***Windows Virus and Malware Removal***

G

Guest

Guest
There have been enough posts lately regarding how to cleanup an infected PC.
I do this stuff every day. In most cases, it is NOT necessary to reformat and reinstall Windows, but there are some instances when that can be the path of least resistance.

With all of that in mind, here are some straightforward instructions to help you to diagnose and fix common problems with Malware and Viruses.

These instructions apply to Windows-based machines only. All linked software is free.

All of these operations should be run from Windows Safe Mode With Networking, and the computer should be connected via Ethernet cable to the Modem or Router. If you're on dial-up, I have no means of helping you. You need professional counseling.

<span style="font-weight: bold"><span style="text-decoration: underline">Restoring Internet Connectivity:</span></span>
In some cases, the infected machine cannot access the Internet, because the infections have altered system configurations in such a way as to prevent access to resources to remove the problems.
In these cases, it may be necessary to have another computer with Internet access and a USB flash drive. However, be advised that some rootkit infections set themselves up to infect removable drives and then configure themselves to spread when connected to another PC. It's best to use a drive that has a manual write lock, or at least use one that doesn't have anything important on it.

(Edit) - <span style="color: #009900">See ArcticLight's post below on how to reset Internet Explorer's defaults. This may cure the connection problem easily and quickly.</span>

One quick fix to get back Internet access is to check to make sure that the bug hasn't configured the machine to use a false proxy server.

Go to the Control Panel > Internet Options and look under the Connections tab. Click LAN Settings and make sure that there is NOT a check by the option to use a proxy server.

Another common trick of infections is to alter the Windows Networking configuration of LSP's (Layered Service Providers), or Winsock stacks.
Don't worry about the technical stuff here. Just do the following.

<span style="text-decoration: underline">Windows Vista and Windows 7</span>
Go to Start -> Programs -> Accessories -> right click on the Command Prompt and choose Run as administrator.
Type <span style="font-weight: bold">netsh winsock reset</span> in the Command Prompt window, and then press the Enter key.
Restart the computer.

<span style="text-decoration: underline">Windows XP</span>
Go to Start -> Run
Type cmd and press Enter
Type <span style="font-weight: bold">netsh winsock reset</span> in the Command Prompt window, and then press the Enter key.
Restart the computer, IN SAFE MODE with Networking again.

Others will re-write the HOSTS file to block access to search engines and security sites. http://en.wikipedia.org/wiki/Hosts_file

Check to see if Internet Connectivity is restored by opening the Browser and going to www.google.com

If the Internet works, let's proceed. If not, you'll need that USB drive.

Once again, booted to Safe Mode With Networking, do the following:

1. <span style="font-weight: bold">Disable System Restore</span> - Windows XP - Vista/Windows 7

2. <span style="font-weight: bold">Download, Install, and Run Malwarebytes</span> from http://www.malwarebytes.org/ If no Internet, then get the program on a USB drive and install it from there.
Run a full scan and remove everything it finds.

(Advanced users can expedite the scan by manually deleting temp files and temporary Internet files before scanning.)

3. <span style="font-weight: bold">Reboot</span> when prompted and run another scan from Safe Mode.

4. <span style="font-weight: bold">Download, install and update Microsoft Security Essentials</span> from http://www.microsoft.com/security_essentials/
Once updated, run a Full Scan and remove whatever it finds.

5. <span style="font-weight: bold">Reboot and scan again</span> to maker sure the machine is clean. You'll want uninstall all other antivirus programs.

At this point, most machines have been cleaned up, but some just don't go this easy.

A powerful tool called Combofix can help with some of the nastiest infections out there, called rootkits.
http://www.combofix.org/download.php

If Combofix, Malwarebytes, and MSE don't have you fixed up, you're ready for professional help or a full reinstall. Yeah, there's more you <span style="font-style: italic">could</span> do, but from my experiences, you're fighting a losing battle.

When finished, you can turn System Restore back on. It's almost completely useless, but go ahead and do it anyway.

For Advanced users, two more great tools are available for free from Microsoft's Sysinternals site.
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

The first one, Autoruns, shows you every single file that loads when when your computer starts up. Since and infection must load in order to run, it will be there. But some have creative ways of disguising themselves as either hardware drivers or legitimate system processes, so you really have to develop a nose for what to look for.

You can also export the results to text file and send them to people like myself and other helpful souls here who may be able to tell you what items to turn off.

Process Explorer, the second utility, can help to shut down malicious processes and regain control of the system in order to proceed with the steps outlined above. But again, the truly nasty ones, have a way of hiding themselves from this utility as well.

Another great way to get the upper hand is to remove the infected drive from the machine and scan it with another machine with both utilities mentioned above.

Going even further, there are ways to recover saved clean copies of the Windows registry hives and restore them, replacing the corrupted ones. That's over the heads of most users and some techs.
_________________________________________________

<span style="font-weight: bold">Going Forward - Proactive Protection</span>

I could write all night and still not cover all of the possible ways to clean up a system, but the above will get all but the worst of them.

An ounce of prevention......

Here are some steps that you can take in order to protect against future infections:

<span style="font-weight: bold">Get a watchdog:</span> WinPatrol is a free utility that monitors changes that create new startup entries. It will place itself between the new startup item and you and prompt you to authorize the entry.
http://www.winpatrol.com/
It also features tabs for reviewing startup items and toggling them on or off.

<span style="font-weight: bold">Browse more safely:</span>
Firefox + Adblock Plus + Flashblock = a much safer and more pleasant browsing experience.
<span style="font-weight: bold">
Use DNS filters</span>. DNS filters block known malicious sites from ever making it to your browser's window.
Go to https://www.opendns.com/start and choose the free basic service, or you can pay for more advanced services like family content protection, etc.

<span style="font-weight: bold">STOP slumming!</span> This means porn sites, poker sites, free games, free cutesy screensavers with dancing bunnies, and third-grade level file-sharing software like Limewire.
The Internet is no different than any good-sized city in the world. There a tourist areas and there are dangerous areas. Use some common sense.

<span style="font-weight: bold">Alt + F4</span>: The key combination of Alt + F4 can save your butt better than a backup .380 strapped to your ankle. If you get a questionable pop-up or prompt (typical of fake antivirus scams), DO NOT CLICK ANYTHING! Not even Cancel or the Red X.

Instead, use Alt + F4 and close every window that's open.
Immediately reboot the computer and tap F8 for the startup options menu. Choose "Last Known Good Configuration".
Then run a full antivirus scan.

_________________________________

More information:

Sometimes Norton Antivirus doesn't properly uninstall. It's crap software. What do you expect?
Luckily, Symantec has recognized this problem and they now offer removal utilities.
http://service1.symantec.com/support/tsgeninfo.nsf/docid/2005033108162039

Antivirus and Security tools change. At times, I have recommended AVAST!, AVG, Symantec, Spybot Search & Destroy, Adaware, and others.

As of this writing, my top recommendations are Malwarebytes and Microsoft Security Essentials, linked above. Both are free, and they do excellent jobs.

IF you're going to scratch that file-sharing itch, then by all means learn how to do it the right way and the safe way.

Bit torrents and binary Usenet can be complicated to master, but that their complexity means that the stupid users aren't there in the heavy numbers like they are with the automated P2P's like Limewire.
Better yet, support bands and artists that like Radiohead that have kicked the RIAA to the curb and have taken the bold step of selling their product for market driven prices.
 
G

Guest

Guest
Re: ***Windows Virus and Malware Removal***

Now come the obligatory, "I use blah, blah, blah, and it works great" posts.

Good for you.
wink.gif
 

High Binder

Resident Tribologist
Full Member
Minuteman
Jun 18, 2008
502
19
Occupied Colorado
Re: ***Windows Virus and Malware Removal***

Obligatory "Great post!" I drop into safe mode all the time but I have no idea about safe mode with networking, what's the difference?
 
G

Guest

Guest
Re: ***Windows Virus and Malware Removal***

Safe Mode with Networking allows you to still use the Internet from Safe Mode.
 

High Binder

Resident Tribologist
Full Member
Minuteman
Jun 18, 2008
502
19
Occupied Colorado
Re: ***Windows Virus and Malware Removal***

<div class="ubbcode-block"><div class="ubbcode-header">Originally Posted By: tucker301</div><div class="ubbcode-body">Safe Mode with Networking allows you to still use the Internet from Safe Mode. </div></div>

Ah that's what I figured but wasn't sure. I was always afraid that by loading the networking drivers I could possibly be loading the very things I was trying to destroy. I would love to get my hands on just one little virus making punks. Long slow death...
 
G

Guest

Guest
Re: ***Windows Virus and Malware Removal***

I'm afraid the days of kids writing viruses to cause mischief are long gone.

The new stuff is about money, and lots of it.

The fake antivirus scams have made millions, I'm sure. And ID theft is so rampant that I hear you can buy stolen credit cards on the black market for a about $2 each.
 

Switchblade

muf kin poser
Full Member
Minuteman
Re: ***Windows Virus and Malware Removal***

<div class="ubbcode-block"><div class="ubbcode-header">Originally Posted By: tucker301</div><div class="ubbcode-body">Now come the obligatory, "I use blah, blah, blah, and it works great" posts.

Good for you.
wink.gif
</div></div>


I think the only individual that could even think about countering that would be Arctic Light and experience may dictate his agreement. Solid info!
 

phantasm

Sergeant
Full Member
Minuteman
Apr 1, 2004
469
75
WV
Re: ***Windows Virus and Malware Removal***

Good post tucker. I don't do as much virus removal anymore since I got off of desktop support. But your suggestions are spot on and simple to follow. Good work!
 

snewhouse

Sergeant
Full Member
Minuteman
Jan 31, 2010
138
0
59
orange county ca
Re: ***Windows Virus and Malware Removal***

Awesome post tucker, Well thought out and spot on. I hope you don't mind but I copied it and emailed to a few of my buddies who seem to be forever wading thru the dangerous parts of the internet world.
 

Switchblade

muf kin poser
Full Member
Minuteman
Re: ***Windows Virus and Malware Removal***

WOW! That shit killed every kiddie land error message from the stuff I deleted from this thing when the kids were using it for those free game sites. Since Panty 6 and I don't slum....well FB to keep up with friends and family...this thing had some errors from kid games. Gone!
Out fucking Standing!
 
G

Guest

Guest
Re: ***Windows Virus and Malware Removal***

Glad it helped. I'm a novice shooter with 30 years tenure, so I figured I could contribute in some other way.

I'd love for Arctic Light to review the procedures and add whatever he feels is helpful.

The thing with these various infections is that if you made a flow chart on solving every possible issue, the damned thing would be gargantuan. The above will do well for most PC's, even those that don't seem to be all that messed up.

You'd be surprised what's lurking on a computer that you otherwise thought was clean.
 
G

Guest

Guest
Re: ***Windows Virus and Malware Removal***

<div class="ubbcode-block"><div class="ubbcode-header">Originally Posted By: usmc80</div><div class="ubbcode-body">I hope you don't mind but I copied it and emailed to a few of my buddies who seem to be forever wading thru the dangerous parts of the internet world.
</div></div>

Just don't share it with any of my regular customers, and we're good
wink.gif
 

ArcticLight

Sergeant
Full Member
Minuteman
Mar 27, 2003
963
22
Silverdale, WA
Re: ***Windows Virus and Malware Removal***

Tucker's right on the money, that's the basic stuff.

The one thing ya forgot Tucker - IE 7 and IE8 have a RESET button finally - restores the browser settings/registry back to default settings - these get changed by malware to take you to bad sites or deny you access without looking at their ads....or spyware...

Control Panel - Internet Options - Advanced Tab - Reset button is on the bottom right.


When cleaning a computer from a virus I use Registry Clean Pro - or after a Microsoft UNINSTALL LOL....

I use the AUTORUNS and PROCESS EXPLORER but they are more advanced tools.

Microsoft has that root kit removal ("Malicious software removal tool" - USE IT!

A bit more advanced stuff if you are somewhat computer savvy - otherwise ignore:

I'd go so far as to fill my host files with known spam sites, virus sites etc - Tucker knows what i'm talking about.

