Without any prompting, my computer contracted a malware infection over the weekend and required a little bit of advanced removal to fix.\u00a0 Let’s look at some real-life examples in pictures and descriptions.\u00a0 If you see anything like this on your own machine, call a professional.\u00a0 The removal was not simple and anything but easy.<\/p>\n
For background, I was surfing the Internet and visited a page professing to have a tool I needed for stress-testing a network (read hacking) to determine if there were any security issues.\u00a0 Once the page loaded, Internet Explorer 9 shut down and restarted on its own.\u00a0 Within moments, I was presented with this popup:<\/p>\n
![\"Windows](\"http:\/\/www.properwichita.com\/consulting\/wp-content\/uploads\/2011\/06\/malware01.jpg\" "\\"Windows")
<\/a>Windows Security Service Malware Popup<\/p><\/div>\n
It took a double-take to realize that this was not<\/strong> a message from the operating system.\u00a0 It looks a lot like the Action Center in Windows 7.\u00a0 I closed out the message box, already fearing I had trouble.\u00a0 Another popup followed:<\/p>\n Scareware Malware Screen<\/p><\/div>\n It looks legitimate, but again is not.\u00a0 These are my files, all right, but none of them are infected with a virus (except this virus!)\u00a0 I spent a moment capturing these screens though I knew that I had to get moving on getting it removed.\u00a0 This screen was followed by this one:<\/p>\n Malware Screen Number Three!<\/p><\/div>\n The Register<\/strong> button would have offered me complete removal, probably at the low price of $89.00.<\/p>\n I went to my trusty applications (Malwarebytes, SuperAntiSpyware) and neither of the two would run.\u00a0 I rebooted to safe mode, to just be presented the same popups.\u00a0 System restore had been disabled.\u00a0 I eventually downloaded another application (Combofix) from another computer and ran it on the infected machine.\u00a0 Several scans later and a half-dozen reboots and I was clean.\u00a0 The programs installed included downloaders, which are nice little malware applications designed to install even more malware on your machine.<\/p>\n If you see messages like the ones above, give us a call at Proper Technology Solutions at (316) 337-5628.\u00a0 Though the first two tools above are easy enough for most users, I don’t recommend ComboFix for non-advanced users.\u00a0 The longer these problems exist on your computer or network, the harder they are to remove.<\/p>\n","protected":false},"excerpt":{"rendered":" Wichita Computer Support Tip for 6 June 2011 My last post asked the question ‘Is there Malware on my Computer?‘\u00a0 Who knew that it would be a prophetic article?\u00a0 This weekend even the seasoned computer tech fell victim to this … Continue reading ![\"Scareware](\"http:\/\/www.properwichita.com\/consulting\/wp-content\/uploads\/2011\/06\/Malware02.jpg\" "\\"Scareware")
<\/a>![\"Malware](\"http:\/\/www.properwichita.com\/consulting\/wp-content\/uploads\/2011\/06\/Malware03.jpg\" "\\"Malware")
<\/a>