Nov. 30th, 2012

bobquasit: (Default)
I don't know if anyone else is likely to end up fighting the SweetIM malware infection, but if you do, it's a real bitch. I had to clean it out of my mother-in-law's desktop recently, and it was NOT fun. On the off chance that you have to deal with it some day, here's how I killed it.

First, I installed Malwarebytes and ran scans. I had to run separate scans for every account on the system.

This was a Windows XP system, by the way, and it had some decent antivirus stuff installed. My best guess is that the infection was picked up from a free game site, by the way. Remember, always browse wisely!

Anyway, after I used Malwarebytes to get rid of the infection in all of the accounts, I still had to go into each browser (Firefox and Internet Explorer) and fix them; SweetIM had changed the home page and default search engine in each one. I changed the homepages from the SweetIM homepage, (a sure source of infection), and changed the search engine from the SweetIM search tool, which also comes with free infections.

Even so, I ended up having to completely reset Firefox on her primary account. SweetIM is a hellishly stubborn infection.

And after all that, I happened to notice that there was still a link on the desktop of one of the accounts to something called "search the web". Which, when I checked the properties, turned out to be - you guessed it - another SweetIM infection point.

These people are evil, evil, evil. I'm tempted to call for the death penalty for malware writers.

After that I did some housekeeping, including updating Firefox and installing Chrome, and now the system looks fine. But man, what a nasty piece of malware! Killing it took about two to two-and-a-half hours of my time. If there was justice in this world, I would be able to collect payment for that time out of the hide of the SweetIM people.

Plus damages. Lots of damages.

April 2017

S M T W T F S
      1
2345678
9 10 11121314 15
16171819202122
23242526272829
30      

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated May. 28th, 2017 03:04 pm
Powered by Dreamwidth Studios