At some point on the weekend, my son installed malware on his PC. It seems to have come from one of those fake pop up "your infected" ads, advising the user that they need to install a virus scanner update or registry cleaner.
I run the free version of AVG Free Anti-virus on all our PCs and, for the most part, they've been protected well enough. This sucker got past it.
A few of the symptoms were:
- being redirected, at random, to other sites while surfing the web
- pop-ups advising you that there's a problem you need to address with an update
- general sluggishness of the PC
After 4 hours of trying to clean it using AVG and manually deleting what didn't seem like it belonged, I did a search on one of the pop-ups. One that told me to install "Registry Defender".
I came across a forum posting where someone had a similar problem, and the suggestions were to install a freeware program called Malwarebytes Anti-Malware.
I gave it a try. Although it probably wasn't necessary, I decided to reboot into Safemode first before running it. It found 36 infected areas. Files and registry entries.
I let it do its thing and rebooted. Then I scanned it again. It found 4 more entries. Again, cleaned, rebooted. Another 4 found. Repeat. 2 more. Repeat. Clean. Reboot. Still clean.
Don't put all your trust in your anti-virus software.