![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Entry unlocked and public so that maybe there's something that can be found that wasn't planted by the people who produced the thing.
So, I've now scanned my computer with AVG, Adware Cleaner, Hitman Pro, Malwarebytes, and Junkware Removal Tool, and STILL couldn't get the thing out of my system.
Since it was only popping up in Chrome that I can recall -- the reason that I knew immediately that it was malware was that it gave me a Chrome popup saying that I needed to update Flash, and Chrome doesn't work that way -- I've uninstalled Chrome. I'm probably going to have to uninstall Opera 29, which is a Chromium browser these days, and behaves much the same way (with the exception that it doesn't have embedded Flash update, which means more people using Opera probably get deceived by the message redirecting them to newalways.onlineupdate.com).
I also tried Google's own Software Removal Tool. Unfortunately, as far as I can tell, their own tool doesn't work if you don't actually have Chrome on your system. It immediately came back with a "no program found" message. I might need to reinstall Chrome to get it to remove malware from Chrome, which is more irony than I'm prepared to deal with at the moment.)
After that I also tried Kaspersky's Spyware Removal tool, but that didn't find anything either. So hopefully uninstalling Chrome got rid of it.
It's pretty clear that almost all of the information out there on the web about this is planted by the people who produced this thing. It all uses almost exactly the same wording.
Interesting thing to note: almost every single page that talks about how to remove it refers you to Spyhunter by Enigma Software. Every. Page. I would not myself go anywhere near that program. As far as I can tell, it isn't well reviewed -- much less well reviewed than the ones I've already tried. And, well ... once again: Every. Page. Additionally, as far as I can tell from the reviews, what does happen if you install the free version of the software is that it identifies malware on your system, but refuses to remove it unless you purchase the upgraded license. People understandably feel like they're being held hostage.
I did find one page with what seemed to be a relatively vendor neutral approach at Malware Tips. That said, I'm not linking it because the site itself is getting wildly divergent reviews; the AVG review of the site seems to be fairly clear that the site isn't quite what it seems, while the Norton review says it's a pretty good site. And there's nothing wrong with the information it gives on this, although it doesn't quite work.
That said, before I saw the reviews of the site, the advice it gave didn't seem slanted to one specific vendor -- it recommends tools from a variety of vendors -- and reasonably sound. Didn't work, but the advice actually made sense. The links to programs are all to the vendor sites, and it's always possible to simply go to the places it recommends on your own without following its links, which is what I did. The only even slightly uncomfortable thing it recommends -- loosely -- that you install that I was a bit dubious about (and didn't install) was Revo Uninstaller. That program is well reviewed in general, but since I can't see anything to uninstall, I can't see how it would help. (That said, I did remove K-Lite Codec Pack, which I think may have brought the malware into my system, and shredded the installers. If I'm wrong, I can always pick them up again later. I'm also going to install Glary Utilities, to see if it can do anything. There may be some registry schmutz that needs cleaning up.)
Anyway, hopefully it's gone. I'm going to stay Chrome-free for a while to see what happens. Hopefully it doesn't comeback.
So, I've now scanned my computer with AVG, Adware Cleaner, Hitman Pro, Malwarebytes, and Junkware Removal Tool, and STILL couldn't get the thing out of my system.
Since it was only popping up in Chrome that I can recall -- the reason that I knew immediately that it was malware was that it gave me a Chrome popup saying that I needed to update Flash, and Chrome doesn't work that way -- I've uninstalled Chrome. I'm probably going to have to uninstall Opera 29, which is a Chromium browser these days, and behaves much the same way (with the exception that it doesn't have embedded Flash update, which means more people using Opera probably get deceived by the message redirecting them to newalways.onlineupdate.com).
I also tried Google's own Software Removal Tool. Unfortunately, as far as I can tell, their own tool doesn't work if you don't actually have Chrome on your system. It immediately came back with a "no program found" message. I might need to reinstall Chrome to get it to remove malware from Chrome, which is more irony than I'm prepared to deal with at the moment.)
After that I also tried Kaspersky's Spyware Removal tool, but that didn't find anything either. So hopefully uninstalling Chrome got rid of it.
It's pretty clear that almost all of the information out there on the web about this is planted by the people who produced this thing. It all uses almost exactly the same wording.
Interesting thing to note: almost every single page that talks about how to remove it refers you to Spyhunter by Enigma Software. Every. Page. I would not myself go anywhere near that program. As far as I can tell, it isn't well reviewed -- much less well reviewed than the ones I've already tried. And, well ... once again: Every. Page. Additionally, as far as I can tell from the reviews, what does happen if you install the free version of the software is that it identifies malware on your system, but refuses to remove it unless you purchase the upgraded license. People understandably feel like they're being held hostage.
I did find one page with what seemed to be a relatively vendor neutral approach at Malware Tips. That said, I'm not linking it because the site itself is getting wildly divergent reviews; the AVG review of the site seems to be fairly clear that the site isn't quite what it seems, while the Norton review says it's a pretty good site. And there's nothing wrong with the information it gives on this, although it doesn't quite work.
That said, before I saw the reviews of the site, the advice it gave didn't seem slanted to one specific vendor -- it recommends tools from a variety of vendors -- and reasonably sound. Didn't work, but the advice actually made sense. The links to programs are all to the vendor sites, and it's always possible to simply go to the places it recommends on your own without following its links, which is what I did. The only even slightly uncomfortable thing it recommends -- loosely -- that you install that I was a bit dubious about (and didn't install) was Revo Uninstaller. That program is well reviewed in general, but since I can't see anything to uninstall, I can't see how it would help. (That said, I did remove K-Lite Codec Pack, which I think may have brought the malware into my system, and shredded the installers. If I'm wrong, I can always pick them up again later. I'm also going to install Glary Utilities, to see if it can do anything. There may be some registry schmutz that needs cleaning up.)
Anyway, hopefully it's gone. I'm going to stay Chrome-free for a while to see what happens. Hopefully it doesn't comeback.
Tags: