Microsoft Edge Infected With Malware – Removal Instructions

I received another computer support request. This one deals with a web browser malware and or hijacker. Here is the original initial request:

“On my wife’s page she is getting a message from Microsoft Edge stating that www.security-errornetworks.xyz/main4smallvirus.html?controlnewsiteID=profile&popupmode=profile&siteID=profile. I as far as I know I do have a update waiting but I believe she was locked out after her last change from my page to hers. I ran a quick scan with McaFee and found no worries.

My concern is they are wanting her ID and password ***** sending it back on a non secure line. Only is it possible that this is a scam. I can give you the Telephone they say to call was(###) ###-####.”

Here is my initial original response:

That sounds like it might be a support scam. However, you might have malware and or spyware on your computer now. I recommend running a scan for malware and spyware.

I recommend downloading and using my preferred spyware removal tool. This is a free download. Also, you could perform a system restore.

Restore Microsoft Windows 10 back to before you were having this problem. This individual requested that I remotely connect to their computer and fix this problem. I ran a quick scan with my preferred spyware removal tool.

Two objects were detected and removed. I had this customer test the website in question with Microsoft Edge. The problem was successfully rectified.

You must know the difference between a computer virus and malware. Just because a McAfee virus scan did NOT find any viruses, does NOT mean that your computer has not been infected. Malware infects your computer in a different way.

This is why antivirus software is normally NOT effective at removing adware, malware, spyware, hijacker, etc. This was most likely a website hijacker. Each time this individual tried accessing the same website uniform resource locator they would get forwarded to a bogus website URL.

If I was NOT able to remove this malware I might have tried using two other spyware removal tools. However, you can spend time scanning your computer for infections into the wee hours of the morning to your hearts content, and be wasting time. Sometimes just performing a Microsoft Windows system restore is your answer.

This can save time and will completely reverse any malware infection(s). Click on the “Cortana” search icon. Type in “System Restore” in a search box. Choose “Create a restore point”.

You should have been taken to a window with “System Protection” tab selected. In this tab click on “System Restore…”. Click “Next” on “Restore system files and settings”.

Choose a restore point by clicking on one, then click “Next”. Try to choose a restore point back to before you were having this problem. Click on “Finish” to confirm your restore point.

Windows 10 system restore will need to restart your computer and can take awhile to run. Eventually Windows 10 will boot normal. Hopefully, this will fix your problem.

These instructions were written for a computer with Microsoft Windows 10 operating system installed. However, you can use these same principles for other Microsoft operating systems.

Microsoft Third Party Vendors – Trust Worthy?

I received another computer support request. This one deals with a questionable Microsoft vendor or possible scam technical support company. Here is the original initial request:

“I have a message from a Microsoft vendor that said I don’t have network security and they want me to pay $399.99 to fix a virus they found in my computer. These people are telling me that I don’t have any security on my laptop at all and that I need to get it because my laptop is corrupt and I will lose all my data on my laptop.”

There are numerous Microsoft technical support scams floating across the Internet. These clowns will even call you and fear monger about your computer allegedly having been infected with viruses, insecure, etc. What might not be talked about as much is technical support companies claiming they are Microsoft third party vendors.

Any company can claim they are a certified Microsoft partner. However, is this all smoke and mirrors with some of them? The object of this blog post is to give you some tips that will help you learn how to provide your own support against malware, spyware, viruses, etc.

Here is my original initial response:

This is a scam. There are many Microsoft scams floating around. Nobody from Microsoft calls or contacts you about your computer.

I would not pay these people any money. This individual was using a computer with Microsoft Windows 10 operating system installed. Also, they requested I remotely connect to this computer.

I obliged and noticed quickly possible malware that later was a third party toolbar. I noticed a message on the Microsoft Windows 10 task bar with SUPPORTBUDS in all capital letters. There was a 1800 telephone number to the right.

I thought perhaps this was malware. However, I removed this third party toolbar add on. In my opinion this is kind of cheesy in your face advertising.

This client requested that I remove this toolbar after I asked them about it. This individual was not happy with the support or lack there of from this company. I performed a quick Internet search for supportbuds.

They seem as if they are a legitimate company. However, I am not sure about their tactics. Here is another comment from my client:

…how do I stop getting these alerts. After I got the alert I called these people and then a scan started running on my screen and it would delete…

$399.99 seems like an inflated price for technical support. When I scanned this computer for adware, malware, spyware, and viruses only two objects were found. Also, this computer was secure according to my standards.

Is any Microsoft Windows based computer truly secure? The built in Microsoft Windows defender firewall was enabled. I ran a malware and spyware with Windows Defender.

No objects were found. I ran a spyware scan with my preferred spyware removal tool. Two total malware spyware objects were found.

I decided to use my preferred PC optimization tool on this computer. This computer optimization tool will scan for junk files and junk registry entries. I took a gander at the programs listed in “Apps and features”.

I did NOT notice anything too unusual. Teamviewer was installed and configured as unattended. This to me is a security concern.

Teamviewer from my experiences is an excellent program. However, installing an unattended remote support software program is NOT to me very security conscious. This client requested that I disable the unattended access mode with TeamViewer since they claimed nobody remotely connects to this computer any longer.

Remote desktop support software can become a security risk. Especially, if you leave them in unattended mode. This allows anyone to possibly remotely connect and control your computer.

I did NOT run a system file check or check disk scan. Overall this computer seemed in decent health for a Microsoft Windows operating system. Whether or NOT Supportbuds is a legitimate Microsoft vendor I do NOT know.

Whether or NOT they are a legitimate and ethical company I do NOT yet know. I would have to perform further research. My opinion is that $399.99 is a steep price perhaps and I never personally like to use fear mongering tactics in order to gain new or keep existing customers.

I asked the following question to this client, “Is SUPPORTBUDS legit with the 800 number on your task bar?”. Here is there response:

“Not at all. The last time this happened the people said they were fixing my account and ever since then I’ve Had that on my screen and I can’t get it off.”

I was able to easily remove that from there task bar. I asked this client when these messages requesting support for $399 occurred. Here is this individuals response:

“My PC was on but I would be away from it for a while. When I clicked my mouse to get back into my tabs or whatever. Then I would get a message that covered my entire screen not to use because it was infected with you had to call them to get the message off your screen.”

Even though I am a computer repair technician my overall premise is to become aware of your computer health and security. I do NOT think any of the a fore mentioned tactics used against this individual was necessary. However, that is just my opinion on this matter.

Learning how to maintain your own computer can be quite rewarding. Also, you might save time and even money. There are so many tools and resources available on the Internet these days, there is no reason why you cannot learn how to properly maintain your own computer(s).

This blog post was written for a computer with Microsoft Windows 10 operating system installed. However, you can certainly use these tips as a basis point for other Microsoft operating systems.

Malware Removal Windows 10 – Instructions For Blue Screens

Another computer problem in the world order. This time an individual is having blue screen problems with Microsoft Windows 10 operating system. What else is new in Microsoft land?

Here is their initial request:

“Scanning for malware and computer went to blue screen and will not boot. Can it be recovered?”

This individual was using a Dell Inspiron computer with Microsoft Windows 10 operating system installed. They were NOT able to use system restore. I was NOT able to remotely connect to this computer and you will find out the error soon enough.

Here is my response:

Are you able to boot into the advanced options? If so try command prompt safe mode with networking option. If you are unable to access the advanced options menu, then you can create a recovery drive.

You would need another computer with Windows 10 to create this USB flash drive. Anyways, you can type in this command to run a system file check:

sfc /scannow

I recommend running it two or three times. This individual could NOT download any remote support software. They received the following error message:

“…is not recognize as an internal or external command, operable program or batch file.”

You are receiving this error when trying to download from the Internet, could be because your computer is having problems. I would recommend running malware, spyware, and virus scans. You can use my preferred spyware removal tool.

I can provide a link to the free version if you want. You can run a virus scan with Windows defender that is built into Microsoft Windows 10. What program were using to scan for malware?

This individual was NOT able to download anything from the Internet. Desperate times require desperate measures. You might be able to run a scan with Windows defender in command prompt.

I am looking for the exact command to run. Please type the following command including the quotes:

“%ProgramFiles%\Windows Defender\MpCmdRun.exe” -Scan -ScanType 1

You should be able to open up another command prompt with administrator rights while system file check scan is still running. This individual received a cannot find path specified error. This is a common occurrence in Microsoft Windows when malware, spyware, viruses have infected your computer.

