Destroy
3.SuperAntiSpyWare
4.ccleaner(Cleans out Temporary Files where viruses sometimes hide.)
5.Spyware Terminator(This program, along with Spybot have tools that will actually help protect you from reinfection by blocking access to harmful sites, and making sure changes don't get made to important settings.)
6.IObit 360(This is an anti-virus/Malware program that is not the best, but it is still under the radar enough, that the virus makers don't take the time to block it from internet updates.
7.Hijack This(Provides a list of information about running programs to help determine where the viruses are hiding.)
There are also a few defragmenting tools, and a copy of Avast anti-virus(It's free and user friendly.) to install on the clients machine after I'm done clearing out their problems.
7.SmitFraud Fix(an advanced tool for clearing out certain types of infections.)
Once you've run the first two programs try getting Malwarebytes installed and see if it will update. If it doesn't run ccleaner and clear out the temporary internet files, than run IObit. You should hopefull be able to run and update Malwarebytes by this time. This program should clear out the last bits of the junk. When it's done run the inoculation tools in Spybot and Spyware Terminator to help safeguard your machine. You can also turn on "Tea-Timer" a program that is a part of Spybot that will stop malicious programs from changing settings like your internet homepage. Restart and see how everything looks. Install a fresh anti-virus program like Avast and be sure to stay away from any more bad sites. There are tools out there such as WOT(Web of Trust)that displays information about the safety of a given website. Green is good, Yellow is suspicious, Red is bad. Pretty straight-forward.
The one thing I failed to mention is, depending on the level of infection, and the speed of your system, these scans can take quite some time, so you might want to go get some coffee, or rent a movie while you wait. Just a thougt. I hope this article helps you get back on the right track and surf the web safely.
Posted in: Anti-Virus,Avast,Computer virus,Malicious Software,Malware,MalwareBytes Anti-Malware,Security,Spybot – Search and Destroy
0 comments:
Post a Comment