Windows looks in a file called HOSTS on your hard drive when you browse to a site. If the site is not there it t hen contacts a DNS server specified by your ISP.

If I made this entry, Snipershide would no longer come up for me, because it would be looking on my local computer:

snipershide.com 127.0.0.1

So what you do is put all know advertisers in the host file and route to your local connection, (internal IP) 127.0.0.1

If I put this entry in:

ads.doubleclick.net 127.0.0.1

voila, ads.doubleclick.net will never show you another ad, just a red x.




This is a link to YOUR host file - many viruses will put entries in here, NOTHING but "localhost" should be here so verify by clicking here:

These links may not work, if they do not click START, RUN, and paste this in and hit OK

notepad c:\windows\system32\drivers\etc\hosts

Windows Host file
Host file on YOUR computer

Open with notepad if it asks and be VERY careful not to take out "localhost"

It should look EXACTLY like this:

<span style="font-weight: bold">
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
</span>
 
G

Guest

Guest
Re: ***Windows Virus and Malware Removal***

Yessir.
Filtering via HOSTS file is quick, easy, and effective.

You can also download pre-configured HOSTS files that have most of the ads and junk already blocked out for you.
http://www.mvps.org/winhelp2002/hosts.htm

The only problem I have with these is they are not as dynamic as Adblock Plus and Open DNS. They don't update themselves when new sites come out. But they do a nice job, nonetheless.

Thanks for the additional information!
 

MikeeBooshay

Recoil Sponge
Full Member
Minuteman
Aug 31, 2009
954
8
Houston TX and Hackberry LA
Re: ***Windows Virus and Malware Removal***

How timely this is, the wifes laptop has some damn virus ware on it today, everything I tried, it tells me that it is infected and do I want to sart my virus software, for a measly 69 bucks!!!!!

Can't start it in safe mode, can't get cmd to run.... me thinks I need a professional...

Meanwhile, my 5 year old laptop, that I pretty much follow all the " I wouldn't do that if I were you rules" keeps on keeping on. Wife is however an internet rookie and will click on anything on the screen.....

I'd kick some hacker/virus bitch ass today too...
 
G

Guest

Guest
Re: ***Windows Virus and Malware Removal***

Mikee, you have picked up one of the many various fake antivirus scams out there.
I have seen some that will not allow you to start in Safe Mode. The computer will either hang or automatically reboot when you try to do it.

The bug has basically locked you out of your own system and is holding it for ransom.
This brand of Malware is actually called "Ransonware" for this reason.

You may be able to copy Combofix to a thumb drive and then transfer it to the laptop at C:\. If it won't run, you may have to rename it to something else like Combofix234.exe and try again.

If you take that route, I'd also download Malwarebytes, MSE, Autoruns, and Process Explorer and copy them over as well.

Another and probably easier route to take would be to pull the hard drive and mount it in an external adapter, then scan it with another computer with updated antivirus and Malwarebytes.

Depending on which OS you're using, other options may be available.
 

Bryan27

Sergeant
Full Member
Minuteman
Jul 31, 2007
665
0
42
Tennessee
Re: ***Windows Virus and Malware Removal***

<div class="ubbcode-block"><div class="ubbcode-header">Originally Posted By: tucker301</div><div class="ubbcode-body">Mikee, you have picked up one of the many various fake antivirus scams out there.
I have seen some that will not allow you to start in Safe Mode. The computer will either hang or automatically reboot when you try to do it.

The bug has basically locked you out of your own system and is holding it for ransom.
This brand of Malware is actually called "Ransonware" for this reason.

You may be able to copy Combofix to a thumb drive and then transfer it to the laptop at C:\. If it won't run, you may have to rename it to something else like Combofix234.exe and try again.

If you take that route, I'd also download Malwarebytes, MSE, Autoruns, and Process Explorer and copy them over as well.

Another and probably easier route to take would be to pull the hard drive and mount it in an external adapter, then scan it with another computer with updated antivirus and Malwarebytes.

Depending on which OS you're using, other options may be available.


</div></div>
Great thread! Especially for those of us that only know how to hit the on button and get on the internet.