Even a corrupt Microsoft Windows installation will cause these types of error messages. You can try this command instead:

“%ProgramFiles%\Windows Defender\MSASCui.exe” -QuickScan

This command will try to open the Microsoft Windows Defender graphical user interface and perform a quick scan. This individual was still not able to start a Windows Defender virus scan. Can you browse to this folder?

C:\Program Files\Windows Defender

You would need to use this command twice to go to the root of C:

cd ..

Then type in:

cd Program Files

cd Windows Defender

If you are able to get to that directory you can enter these commands:

MpCmdRun.exe” -Scan -ScanType 1

MSASCui.exe” -QuickScan

After the system file check scan is complete then restart your computer and see if you are able to boot into normal windows mode. If you cannot then you can try performing a check disk scan. Type this command:

chkdsk c: /f /r

Type Y for yes at a volume in use message. Restart your computer and do not touch the keyboard. A check disk scan should begin within 10 seconds.

If a check disk scan does not begin, type the command again and schedule it again. Running system file check and check disk scans might fix your computer enough so that it will boot normally. This individual had been using Spyhunter to scan for malware.

These tactics did NOT fix this Microsoft Windows 10 problem. Have you tried a “Reset this PC”? After running system file check and check disk scans sometimes system restore and reset this PC will work.

If you do NOT have any important data on that computer, you might be able to perform a factory recovery or reset. You might find it in a F11 or F12 menu. You would press one of those keys before Windows tries to boot.

If you know your Dell service tag, then you can try to find out how to perform a factory reset on the Internet. Since I do NOT own any newer Dell computers, it is difficult for me to know what keystroke will take you to a factory reset option. I know that older Dell computers would sometimes include it in the F8 advanced boot options menu.

This is one of those cases where preventative maintenance may have been productive. Here is a gold tip. You should always make sure you have recovery media as soon as you purchase a new computer.

Most computer manufacturers are cheap and will not include recovery discs. However, most of them give you the ability to create recovery media. Create your recover media as soon as you receive your new computer.

Microsoft Windows 10 has another option to create recovery media. However, you would need a second computer with Microsoft Windows 10 operating system installed. You would then create a recovery drive with that second computer.

If you are technology proficient enough, you can take the hard drive out of this computer and install it in another computer with Microsoft Windows 10 operating system. You would then perform your malware, spyware, and virus scans. You cannot perform a system file check in this manner.

However, you can perform a check disk scan. Also, you could use my preferred PC optimization tool to clean up junk files and the windows registry. If you are still not able to fix your Microsoft Windows 10 blue screen problem, then you potentially could purchase recovery discs from Dell, Amazon.com, and or eBay.com

items, 0, 3); // specify first and last item
?>


How to Uninstall McAfee LiveSafe

Another computer problem on a Microsoft Windows operating system. This time an antivirus software problem. I am not a big fan of McAfee products.

However, I earn supplemental income answering computer and technology related questions on a third party website. Here is the original request:

“I do not believe my virus protection is active. I am trying to connect setup an SSL connection and it is failing. I am getting rejected when it checks my virus software to see if is active.

I see the McAfee software says my PC is at risk”

This individual had a Hewlett Packard Beats Studio with Microsoft Windows Windows 7 operating system installed. I was able to remotely connect into this computer and fix this issue. The first thing I did was start a system file check scan with the following command:

sfc /scannow

You will need to open a command prompt with administrator rights to run a system file check. Also, I ran a spyware scan with my preferred spyware tool. This software found 9 major malware objects.

This required a restart of this computer to completely remove this malware and or spyware. Also, I used my preferred PC optimization tool. This tool found over 6 gigabytes of junk files and 1500 objects cluttering the Microsoft Windows registry.

Initially, this customer did NOT know whether or NOT their McAfee LiveSafe antivirus software was active or not. This was easy to find out as all you have to do is right click the McAfee software icon in your task bar and then choose “Verify subscription”. Their McAfee LiveSafe virus subscription was active.

However, the real time virus scanner was NOT and would NOT activate. I tried manually activating this service via services.msc to no avail. Also, I could NOT start a virus scan, as that would fail.

I tried reinstalling McAfee LiveSafe antivirus on top of itself but that did NOT fix these problems. I ended up recommending that this customer login to their McAfee account. Sure enough their subscription was indeed active for multiple computers.

