- #1
- 3,012
- 42
My daughter's computer was recently attacked by a virus called Malware Defense. After a few days of attempted removal, I finally got it off her machine. In doing so, I learned a lot about this new type of viral attack. A large number of new viruses get into a computer and:
1. Disable your existing Anti-virus software
2. Disable Spybot
3. Disable Windows Defender (part of your standard operating system)
4. Writes itself into your register to be started up when you turn the machine on.
5. Runs a program in the background such that if you are successful in removing the virus, it simply reinstalls itself. Not sure how.
Symptoms include the above and also it pops open what appears to be a scanner window that says you have a virus. It directs you to a website which says you need to download stuff to remove the virus. If you pay for anything with a credit card, it's likely your number has been stolen. Other things happen such as error messages regarding programs that are running, errors with MS Internet Explorer, and other problems.
To eliminate it, I had to remove the computer from the internet and I found a program online that shuts down the program that runs in the background called rkill.com which can be found http://www.bleepingcomputer.com/virus-removal/remove-malware-defense" (see step 7). I then got PC Tools, a program available on the internet, to scan the machine and remove all the viruses.
If you get things popping up on your computer that tell you there's a virus on your machine or find any of the symptoms above, that's a good sign your machine has a virus. If that's the case, you might try what I did.
1. Remove the computer from the web.
2. Run rkill.com or similar program to stop things running in the background.
3. Run an antivirus scan malware remover. I used PC Tools.
Additional instructions I found helpful here:
http://www.bleepingcomputer.com/virus-removal/
1. Disable your existing Anti-virus software
2. Disable Spybot
3. Disable Windows Defender (part of your standard operating system)
4. Writes itself into your register to be started up when you turn the machine on.
5. Runs a program in the background such that if you are successful in removing the virus, it simply reinstalls itself. Not sure how.
Symptoms include the above and also it pops open what appears to be a scanner window that says you have a virus. It directs you to a website which says you need to download stuff to remove the virus. If you pay for anything with a credit card, it's likely your number has been stolen. Other things happen such as error messages regarding programs that are running, errors with MS Internet Explorer, and other problems.
To eliminate it, I had to remove the computer from the internet and I found a program online that shuts down the program that runs in the background called rkill.com which can be found http://www.bleepingcomputer.com/virus-removal/remove-malware-defense" (see step 7). I then got PC Tools, a program available on the internet, to scan the machine and remove all the viruses.
If you get things popping up on your computer that tell you there's a virus on your machine or find any of the symptoms above, that's a good sign your machine has a virus. If that's the case, you might try what I did.
1. Remove the computer from the web.
2. Run rkill.com or similar program to stop things running in the background.
3. Run an antivirus scan malware remover. I used PC Tools.
Additional instructions I found helpful here:
http://www.bleepingcomputer.com/virus-removal/
Last edited by a moderator: