Spec Me : Malware Removal in Bristol

[darael]

If you're sceptical of the machine over TeamViewer, create a virtual machine, install TeamViewer and remote access his computer from that. But that is pure overkill in my opinion.

Run a bootable antivirus, such as Kaspersky Rescue Disk 18 and/or ESET SysRescue. You could burn these to disc as well as a Windows 10 installation disc and another disc containing tools such as ComboFix, AdwCleaner, etc and pop the discs in the post. Advise your father not to turn the machine on until he has ran the rescue discs first.

After the machine has had a preliminary scan for infections, start the machine up in safe mode with networking and get to work on TeamViewer, starting with the tools on the provided disc. Then use an online virus scanner, such as ESET Online Scanner, to scan all his drives for infections.

From then on, work towards creating a backup with a mind to completely reinstall Windows.

If you want some other suggestions for Malware/virus scanners to pop on your disc, these are some that I recommend:

• Emsisoft Emergency Kit: https://www.emsisoft.com/en/software/eek/
• AdwCleaner: https://www.malwarebytes.com/adwcleaner/
• ComboFix: https://www.bleepingcomputer.com/download/combofix/
• HitmanPro: https://www.hitmanpro.com/en-us/hmp.aspx
• FixExec (might help with programs not launching): https://www.bleepingcomputer.com/download/fixexec/

 

[danoliver1]

There's plenty of indian companies who can do this for you remotely.

 

[wolfie138]

is it not worth finding a proper/trusted AVG contact who may be able to verify who he was talking to? is it not possible that by killing the thing halfway through he's caused his own probs by having half-updated software etc?
what exactly is happening for him to "believe they've put malware on"? :-/

 

[stockhausen]

Gotta ask, why has this thread not been removed to the seemingly more appropriate "Windows & Other Software" forum?

ps - Post #21 seems to have provided a very detailed strategy for the OP

 

[D18241]

Where's you father live?

 

[413x]

Kill it with fire!

Alternatively. Fresh install. Only only way to be sure

 

[ivrytwr3]

Don't suppose he could package it up and courier the system to you?

Might work out cheaper and you are someone who is invested in retrieving his stuff, as most likely i would just do a fresh install!

 

[iamtheoneneo]

Get him to watch this guy whilst you are at (Kitbonga). The guy makes a living off of stalling the scammers, and he explains the scam and what they try to do to get control of your machine:

https://www.youtube.com/channel/UCm22FAXZMw1BaWeFszZxUKw/videos

So he does not get caught out again.

 

[Rifte]

Another vote for a fresh install.

It will remove any doubt on if the malware removal software worked or not.

 

[Scort]

Need some help for my father please folks.

He was ironically trying to update his paid for AVG service which he was having issues with. Gone onto their website and found a number to dial. I am guessing he has either reached a spoof website, or dialled the number wrong and has hit a spoof line.

He believes from the call (which lasted 40 mins) that they have put malware onto his machine. Remote connection through some program via Microsoft edge. He shut the machine down and hung up after 40 mins as he was getting nervous about the questions which were being asked. Machine is now unstable and shutting down after short periods of time.

Anyhow, there isn't anything I can do to help as I am 300 miles away - He was about to take it to PC World.... I've managed to stop him in his tracks and said I would try and find him a professional.

So if anyone can recommend someone in or around the Bristol area please that would be lovely.

He's cancelled all his cards and is on changing all his passwords etc.

Just sent you a Trust - I'm not too far from Bristol - don't mind lending a hand at the weekend.

 

[touch]

Buy a new hard drive, set it up for him and post it to him.
Even somebody who has no idea about how computers work would be able to swap a drive with a little bit of guidance.

 

[BDEE]

Thanks for the suggestions and Scort's very kind offer of help.

We are still waiting to hear back from an enquiry to AVG to establish validity of the call. We've had someone round who is onto sorting it, so just keeping tabs in on whats being done.

 

[darael]

@BDEE How did this go?

 

[Slam62]

Take the drive out now!

 

[AHarvey]

Take the drive out now!

Why?

 

[BDEE]

We think it is all sorted now, thank you. A lad with a company in Bristol has sorted it (name escapes me right this second).

Still no word from AVG about if it really was them or not. Trying to make sure he follows up with them to get a certain answer about this.

Interestingly I had a failed login attempt to my google account this week, which I have never had before. I have a user account on his PC... Probably total coincidence, but glad I changed all my passwords too!

 

[weyland yutani]

I've had to deal with issues on my Dads laptop before. Ultimately, I bought him a usb stick and usb external hardrive, installed Macrium Reflect Free, created rescue media on the stick and save backup images to the external drive. Restoring an image is much simpler than hunting down malware or reinstalling and reconfiguring i.e. de-bloating windows.