I just picked up this new laptop two weeks ago, once I decided that my 10 year old desktop was outdated.
smile.gif
It's like a caveman discovering fire! Anyways, I was talking to my Dad after I bought it and he said he had bought a 3 pack of McAfee and only needed it for two computers so he loaded the extra copy on my computer. I assume McAfee is good? But, that very night I kept getting pop ups that looked like some antivirus software telling me I had all sorts of infected files on my new computer, "URGENT", download now for only $69 and we'll fix this etc. Every 2-3 minutes a pop up. My quick search wasn't taking me to google, it was routing me to some other BS search engine. I went directly to google and searched the name of the pop up, can't remember the exact name right now, but it returned a lot of helpfull information. One thing it did do was disable McAfee, which is kinda ironic to me. Anyways, the website I found via google had good instructions on how to get rid of the virus it seems. I had to download something called Malwarebytes and hostsperm, never heard of either and was concerned that it was just another virus, but it apparently worked. Anything else you can think of that I maybe should do? IIRC Malwarebytes found 788 corrupted files on my computer that was only a day old.
 
G

Guest

Guest
Re: ***Windows Virus and Malware Removal***

<div class="ubbcode-block"><div class="ubbcode-header">Originally Posted By: Bryan27</div><div class="ubbcode-body">Anything else you can think of that I maybe should do? IIRC Malwarebytes found 788 corrupted files on my computer that was only a day old. </div></div>

Dump McAfee and install Microsoft's free antivirus from the link above. Run a fulls can after it's updated.

Going forward, using the pre-packaged HOSTS file from the link above would be helpful, and switching to Firefox with Adblock Plus and Flashblock can help prevent further hijackings.
 

Bryan27

Sergeant
Full Member
Minuteman
Jul 31, 2007
665
0
42
Tennessee
Re: ***Windows Virus and Malware Removal***

Will do, thanks. One question I had when I got this computer is since they give you a free 6 month antivirus subscription, can you have two antivirus programs at the same time? I figure it's probably pointless, but I really don't know much about computers. What exactly is firefox?

EDIT

Disregard the firefox question, I just installed it with the flashblock and the adblock then tested it over on photobucket. Photo bucket has always been a pain in my ass with all the ads that pop up every time you move the mouse that I stay away from it for the most part, now none of that even shows up. THANK YOU!!! I take it I'd be ok to delete internet explorer?
 
G

Guest

Guest
Re: ***Windows Virus and Malware Removal***

Bryan,
Use only one antivirus at a time.
You can dump IE, but it's not necessary. I use it sometimes, of Firefox has problems rendering a site. Also need it to visit the Windows Update site.
 
G

Guest

Guest
Re: ***Windows Virus and Malware Removal***

Also Bryan,
At a day old, it may be best to simply reset that new laptop to factory original condition.

Should have come with either a recovery partition or disks to accomplish that. Check your manuals.
 

The Mechanic

Gunny Sergeant
Full Member
Minuteman
Sep 9, 2006
1,927
8
San Diego County Ca.

MikeeBooshay

Recoil Sponge
Full Member
Minuteman
Aug 31, 2009
954
8
Houston TX and Hackberry LA
Re: ***Windows Virus and Malware Removal***

Tucker, my man, thanks so much!

Downloaded Combofix to a chip drive, snuck it open before the virus launched, I think malwarebytes might have had a chance if I could have got it going before the thing launched. ANyway, combofix got it cleaned up, and she is back up and clicking happily again.

I'm not an IS guy, some of the combofix stuff scared me a little, but apparently I made the correct choices. Having my laptop open to the site, with the usage guide was big plus too.

Thanks again!
 
G

Guest

Guest
Re: ***Windows Virus and Malware Removal***

Good deal, Mikee.
You should still run a pass of Malwarebytes to make sure everything is cleaned.
 

shooter65

General
Banned !
Minuteman
  • Jun 19, 2004
    7,243
    49,393
    57
    Indiana
    Re: ***Windows Virus and Malware Removal***

    what do you do if this keeps popping up?

    says - C:\windows\explorer.exe

    application not found.

    also says task manager has been disabled by admin.
     

    ewoaf

    Gunny Sergeant
    Full Member
    Minuteman
    Jan 25, 2009
    1,458
    89
    Albemarle VA
    beaurobbins.com
    Re: ***Windows Virus and Malware Removal***

    thanks tucker, I've been running spybot s&d, with AVG at the recommendation of a supposedly computer savy friend of the wife (who I think is a tard). I uninstalled all that jive and ran through the steps you outlined in the OP. Cleaned out 4 0r 5 critters.
     
