Way, Way OT - Need Virus Help in Carmel CA

InterceptPoint wrote on 2/21/2009, 3:54 PM
My father, aged 90, has a fake anti-virus Trojan running on his HP computer and I'm 360 miles away.

If anyone can recommend some knowledgeable help in the Monterrey Bay area I would greatly appreciate it. The only people I know up there are PC People and we have left them a message to call. So I'm looking for a backup if they can't do it.

Comments

Coursedesign wrote on 2/21/2009, 4:31 PM
Is he capable of going to malwarebytes.org and downloading & running the program?

It's free, and used by IT departments in some of the largest companies in the world to remove trojans especially.


InterceptPoint wrote on 2/21/2009, 5:00 PM
I passed the malwarebytes recommendation on to my father. I do think that is probably the best solution for this particular Trojan.

He has found a local guru on his own and she is due at his house within minutes as I write this. So I have my fingers crossed.
jrazz wrote on 2/21/2009, 5:21 PM
I don't know anyone there besides John Meyer- he is a member of this forum and he may know someone in the area.

Also, this is a great website with step by step instructions on removal of junkware (viruses, worms, trojans, spyware, malware, etc.). Start with one of the three links (or tabs) up top.

j razz
newhope wrote on 2/21/2009, 5:36 PM
Do you think he is able to use the System Restore function built into Windows.
Simply by selecting Start/All Programs/Acessories/System Tools/System Restore he may be able to choose a restore point (date) prior to when the virus/trojan appeared on the computer.

I've done this before on computers and it does work as the operating system is restored to a time prior to the infection. He may lose any applications or data that were put onto the computer after the restore point date, if the date is recent then probably not much if anything, but it will get rid of the problem.

Have a look at the process on your own PC, without committing to the actaul restore and you should be able to talk him through the doing it. It's a very simple but effective cure as long as a restore point exists.

New Hope Media
musicvid10 wrote on 2/21/2009, 6:01 PM
Unfortunately, Windows restore does not always do the job here, these fake AV trojans are designed to circumvent the process, and reinstall themselves on the reboot.

1) Spybot Search and Destroy takes care of these in many cases, it is free, and does no harm to try. Despite its name, it is one of the good ones.

2) Once the nasty is gone, download "Shoot the Messenger" from grc.com
This one stops those annoying popups saying that you computer is infected.

3) Enable Windows firewall and use a router firewall if on a network.
Julius_ wrote on 2/21/2009, 8:53 PM
You should go to www.logmein.com it's free and you can take control of his pc and download
1)Spybot
2)MalwareBytes

He would need to login as you and Add his computer to your profile, which you will then see.

I use this for my mother-in-law who is in Mexico...and I'm in Canada. Works wonders.
John_Cline wrote on 2/21/2009, 9:26 PM
FreeRemoteSupport.com is a very easy and free way to log on to someone's computer remotely. I use it all the time to provide hands-on technical support to clients and friends.
newhope wrote on 2/21/2009, 9:55 PM
Unfortunately, Windows restore does not

While it may be true that it doesn't always work I've have found from experience that it can be an effective answer.

I cured a similar infection on my mother's PC just this way and then made sure the problem was gone using SpyBot.

It certainly wouldn't do any harm to try Windows Restore as a quick first step.
srode wrote on 2/22/2009, 5:28 AM
Bitdefender has a very good online antivirus tool - here's the link - I have used it before and it's quite effective

http://www.bitdefender.com/scan8/ie.html
InterceptPoint wrote on 2/22/2009, 9:29 AM
Status Report:

The local guru worked on my father's computer for two hours but couldn't get rid of the Trojan. One problem she had was that she could not access the Internet from the infected computer. That does complicate things. She took it home and is working on it over the weekend. We'll see how she does.