The name of the virus is Antivirus Studio 2010. This particularly nasty guy pretends to be a trial anti-virus program saying you need to upgrade (by paying). Basically phishing, but it also locks down web browsers and circumvents Microsoft Security Essentials. Not a nice program. It also explains why the cousin took a while to respond to our response and why they could not research the problem on their own.
The site I found the most useful in my quest to remove the faux-antivirus was Can Talk Tech. Unfortunately, the site's design made me think it was some kind of lame demand media and therefore could not be trusted (please don't flame me). However, I eventually decided to go with it after looking around a bit more. It presented the solution two fairly straightforward steps. If I was going to avoid a trip out to their apartment then I needed straightforward steps.
- The first priority is to get a working internet in order to download the other tools. That was successfully accomplished by booting into safe mode on Windows XP. From Microsoft's instructions:
As your computer restarts but before Windows launches, press F8. On a computer that is configured for booting to multiple operating systems, you can press F8 when the boot menu appears.
- Use that recently re-acquired internet access in safe mode to download the free version of Malwarebytes. Install it and then run a full scan. That should take care of Antivirus Studio 2010.
- Ha! I snuck a third step in on you. For good measure, go download CCleaner and clean up the crap on your computer (C = crap). Specifically, I had the cousin's husband run the registry cleaner. Some other sites had mentioned some registry artifacts tweaked by the virus. I love crap cleaner.
Good job! Sounds like a good site, I'm going to check it out right now! :)
ReplyDeleteNext time my (your) computer is down and out, I'll think of calling you. Oh wait, I already do. :)
ReplyDelete