    G

    Guest

    Guest
    Re: ***Windows Virus and Malware Removal***

    shooter65,
    Sorry I couldn't be more help on the phone and via PM's.
    Sometimes I just need to put my hands on them to get ahead of the virus.
    Yours is a particularly nasty one, because it changes group policies and essentially locks you out of your own computer.

    That is an OLD computer. If you've got some extra cash, you may want to consider a new one while you're backing up files and all anyway.

    I watch techbargains.com for the best deals.
    Their RSS page is easier to read.
    http://www.techbargains.com/rss.xml
     

    Swan

    Sergeant
    Full Member
    Minuteman
    Mar 8, 2009
    549
    3
    San Diego, CA
    Re: ***Windows Virus and Malware Removal***

    Here is the real solution to all of your problems, grab a credit card and click here:

    http://www.apple.com/imac/

    Best purchase you will ever make. Kiss all those pesky lil viruses and malwares goodbye. Forever.

     
    G

    Guest

    Guest
    Re: ***Windows Virus and Malware Removal***

    <div class="ubbcode-block"><div class="ubbcode-header">Originally Posted By: Swan</div><div class="ubbcode-body">Kiss all those pesky lil viruses and malwares goodbye. Forever.
    </div></div>

    Don't confuse obscure with secure.
     

    shooter65

    General
    Banned !
    Minuteman
  • Jun 19, 2004
    7,243
    49,393
    57
    Indiana
    Re: ***Windows Virus and Malware Removal***

    I think it has seen better days. Time for a new one. Thanks for all your help.


    <div class="ubbcode-block"><div class="ubbcode-header">Originally Posted By: tucker301</div><div class="ubbcode-body">shooter65,
    Sorry I couldn't be more help on the phone and via PM's.
    Sometimes I just need to put my hands on them to get ahead of the virus.
    Yours is a particularly nasty one, because it changes group policies and essentially locks you out of your own computer.

    That is an OLD computer. If you've got some extra cash, you may want to consider a new one while you're backing up files and all anyway.

    I watch techbargains.com for the best deals.
    Their RSS page is easier to read.
    http://www.techbargains.com/rss.xml </div></div>
     
    G

    Guest

    Guest
    Re: ***Windows Virus and Malware Removal***

    Here is a brief explanation on how the Fake Antivirus programs operate.

    <object width="425" height="350"> <param name="movie" value="http://www.youtube.com/v/2DzBdhqB73I"></param> <param name="wmode" value="transparent"></param> <embed src="http://www.youtube.com/v/2DzBdhqB73I" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"> </embed></object>
     

    SmokinAce

    Sergeant
    Full Member
    Minuteman
    Feb 9, 2010
    621
    0
    AZ
    Re: ***Windows Virus and Malware Removal***

    Great post but about 2 days behind in finding it. Rebuilding the work PC as I type. Somehow something got through and it was a nasty bugger. It was one of those I was tired of chasing so time to cut my losses and reformat. Fake AV and I clicked nothing as I have seen a million of these but somehow something got through.
     

    Longrange****

    Old Hat Sergeant
    Full Member
    Minuteman
    Sep 24, 2006
    672
    0
    Mille Lacs, MN
    Re: ***Windows Virus and Malware Removal***

    I tried to read through this but its way over my head....I have Trend Micro is it worth a crap? Ive had it for a year now and will need to pay for it again soon......

    Sorry for the dumb question....computers arent my thing...
     
    G

    Guest

    Guest
    Re: ***Windows Virus and Malware Removal***

    Trend Micro is fine.
    Microsoft security Essentials is free and probably just as good.
     