Also, you can reinstall McAfee from your online account. I then removed McAfee LiveSafe antivirus successfully by entering “Programs and Features” on Windows 7 operating system. Highlight McAfee LiveSafe and then choose “Uninstall”.

It is really that simple. This computer needed to restart to completely remove this software. I was not able to remotely connect again as the remote software password changed.

I tried contacting this customer twice and they failed to respond. Many Americans, and this was an American, are extremely selfish and rude. Anyways, usually on this third party website whenever a customer is silent, most likely means I helped fix their problem.

Now all you have to do is login to your McAfee LiveSafe account, download and reinstall McAfee LiveSafe. There was actually a “Reinstall…” link when this customer logged in earlier. These instructions were written for a Hewlett Packard computer with Microsoft Windows 7 operating system.

You can certainly use them as basis point to install McAfee LiveSafe antivirus software on other computer hardware and Microsoft Windows operating systems.

Free Spyware Removal – by Using Windows System Restore

Another information technology problem in the world order. This time a customer was infected with spyware. Here is their request:

Porno spyware alert, server rudely align.stream is asking for user name and password. Reports URL blocked. Warnings, etc.

This individual was using a Samsung desktop computer. They then called a telephone number that was supplied on screen, but thankfully did NOT trust the individual they were speaking to. They received another on screen warning:

Message says my computer will be disabled if I close page to prevent further damage to our network. What should I do?

Here is my response:

Are you able to access the Internet on that computer? I would try to download some software like Superantispyware to remove any possible spwyare. Update the software first and then run a scan.

Also, you could try to perform a system restore and restore it back to before you were infected. I can research and make sure it is not worse like ransomware. Has it asked you to pay a ransom at all?

It could be a phishing scam, I wouldn’t enter any information into any form. Also, it could a scam where you call that number and they ask you to pay them to troubleshoot your computer. This individual rebooted their computer and claimed they no longer received those pop up messages.

However, this does NOT mean that their computer was free from infection. A windows system restore to me is a FREE spyware removal tool. That is because it does NOT require an additional fee and will possibly restore your computer back to before the infection took place.

This is what was described after they restarted that computer:

Blank windows came up, then Yahoo window opened, todays news. We closed and everything seems normal, but very slow. Just opened email.

To save time I recommend running a system restore instead. Choose a restore point back to before you were infected. If system restore does NOT work and or their are no restore points available, then you need to run some antivirus, spyware, malware, etc. scans.

I would NOT just leave a computer that was infected like that alone without trying to at least scan for malware, spyware, viruses, etc.

Java Update Windows 7 – Instructions For Norton Antivirus

I received a request for help with installing a Java update Windows 7. This is their initial communication:

My Java needs update. I am trying to get on line with Norton help line, they said I have to get Java working.

This is perplexing to me that an ant-ivirus developer would use an application like Java, that historically, has had security vulnerabilities. However, apparently Norton anti-virus or one of their security suites, requires Java. You will need to download free java software.

Click on “Free Java Download”. You will need to click on “Agree and Start Free Download”. You will be asked to either Open/Run and or Save File from a popup window.

Save Java to your hard drive. This was a 68.5 megabytes download at the time of this blog post creation. Once this download completes, then double click this file to begin the installation.

Click on “Yes” at the User Account Control dialogue. You then just click on “Install”. Java will begin to install.

You may need to restart your web browswer in order for the Java plugin to load correctly. You can test and verify your Java software. This online tool will tell you what version of Java software is installed on your computer.

Also, it should load your Java web browser plugin so that you know the installation succeeded. I personally only have Java loaded on one computer. There is one application I use that requires Java.

If it were not for this lone application, I would NOT install Java software at all. I do NOT load Java on any of my other computers. Java to me is too much of a security risk, plus this software is bloated at least to me.

Antivirus and Security Software – Avast Version 18.1.3800

Antivirus and security software Avast version 18.1.3800 has been released. I could NOT find out specific information about this version of Avast directly from this company. I guess I could have investigated using a computer that I have Avast antivirus and security software installed on.

Avast is one of two anti-virus software programs, I use for my computer repair business. I am an Avast affiliate marketer. I use this software for my computer repair business and also upsell it to my customers.

