remove malware with malwarebytes

Remove Malware with Malwarebytes Free

I am the resident computer guy.  So I get lots of requests to fix computers.  It is now so easy to remove most malware that I am really surprised people still ask me.  Here is how I remove malware on most systems.

Step 1.  Download the Trial Version of malwarebytes

You can get the trial version for 30-days.  It is great software so I encourage you to buy it – https://www.malwarebytes.com/  Download the free trial on your desktop or somewhere you can easily find it.

Step 2.  Restart your system in “Safe Mode”

Once malwarebytes is downloaded on your system, restart the computer and hit the “F8” key to over and over until you are given the option to boot the system in a different state. Select “Safe Mode”

Step 3.  Install Malwarebytes

Double click Malwarebytes, and follow the instructions.

Step 4. Start Malwarebytes

How long this takes depends on how much data Malwarebytes has to go through and how fast you system is.  Some things will take more than normal antimalware software.  Rootkits for example, are a little harder to get rid of.  For these, I have found it helpful to google the errors, warning banners and symptoms you are seeing to find someone else who had the same issue and fixed it.  Some are so bad you will have to search for an answer on a separate system.

Good luck to you.

Scam Alert VIP Link

VIP Link – [Ref: WJNBXO]

We scanned this “VIP Link”, be careful not to click on it.

Hey,
So this is my LAST E-MAIL about this video for some time.
It’s time to concentrate on receiving benefits! And killer training!
*LINK was HERE*
I am aware… I know. you ‘might’ have seen this before, but
there’s a cause I’d continue to ship it, don’t ya feel?
If you’re trying to split out of the “I cannot figure it out”
Shape you then have to observe this…
A couple of alarming things happened in my business that led me right
to where I am today… And it’s really the BEST place to be. Therefore I want
One to join me.
Enjoy
According to VirusTotal, this link may have malware:
ParetoLogic Malware site
ADMINUSLabs Clean site
AegisLab WebGuard Clean site
AlienVault Clean site
Antiy-AVL Clean site
amazon discount coupon phishing scam

SCAM – Friend Has Sent You a $50 Amazon Gift Card

This “Amazon Gift Card” from a friend is actually a link to a malware site.  Here is what the content of the email looks like:

A friend has sent you a $50 Amazon Gift Card.

Claim Code: #VV5H-MWWHWM-D7P3

Use it to buy anything in our store.

Get your Card Link REMOVED**

Must use by January 15, 2016.

VirusTotal Scan:

URL Scanner Result
Netcraft Malicious site
Opera Malicious site
BitDefender Phishing site
CLEAN MX Phishing site
Fortinet Phishing site
Kaspersky Phishing site
oh no he didn't - email

Oh No He Diddnt!

Beware of the link in this email with the subject “Oh No He Diddnt!”

 

To achieve our objectives, we have to regularly stretch ourselves and prepare our heads to *REMOVED BEYOND YOUR LIMIT LINK*
It is true that we are our only difficulty and our only remedy… This implies, we must teach our
Heads to determine the possibilities which are generally awaiting us.
Here is anything much better than looking and waiting, something which can help you at this time.
URL Scanner Result
ParetoLogic Malware site
ADMINUSLabs Clean site
AegisLab WebGuard Clean site
AlienVault Clean site
Antiy-AVL Clean site
Avira Clean site

Your Computer Has Serious Malware (SCAM)

While surfing the web I ran into a site that gave me a SCAM pop-up.  If you receive this pop-up or other like it, DO NOT call the number.  Do not install anything.  Just get out of the website.  Close the browser if you have to.  This is a common tactic.  Scammers try to use fear to get you to do what they want.

Windows Firewall Warning:
Your computer has a serious virus!
If you see this message, you call Microsoft Windows
Support at 1-877-684-9719 (Toll-Free) immediately.

DATA AT RISK:

  1. Your credit card details and banking information.
  2. Your e-mail password and other passwords.
  3. Your Facebook, Skype and other chat logs
  4. Your Private photos and sensitive files.
  5. Your Webcam could be accessed remotely by stalkers.

Technicians are standing by to provide you FREE
DIAGNOSIS & Priority assistance removing this virus
from your computer.

internet fraud

internet fraud

Notice to Appear – Court Order – malware

Malware detected

Dear NAMEUSER,

You have to appear in the Court on the April 14.  You are kindly asked to prepare and bring the documents relating to the case to Court on the specified date.  Note: The case will be heard by the judge in your absence if you do not come.

You can review complete details of the Court Notice in the attachment.

Regards,
Hugh Buckley,
Clerk of Court.