    Shootinsurveyor

    Sergeant
    Full Member
    Minuteman
    May 30, 2009
    250
    41
    41
    VA
    Re: ***Windows Virus and Malware Removal***

    Good post, maybe should be made into a sticky or something
     

    mtstcon

    Private
    Full Member
    Minuteman
    Jan 14, 2003
    65
    0
    WY
    Re: ***Windows Virus and Malware Removal***

    tucker301,
    Thank you so very much!!! I was about to give up, and this really was a simple fix.
     

    UKDslayer

    Private
    Supporter
    Full Member
    Minuteman
  • Jan 29, 2005
    1,636
    2,040
    Texas
    Re: ***Windows Virus and Malware Removal***

    <div class="ubbcode-block"><div class="ubbcode-header">Originally Posted By: tucker301</div><div class="ubbcode-body"><div class="ubbcode-block"><div class="ubbcode-header">Originally Posted By: Swan</div><div class="ubbcode-body">Kiss all those pesky lil viruses and malwares goodbye. Forever.
    </div></div>

    Don't confuse obscure with secure. </div></div>

    What is the best answer for adware/malware & AV for a MacBook Air running Mac OS?
     
    G

    Guest

    Guest
    Re: ***Windows Virus and Malware Removal***

    <div class="ubbcode-block"><div class="ubbcode-header">Originally Posted By: UKDslayer</div><div class="ubbcode-body">
    What is the best answer for adware/malware & AV for a MacBook Air running Mac OS? </div></div>

    I've heard good things about Bit Defender.
    http://www.bitdefender.com/solutions/antivirus-for-mac.html
     

    ArcticLight

    Sergeant
    Full Member
    Minuteman
    Mar 27, 2003
    963
    22
    Silverdale, WA
    Re: ***Windows Virus and Malware Removal***

    FYI guys - If you do not have an external USB device to back up your documents etc - now's a good time to get one - they are so dirt cheap.

    And sometimes, it is faster and easier to rebuild than to fix a computer. If it takes 2 hrs start to finish to rebuild and configure vs 2 hrs of cleaning and repairing...I'd rather have the rebuild/reinstall.

    I use the Navy Corporate edition of Symantec AV - works extremely well and if you work for DOD you can get a copy for home use.
     

    762slinger

    Sergeant
    Full Member
    Minuteman
    Dec 3, 2006
    135
    0
    51
    Texas
    Re: ***Windows Virus and Malware Removal***

    Thanks for posting this info. I'll be printing it out and running through it. I've had some problems lately like redirects and nonfunctional IE (I normally use FF). I just did the first part (checking the LAN properties) and I had the proxy box checked. Unchecked it and was able to start IE without problem.
    Going to finish it up tomorrow.
     

    Bryan27

    Sergeant
    Full Member
    Minuteman
    Jul 31, 2007
    665
    0
    42
    Tennessee
    Re: ***Windows Virus and Malware Removal***

    Figured I'd bring this one back to the top with a question or two since it's bee so much help to me already.

    The issue I'm having now with my computer is that search engines are redirecting me to random sites when I click on the first option. Let's say I type in "long range shooting" into google and it gives me a list of options to chose from. First option on the list is snipershide.com so I click on it and my screen goes white and up in the left hand side it says "Document has moved, redirecting" and then it brings up some random website like yellow book or maps.com. If I click on any other option it takes me directly to where it says. If I click on the first option, when it says it's redirecting I hit the back button, and then click on the same option.....it takes me directly to where it says it goes. Strange,,,,,

    The other issue is every now and then, regardless of what site I'm on, I'll click on something or change to the next page of a thread and a website having to do with music lyrics opens up in it's own session. It's just a plain white page with no writing and I always close it, but that just seems pretty random.

    What's up with this stuff? After getting the virus off my computer I was able to do everything I was told to do with the exception of changing the hosts file. I'm on windows 7 and can't find the file to delete it/change it. Any secret to doing that on windows 7 and would that be something that would cause these problems?
    Thanks
     
    G

    Guest

    Guest
    Re: ***Windows Virus and Malware Removal***

    Bryan,
    Check your HOSTS file and reset IE's defaults as outlined earlier in this thread.

    I had one the other day that had the HOSTS file locked down.
    I had to boot the machine to a Live Windows CD to gain control and delete the file, then replace it with a clean one.