Best Approach if Given 1 Hour to Address Possible Virus - Windows 11 laptop

Isaac

Isaac

Lifelong Learner
Local time
Yesterday, 22:41
Joined
Mar 14, 2017
Messages
9,901
So a few months ago, I persuaded my elderly parents to purchase a laptop computer. In terms of device / internet familiarity, they have had an iPhone for years, but that's it. Limited, very rare instances of Googling something at a library computer.

Early on, I had them install TeamViewer, so that every so often we can have a "tech session" ... This is us on the phone, me remoting in via TeamViewer, performing various housekeeping tasks, ExplorerPatcher to correct Windows 10/11 awful taskbar grouping, installing Chrome and Adobe Reader, making some shortcuts for them, etc.

I believe I failed in one area: Protection from viruses. I over-estimated their savviness in knowing what Google results to click on and just generally what and when to click on things. Somehow, they are getting virus pop ups already. (Screenshot below, I'm fairly sure the McAfee reference is just part of the virus lie).
I didn't install any particular antivirus program. I did make sure that the latest Windows (and Chrome) protections appeared to be on - Firewall, Windows Defender, Chrome Safe Browsing, etc - all allowed to remain at their default settings. I thought that would be enough, as I haven't used an AV program (other than to briefly test them) in practically all my time on the Internet, neither have any of my children. Never had any problem, at least, not more than a small handful in 20 years and if I remember right, each was solved by a one-time sweep using either a trial version of a brand-name AV program, or one of the handy free OpenSource tools on SourceForge, etc.

I'll be setting up a 30-60 min session with them soon to inspect their device as best as I can, as well as educate them in any way I can think of.

All I'll have, realistically, are those 30-60 minutes to give them the best help I can.

Any suggestions?

I was thinking to cover:
  • Review the popup to see if any additional clues are there, currently not sure 'when' it pops up or how aggressive it is or what impact it has
  • Run a Windows Defender scan
  • Run a scan from some widely trusted, acclaimed, free virus-removal tool ... I cannot remember now which 2 tools I've used before, (not big brand-name stuff, some free tool I believe), but MAN were they effective, IIRC it was the only tool that really could eliminate one particular virus I had once. Any ideas?
  • Lastly, consider installing a major AV program.
Looking for any advice.
NOTE: I don't want to install any AV that will completely mess up our ability to use TeamViewer, as we depend on that. I'm hoping for something free as I hate to persuade them to pay for something else. Also in my experience, almost all major AV programs slow down computer activity really badly...and they already suffer from barely-acceptable Wi-fi due to using a data box from Verizon out in a rural area.

Welcome any ideas on 1) the immediate virus removal tool, and 2) the ongoing solution. I want to double check their chrome settings and make sure any protection is turned on and not over-ridden.
 
Last edited:
I've used AVG free for 20 years+ and it has caught everything. Also use TeamViewer and AVG has no effect on it.
 
viruses.jpg
 
moke123 said:
I've used AVG free for 20 years+ and it has caught everything. Also use TeamViewer and AVG has no effect on it.
Click to expand...
That's very helpful information Moke thank you
 
moke123 said:
I've used AVG free for 20 years+ and it has caught everything. Also use TeamViewer and AVG has no effect on it.
Click to expand...
Have you deemed it necessary to use AVG's AVG Secure Browser, or do you just use your own and AVG still serves enough purpose/value based on its other ways of protecting?

I love what I'm reading about it so far but don't think I would want to attempt switching my parents to a new browser.
We've built heavy dependencies around their familiarity/use of Chrome and Google Profile.
 
Has anyone used this?

AVG Online Security browser extension

Might it be recommended for least sophisticated users to protect them from themselves while using Chrome?
 
I use free avg also, but stick with chrome, not the avg browser, which looks pretty much the same.
You can also use Trendmicro av scanner. One off download and run. It is called Housecall.

HouseCall

Don’t let your system get infected. Detect and remove viruses, worms, spyware, and other malicious threats for free. Start your free scan – it’s easy.
www.trendmicro.com www.trendmicro.com
 
Gasman said:
I use free avg also, but stick with chrome, not the avg browser, which looks pretty much the same.
You can also use Trendmicro av scanner. One off download and run. It is called Housecall.

HouseCall

Don’t let your system get infected. Detect and remove viruses, worms, spyware, and other malicious threats for free. Start your free scan – it’s easy.
www.trendmicro.com www.trendmicro.com
Click to expand...
Ok thanks!
 
Isaac said:
Somehow, they are getting virus pop ups already. (Screenshot below, I'm fairly sure the McAfee reference is just part of the virus lie).
Click to expand...
For me this just looks like a pop up begging the user to install malware.
These types of pop ups are often on suspicious websites, but they sometimes are also delivered as "advertisements" on any kind of website. - The latter has become very rare as ad-platforms vet advertisers and their ads more thoroughly, but it still happens occasionally.

I don't think this pop up indicates any problem whatsoever!

I would make sure your parents don't use an account with administrator permissions, make sure Windows Defender is enabled, and then leave it there.
 