State Court <hugh.buckley@ns89.websitewelcome.com>

SHA256: 8889fcc7dca37f2cc23d7f664605578583f4fbfe102435c1cb58fbe9ce60e5fe
File name: Court_Notification_00000677743.zip
Detection ratio: 12 / 57
Analysis date: 2015-04-11 18:05:09 UTC ( 0 minutes ago )
Antivirus Result Update
Microsoft TrojanDownloader:JS/Nemucod.P 20150411
NANO-Antivirus Trojan.Script.Heuristic-js.iacgm 20150411
AVware Malware.JS.Generic (JS) 20150411
VIPRE Malware.JS.Generic (JS) 20150411
Avast JS:Decode-CAP [Trj] 20150411
ESET-NOD32 JS/TrojanDownloader.Nemucod.AF 20150411
Fortinet JS/Nemucod.AF!tr 20150411
Sophos JS/DwnLdr-MKJ 20150411
McAfee JS/Downloader.gen.d 20150411
McAfee-GW-Edition JS/Downloader.gen.d 20150411
Kaspersky HEUR:Trojan.Script.Generic 20150411
Comodo Heur.Dual.Extensions 20150411
ALYac 20150411
AVG 20150411
Ad-Aware 20150411
AegisLab 20150411
Agnitum 20150409
AhnLab-V3 20150411
Alibaba 20150411
Antiy-AVL 20150411

County Court – Malware

I have been getting a lot of these “County Court” notifications.  They usually have an infected attachment with them.  If you open the attachment, your system gets infected with all kinds of stuff.

County Court <brad.marks@stats.buzz.arvixevps.com>

courtesy of techcrunch.com

courtesy of techcrunch.com

Dear user,

This is to inform you to appear in the Court on the April 24 for your case hearing.
Please, prepare all the documents relating to the case and bring them to Court on the specified date.
Note: If you do not come, the case will be heard in your absence.

The copy of Court Notice is attached to this email.

Regards,
Brad Marks,
District Clerk.

Unable to deliver your item, #00000620676 online fraud

More online fraud.  Here is a fake fedex email that attempts to deliver you an attachment with malware.  If you get the email do NOT open the attachment and do NOT respond.

FedEx International Ground <clifford.barron@cio.posluh.hr>

Dear UserName,

Your parcel has arrived at March 14. Courier was unable to deliver the parcel to you.
You can review complete details of your order in the find attached.

Yours trully,
Clifford Barron,
FedEx Station Agent.

The attachment has the following malware:

Antivirus Result Update
Microsoft TrojanDownloader:JS/Nemucod.P 20150405
NANO-Antivirus Trojan.Script.Heuristic-js.iacgm 20150405
Kaspersky Trojan-Downloader.JS.Agent.hdu 20150405
Sophos Troj/Dloadr-DXL 20150405
AVware Malware.JS.Generic (JS) 20150405
VIPRE Malware.JS.Generic (JS) 20150405
Emsisoft JS:Trojan.Crypt.NI (B) 20150405
ALYac JS:Trojan.Crypt.NI 20150405
Ad-Aware JS:Trojan.Crypt.NI 20150405
BitDefender JS:Trojan.Crypt.NI 20150405
F-Secure JS:Trojan.Crypt.NI 20150405
GData JS:Trojan.Crypt.NI 20150405
MicroWorld-eScan JS:Trojan.Crypt.NI 20150405
nProtect JS:Trojan.Crypt.NI 20150404
Avast JS:Decode-CAC [Trj] 20150405
ESET-NOD32 JS/TrojanDownloader.Nemucod.AF 20150405
Fortinet JS/Nemucod.AF!tr 20150405
McAfee JS/Downloader.gen.d 20150405
McAfee-GW-Edition JS/Downloader.gen.d 20150405
CAT-QuickHeal JS.Downloader.B 20150404
Comodo Heur.Dual.Extensions 20150405
AVG FakeAlert 20150405
notice of court scam

Reporting mail fraud: Notice of appearance in Court #00000443455

Reporting mail fraud: Notice of appearance in Court #00000443455

If you receive this email, Do NOT open the attachment.

Notice of Appearance in Court – email malware with attachment: Court_Notification_00000443455.zip

DO NOT OPEN the Attachment!

This attachment has the following malware:

Antivirus Result Update
AVware Malware.JS.Generic (JS) 20150405
CAT-QuickHeal JS.Downloader.B 20150404
Comodo Heur.Dual.Extensions 20150404
ESET-NOD32 JS/TrojanDownloader.Nemucod.AF 20150404
Fortinet JS/Nemucod.AF!tr 20150405
Kaspersky Trojan-Downloader.JS.Agent.hdu 20150405
McAfee JS/Downloader.gen.d 20150405
McAfee-GW-Edition JS/Downloader.gen.d 20150404
Microsoft TrojanDownloader:JS/Nemucod.P 20150405
NANO-Antivirus Trojan.Script.Heuristic-js.iacgm 20150404
Sophos Troj/JSDldr-AU 20150405
VIPRE Malware.JS.Generic (JS) 20150405

 

Dear UserName,

This is to inform you to appear in the Court on the April 02 for your case hearing.
Please, do not forget to bring all the documents related to the case.
Note: If you do not come, the case will be heard in your absence.

The copy of Court Notice is attached to this email.

Sincerely,
Alberto Crabtree,
Court Secretary.

Joydownload Virus

Be careful when you download new software.  Download from the actual creator of the software as much as possible.  Avoid getting software from bittorrents.  If you do, at least look at the comments of the bittorrent you plan on downloading.

Search engines such as google are great for finding software, but not always the safest.  Its best to get software directly from the organization that created not random sites.

For example, at one time “Joydownload. com” was among the top results for the “Yahoo Messenger”   and other apps.  But this site may have trojans in it.

Joydownload is a known malware distributions site:

Joydownload scan From VirusTotal:

URL Scanner Result
Avira Malware site
Emsisoft Malware site
Fortinet Malware site
G-Data Malware site
Sophos Malicious site

 

1 2