You can always download the latest version of Avast antivirus and security software from a static link. Avast antivirus is compatible with Apple Macintosh, Microsoft Windows, and Linux operating systems.

Avast free anti-virus is compatible with Microsoft Windows XP service pack three, Vista, 7, 8, and 10 operating systems. Avast supports both 32 bit x86 and 64 bit x64 architecture. I was NOT able to find out what exact versions of Apple Macintosh operating system and Linux distributions are supported.

Debian Linux distributions like Ubuntu, Linux Mint, etc. are supported. Red Hat Enterprise and SUSE Linux are supported.

Antivirus and Security Software – AVG Version 17.9.3040

Antivirus and security software AVG version 17.9.3040 has been released. I could not find mention of this newest version of AVG antivirus software anywhere in a blog post or technical article on AVG’s official website. However, I found out that two issues were resolved in AVG beta version 17.9.3040.

* avg service crash during computer shutdown
* 17.9 new features added to localization

There was one bug fixed in this version of AVG antivirus and security software. Also, there was one change in AVG version 17.9.3040. I assume that these changes were rolled out into the official version of 17.9.3040 released to the public but I do NOT know that for a fact.

AVG is one of my recommended anti-virus software programs. I am both an AVG reseller and affiliate. I use it in my computer repair business and also recommend it to my customers.

AVG has an auto updater and notifier. Also, virus definition updates are released quite regularly if not everyday. You can try AVG antivirus for free with a 30 day trial.

You can always download the latest version of AVG antivirus and security software from a static link. AVG antivirus is compatible with Apple Macintosh operating system mountain lion or newer, Microsoft Windows XP service pack 3, Vista, 7, 8, and 10, as well as Google Android version 2.2 or newer operating systems.

macOS Ransomware – May Permanently Encrypt Files

Security researcher ESET has found a new mac operating system ransomware. This ransomware is downloadable via bit torrent websites. This software is called “Patcher” and is used to pirate popular software.

These torrents found in wild included a zip file. However, this zip file is not really pirated software. This software is actually ransomware.

Once a “Start” button is clicked your files are then encrypted. A random twenty five character encryption key is generated. Your original files are deleted and replaced with these encrypted ones.

All files under a “Users” and “Volumes” directory are encrypted. A email address and bitcoin address are included in a README file. This file warns a user that all data is encrypted and can be unlocked with a payment.

However, ESET points out that there is no way for these files to get their encryption reversed. ESET recommends that you not pay a ransom fee, if you are a victim of this ransomware.

Malwarebytes Version – 3 Instructions so Free Version Never Expires

MalwareBytes 3.0 was released in December of two thousand sixteen. As a computer repair technician, I thought I would download and install this newer version. I have been using version 2.x.x for years.

This free software is compatible with Microsoft Windows XP, Microsoft Windows Vista, Microsoft Windows 7, Microsoft Windows 8 and Microsoft Windows 10. I am going to show you how to deactivate a free fourteen day trial, and activate a free version that never expires. If you already have an older version of MalwareBytes, you might want to remove that version first, which may require that you reboot your computer.

Once your computer is rebooted, you can run a program similar to Ccleaner to make sure files and registry entries from older version of MalwareBytes are removed. This is an optional step. First, you want to download MalwareBytes 3.0.

Once download to your computer, you double click this executable. At open file security popup, click on “Run”. Click “Continue” in “User Account Control” window.

Click “OK” at select setup language to accept default English language. Click “Next” at “Welcome to Malwarbytes setup wizard”. Select “I accept the agreement” and choose “Next”.

Click “Next” at an information screen. Click “Next” at select destination folder. Select “Next” at select start menu folder.

You can uncheck “Create a desktop shortcut” box, if you don’t want a Malwarebytes desktop shortcut created and click on “Next”. Click on “Install”. A Malwarebytes install will now proceed.

Click on “Finish” to complete this installation. By default MalwareBytes 3.0 might install a free trial version that expires after fourteen days. In MalwareBytes Dashboard, click on “Settings”.

Click on a “My Account” tab and towards bottom right hand side you will see “Deactivate Premium Trial”. Once this is selected, your copy of MalwareBytes 3.0 will revert to a free version that does not expire. Another popup in your task bar might open up.

Click on “Stay downgraded I don’t need real time protection and then click “OK”.