Malware Has Evolved!!

Just a quick note to consumers infected with malware. Today's malware programs have become so sophisticated that you may not realize that your computers are infected until too late. And uninstalling these programs can be a real nightmare. Yesterday (Aug 17th) I had a call from my sister stating that her computer had become unmanageable, her browsers had been hijacked and she could not use her computer to work as she is accustomed to. She has a Windows 7 laptop. Her browsers had all been switched to "My Websearch". Try as she could, she could not return her system to her default homepage. All her web connections had to go through "My websearch", which conveniently kept her away all specific anti-virus websites. When I started my phone consultations with her, I figured on spending about 30 minutes removing the malware and resetting her system. Easy pickings, I thought. I am no stranger to "My websearch". I had removed this cursed piece of malware many times from clients' computers. So I walked her through using Control Panel's Programs and Features to locate and uninstall "My websearh". Surprise; it was not listed. Search could not find any such program or file! She could not get to specific anti-virus sites from Internet Explorer or Firefox. To complicate matters further, she had partially deleted Firefox prior to calling me. She thought that would have eliminated the problem. Instead, it had ground her computer to a halt when accessing other programs. She was too inexperienced to walk her through editing her registry and all her local anti-virus programs had been switched off by the malware. Several hours later, having exhausted all my regular regimen and too far away to go pick up her computer to work on it myself physically, I decided to fool "my websearch" into giving her access to some anti-virus sites. Since we could get online only through Internet Explorer in safe mode, I told her to search for non-specific anti-malware sites by connecting to Yahoo.com and following any story listed there. When she complied and was allowed to follow a story, I asked her to simply type in the search bar the broad term "anti-malware sites". We were able to locate MalwareBytes.org and download one of the most potent anti-malware programs on the internet: MalwareBytes! The download and installation went quite smoothly and, within minutes, we were well on the way to solving her problems. With the deployment of Malwarebytes, she was able to locate and remove 37 pieces of malware already on her system, the result of "My Websearch" turning off her local anti-virus program. I gave her further instructions to reset her system and hung up, exhausted. Then I got to thinking about the new invisibility tricks employed by "My Websearch", Sweetpacks and Snapdo. They are quite similar and fairly recently employed. They all do not list themselves in the installed programs file, hide themselves outside the registry, and make multiple linked copies of themselves so that their programs can function if one link is removed. They also make direct changes to the config files of the infected browsers and disable the reset commands there, ensuring that the browser remains compromised. I am pointing out these features here for 2 reasons. Firstly, consumers should be aware that new weapons must be employed in the fight against malware and, secondly; there is a need for technicians to pool their resources and exchange effective techniques in removing malware. Malware attacks all of us indiscriminately, causing thousands of dollars in lost productivity and aggravation. If you are a technician who routinely deals with malware removal, please link to this blog and tell us about your techniques. Thanks in advance.

Remove Snapdo- and Other Nasty Browser Hijackers

If you use Windows 8, chances are that you have been a victim of a nasty piece of software called Snapdo. This browser hijacker installs itself easily into Bing, Google Chrome and Firefox, changing your homepage to Snapdo and constantly running ads on your machine. Trying to uninstall this piece of malware is in itself a nightmare because it does not show up in Control panel's list of installed programs nor does it respond to a search request of your computer.

I recently opened my Firefox browser to a shocking piece of "information" provided by Snapdo. It presented me with an official-looking warning that my computer was running out of space and I needed to purchase a program to remedy the problem immediately! Then it proceeded to demonstrate its diagnostic ability by performing a visual "diagnosis" of "my computer" showing the seriousness of the problem. That was too much for me since I had seen this age-old trick before and knew its techniques. Heck, I have spent most of my technician life removing this bogus piece of computer blackmail from client's computers. Now here it was on my computer courtesy of Snapdo. I immediately turned on my Malwarebytes software to fully scan my system and remove all traces of malware it found. I was in no mood to fool around with this unwanted piece of malware that had injected itself into all my browsers and anonymously changed their homepages. After restarting my computer, I ran a little-known but highly-effective free program called Adware Cleaner. This program rocks! It removes all the malware it locates and leaves your computer in its previously un-infected state. Depending on the amount of content on your machine, the scan and removal process takes a few minutes. Mine lasted less than five minutes because I have a fairly new machine. As a confirmation process, I also used Avast's Browser Cleanup tool to ensure my browsers were thoroughly clean and my homepages were restored to the originals. This was, of course, overkill but I was so pissed off with the overall situation and, as I said before, I did not want to fool around with this nasty piece of malware. Any one of these programs could have done the job by itself but I was pissed.

I am happy to report that since blasting my computer with these programs, everything is functioning fine. The reason I am writing this piece is to keep my readers informed of effective ways to rid their computers of unwanted malware without spending an arm and a leg. I also intend to inform victims of Snapdo and other browser-hijacking software like Sweetpacks, that these programs are not needed on their computers and only provide entrances for other vampire programs. Windows8 is no different from other Windows versions as far as virus and malware providers are concerned. It is a Microsoft program and, therefore, a target for everyone who has a beef with Microsoft for whatever reason. All I'm saying is: Beef with Microsoft but keep your crap off my computer!