Malware?

Spent 5 hours yesterday trying to figure out what was wrong with my moms computer.

She was complaining of pop-ups, slowing & restarting of the computer.  Her anti-virus software was out of date (not updated since last time I was there) and it appeared that my brother had upgraded to the latest version “Anti Virus 2009″ but they hadn’t paid for the new serial number.  The windows security center was displaying TWICE in the bottom right next to the clock.

It’s very dificult to diagnose a problem like this over the phone.  I walked her through un-installing the old CA Antivirus, but she said it still appeard in the bottom right and now there was only one windows security center.  Progress?  No… frustration!  She also said her machine kept rebooting every few minutes.

I thought I could use the remote desktop connection to get a look at her pc, but she is running XP Home and that won’t work unless its XP Pro.  So, I signed up for a 30-day free trial of GoToMyPC.com! Had to put in my credit card, but I’ll cancel later.  What a lifesaver!!!  Very quick and easy to use.  I had her install the software and I was able to go to their website and sign into her computer.

I was able to witness first hand the “rebooting of the pc”!  For a second I got a sinking feeling in my stomach that she would need to send me the computer and I would have to reformat it!  I figured my connection to her computer would be lost… and there was no way I could get anything done with the computer rebooting every 3 minutes.

I soon realized it was a spoof!  It was displaying fairly realistic graphics that changed to resemble a reboot, but my connection was not lost and the computer became usable again!  I clicked on the message that was telling me to register and pay for the new version of “anti virus 2009″ and it took me to tdsvassarium.com

Next I searched google for “tdsvassarium.com” and found out this was malware developed in russia!  I searched some more and found some free software to remove the crap!  See http://www.malwarebytes.org/rogueremover.php

During this process the computer rebooted 4 more times!  Within 5 minutes the computer was clean.

My brother needs to be careful where he puts his pointing device!!! :-)

Comments are closed.