Over the past few months, some volunteers at the church have told me that the computer they use is running slowly. Finally, one said that it would no longer print. When I looked at it, it said the hard drive was failing and it could not access the internet.
In about eight hours time, I took well over 1,000 pieces of malware off it.
The scariest part is that the malware included a DNS hijacker that, when you try to go to a website, would take you somewhere else. It might take you to a ad-laden version of that site or to a web page specifically designed to steal user information.
I removed about 10 items — things I could see in the “Add Remove Programs” section of the control panel.
I then ran some tools on the machine:
- Norton was already installed and active. It had allowed all these to reside on the machine, unattended.
- Malwarebytes took over 1,000 off the machine.
- Lavasoft’s, Adaware found a couple that Malwarebytes missed.
- In the end I installed Avast. It found a couple more and removed them.
I had to manually edit the registry to get rid of Snap.Do.
After this thorough cleaning, I replaced the failing hard drive with a SSD drive, using a drive clone application.
Most of these items were installed by people who fell for the trap of downloading coupon printers. That’s an old ploy that still gets people. If there is a legitimate coupon available, you can just print it from the website. NEVER download a coupon printer, unless you want to slow your computer, possibly disable it (as in this case), and risk having your username and password stolen.
If you have entered your own username and password in a machine that has coupon apps on it (as did this one), I would suggest changing your passwords.
If you’re looking for someone to spend the time cleaning your machine, as I did the one at church, I suggest contacting Uptown Computer in Curwensville. Ask for Terri.