Freeware Update : Malwarebytes Trial Version.

I was combating the nastiest bit of adware/spyware I had ever seen.

It was July 3rd and I had just sat down to draw out some characters for a few handbills when the phone rang.

The phone in my room is a Mario Kart phone and it has a plushy made by my wifes friend on top of the handset.

I stretched out across the room carefully balanced on the edge of the bed with one knee while my other leg was extended in the opposite direction counter balancing my 275 pounds into perfect balance.

It was my Uncle. He explained he was having problems sorting out his computer issues and Adaware, Spybot search and destroy and his copy of McAfee were not fixing the issues. He wasn’t able to uninstall a program called “Antivirus XP 2008“.

I told him I would be right over. He lives less than a mile away and I can in fact look out of my office’s window and see his house.

I hopped on my wife’s scooter and putted down the road, unprepared for what I was about to fight against.

I double checked the obvious solutions. Add/Remove Programs, Adaware, and clicking the uninstall option from the start menu. It wasn’t present in the Add/Remove Programs, Adaware found nothing and the Start menu option to uninstall went through the motions but it wouldn’t uninstall.

I tried running Spybot but it never started. I tried heading over to Trend Micro, but was redirected to some gibberish page that redirected me to other sites. Lavasoft.com was redirected in a similar way, so were almost every page that pulled a hit for the initial redirect’s gibberish address. I decided the best way to get around the redirects was to use Firefox instead of IE. Firefox would not start once installed. Opera would not install either. I  just knew we were screwed.

I had him back everything up in preparation for the formatting I felt would be coming.

I don’t use System Restore normally, but the next day I decided that could be an option. I checked the restore points. The only restore point available was for July 3rd when he began having issues. The PC was usable, but I wouldn’t stand for the redirects.

I brought my laptop over this time and used it to research more. I discovered that he was possibly infected with Smitfraud. I downloaded the Smitfraud fix, but it didn’t actually fix anything. Also Windows DEP was refusing to display the log file in notepad.

My Uncle hadn’t backed everything up yet, so I backed up everything for him and went to the In-Law’s house for an Independence day cook out.

I returned on the 5th. I brought a copy of Windows XP SP2 home edition so I could begin the reformat, but before I dove in I checked around some more.

I discovered a description of Vundo and found out my Uncles comp was infected with it too.

I found a reference on a forum that basically said “if Smitfraud fix doesn’t fix it then Malwarebytes will.”

As a last ditch effort to avoid reformatting, I attempted to download Malwarebytes, but was redirected. I went home and downloaded it. I brought back the proggie and transferred it over to his PC. I couldn’t install it. I renamed it and tried it again. It installed perfectly.

I ran Malwarebytes and it found 33 infections that Adaware missed, not to mention it fixed all the problems with his PC including the issues with Notepad and removing certain rogue programs from his system.

I am so impressed with this program that I include it on my repair thumb drive with all the tried and true methods mentioned in my other posts on freeware and spyware.

Advertisements

3 responses to “Freeware Update : Malwarebytes Trial Version.

  1. Smitfraud is definelty bad stuff. The first time I came across this I had a ton of problems removing it. Now whenever I run into this I do a system restore first then run the free smitfraudfix tool and then run a full scan with Spyware Doctor. If you have Smitfraud I can gurantee you are infected with other threats as well and that is way you need to use other software besides just the smitfraud fix tool. I also ran malware bytes reccomend above and am glad to report it does remove Smitfraud and Vundo. It did leave traces of Virtumonde on a system but not too shabby.

  2. Malwarebytes is good stuff. I would not really on it for protection but when it comes to removal it can help. Spybot S&D and smitfraudfix as mentioned above are great programs as well. One other tool for vundo is Vundofix. It is a free tool from atribune.org and works about 40% of the time to remove vundo. Also doing a system restore is a good method to remove registry enties from the likes of win XP antivirus 2008. Too bad you did not have a restore point before the date of the infection

  3. they also moved to Windows 7 and added some neat features to the full version (paid) – IP blocker, realtime protection and scheduled scans. it’s not cheap, but definitely worth the price if you care about protection and saving time – users share their malwarebytes coupon codes on http://news.dtcdeals.com/malwarebytes-coupon-code . Fake antivirus progs are in vogue right now, with a spin on malware removal software like the “Malware Doctor” type. nasty stuff!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s