I agree, and if they do not have Mcafee, then that is a big clue.
Hell, my sister even calls me when AVG wants to update. :)
 
If you get a popup like that saying scan for viruses, then do scan for virus, but don't click the popup. Instead, open the virus scanner itself in the usual ways.

I've used HouseCall plenty of times myself. Its good.

Bleeping Computer is a great place for help on viruses. They have a really useful forum full of helpful members. This forum section is most relevant:

www.bleepingcomputer.com

Virus, Trojan, Spyware, and Malware Removal Help Forum

Virus, Trojan, Spyware, and Malware Removal Help: One of the last bastions of computer security warriors and healers. Bring your troubled PC here for top-of-the-line help with Malware Analysis and Removal by our trained professionals. This forum is only for those seeking aide with Malware...
www.bleepingcomputer.com www.bleepingcomputer.com
 
I kind of knew the popup was a scam. Where I felt my certainty was lower was whether it was just a simple webpage popup (meaning ignore it and there is nothing else to do, except educate them IF they got the popup by going to a weird site mimicing an official site)...........Or, if the popup was outside of their browser, indicating something has attached to their computer.

Admittedly I haven't examined it myself yet. Hopefully like has been said it's just a harmless popup on a webpage.
I suspect it's from something like for example they love The People's Pharmacy. Which is an alt-medicine research type whistleblower sort of content - has a lot of really good stuff, but I wouldn't be surprised if the folks who advertise on their webpages are quite dodgy.

Thanks all for the advice, I appreciate it a lot. Hope to do a tech session with them .. maybe tomorrow. Wife is sick with covid at the moment.
I had gotten the recent booster, she did not. This is her 4th day ill, but I'm believing for health real soon!
 
Well I conducted the tech session with my parents. The "you are infected/McAfee" popups begin appearing as soon as Chrome is open and I go to pretty much any website. They stack vertically on the right side, and they appear to be Windows notifications; thus, whatever this thing is has the capability of generating Windows notifications under the "Chrome" category. It is possible to disposition them via the standard X, but they tend to keep coming.

They have no Chrome extensions and secure browsing is set to the default.

I downloaded and installed AVG. After a Quick Scan, it found nothing. I then set it to Boot Scan and rebooted the laptop. After it finished scanning, it claimed to have quarantined about 8 files, including something about 'html' and something with "*Notif*" in the file name, and something that AVG appeared to have labelled [TRJ]. It didn't appear to me there was anything left to "do" on my part, I just thanked AVG, reviewed the results, left them all in quarantine.

Feeling pretty happy about all that, I reopened Chrome and went to CNN. All the popups came back again!

It was actually at that stage I noticed they were Windows [Chrome] Notifications, so I clicked the ellipsis button and chose "Turn off Notifications for Chrome". This worked beautifully, in the sense that, the problem is no longer visible nor annoying. Unfortunately, I'm pretty certain I didn't really solve the problem and I acknowledged the same to them, promising another session soon (by that time we were at the 1 hr mark).

I left AVG installed with all defaults in place.

What would your next step be if you were me? A super long AVG Deep Scan? TrendMicro Housecall? Something else?
 
Housecall.
Plus malwarebytes mbam
 
The good news is they probably haven't created a ton of content, a fresh install from the partition should be no biggie. That would give them the out of the box experience again. Good luck, hopefully things will work out.
 
It sounds like a Chrome infection. I've had the same problem myself in the past.

This link might help: https://support.google.com/chrome/answer/3220216

Choose the block popups from a site.

It could be adware that you are suffering from.

www.malwarebytes.com

Adware - What is Adware and How to Remove Adware

Adware is a type of malicious software that displays unwanted advertisements on your device, often in the form of pop-ups or banners. Click here to read more and get rid of adware.
www.malwarebytes.com www.malwarebytes.com
 
Use whatever you have to go back to a factory install.

I use PC matic. It works well. It is made in the US. It is not free. When you go with "free", YOU are the product.
 
If you haven't deleted your original hidden partitions, you don't need any special software to access it. Windows has built in apps to restore your computer to its factory settings.
 
AccessBlaster said:
If you haven't deleted your original hidden partitions, you don't need any special software to access it. Windows has built in apps to restore your computer to its factory settings.
Click to expand...
This went right over my head. I have always wanted to be one of the cool kids that talk about partitions but have never achieved it :p
Can you explain.

That is, if you mean something different than the built in "reset this PC" type of thing that I know how to do in windows (basically Start menu then look for factory reset)
 
You must log in or register to reply here.

Similar threads

V
Form don't load on laptop
Replies
11
Views
296
The_Doc_Man
The_Doc_Man
G
Windows 11 regional separator character generates access query errors
Replies
2
Views
146
Pat Hartman
P
A
Using a Windows 10/11 client computer as a 'quasi server' for other client computers.
Replies
10
Views
1,578
AHeyne
A
A
Off Premise Access to a windows 10 Computer.
Replies
6
Views
459
access2010
A
B
direct remote access question
Replies
14
Views
420
gemma-the-husky
gemma-the-husky

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Back
Top Bottom