Topic Wiki

Here's some decent instructions on what to do:
https://www.reddit.com/r/techsupport/comments/33evdi/suggested_reading_official_malware_removal_guide/

For more help, post :)
« Last edited by DanH on December 12, 2016, 06:43:39 PM »

Author Topic: Viruses & How To Remove Them  (Read 61167 times)

Offline HelpMe

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Aug 2011
  • Posts: 3427
  • Total likes: 40
  • DansDeals.com Hat Tips 1
    • View Profile
Re: Viruses & How To Remove Them
« Reply #20 on: August 03, 2012, 07:53:53 PM »
Try running a scan with MalwareBytes Anti Malware, its free and works on most stuff IME.
I have MWB running all the time.
"Elvis Has Left The Building"

Offline HelpMe

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Aug 2011
  • Posts: 3427
  • Total likes: 40
  • DansDeals.com Hat Tips 1
    • View Profile
Re: Viruses & How To Remove Them
« Reply #21 on: August 03, 2012, 07:57:08 PM »
The registry can't download a program, it must be an exe or a service that keeps bringing it back. If I know when it started I usually find the culprit by searching for files modified on that date/time.
Can't the reg entry be the trigger? Anyway no big deal I just reload the OS in minutes.
"Elvis Has Left The Building"

Offline DH Data Recovery

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Jul 2012
  • Posts: 4543
  • Total likes: 6
  • DansDeals.com Hat Tips 64
    • View Profile
Re: Viruses & How To Remove Them
« Reply #22 on: August 04, 2012, 09:11:50 PM »
The easiest way to deal with most viruses in windows 7 - first step is always system restore. When you restart hit f8 continuously until you get the safe mode option. Select safe mode with networking and run combofix from bleeping computers. Once that's done restart and reboot in safe mode again - this time run malwarebytes. This system works with 80% of viruses in windows 7

Offline HelpMe

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Aug 2011
  • Posts: 3427
  • Total likes: 40
  • DansDeals.com Hat Tips 1
    • View Profile
Re: Viruses & How To Remove Them
« Reply #23 on: August 05, 2012, 08:20:37 AM »
MWB or Combofix will not remove or detect "Win 7 Antivirus 2012" most of the time. So what is the next step?
"Elvis Has Left The Building"

Offline Name Changed

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Sep 2011
  • Posts: 4831
  • Total likes: 6
  • DansDeals.com Hat Tips 13
    • View Profile
  • Location: Lakewood
  • Programs: Avis Presidents Club, National Executive Elite, Hertz Presidents Circle, Sixt Platinum, SPG Gold, eBay Platinum
Re: Viruses & How To Remove Them
« Reply #24 on: August 05, 2012, 08:54:25 AM »
MWB or Combofix will not remove or detect "Win 7 Antivirus 2012" most of the time. So what is the next step?
From my experience with this virus, the easy way out is googling the key for it, which once entered you will get more control over your computer, as when the virus is active you dont have internet access, or access to any .exe file...

It could manually be removed by cleaning up the registry, but for most people that will be too difficult.
I think MalwareBytes was able to remove the virus.

Offline BAHayman

  • Administrator
  • Dansdeals Lifetime Platinum Elite
  • **********
  • Join Date: Mar 2010
  • Posts: 1939
  • Total likes: 28
  • DansDeals.com Hat Tips 0
    • View Profile
Re: Re: Viruses & How To Remove Them
« Reply #25 on: August 05, 2012, 10:04:12 AM »
MWB or Combofix will not remove or detect "Win 7 Antivirus 2012" most of the time. So what is the next step?
Had someone with that virus last week, MWB worked just fine when I ran a full scan in safe mode.

Offline DH Data Recovery

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Jul 2012
  • Posts: 4543
  • Total likes: 6
  • DansDeals.com Hat Tips 64
    • View Profile
Re: Viruses & How To Remove Them
« Reply #26 on: August 05, 2012, 12:34:19 PM »
The Other important tool to run is tdsskiller by kaspersky this cleans many harmful rootkit viruses and trojans that keep coming back even after mwb! This is a must in any technicians toolkit these days!

Offline HelpMe

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Aug 2011
  • Posts: 3427
  • Total likes: 40
  • DansDeals.com Hat Tips 1
    • View Profile
Re: Viruses & How To Remove Them
« Reply #27 on: August 05, 2012, 12:38:56 PM »
The Other important tool to run is tdsskiller by kaspersky this cleans many harmful rootkit viruses and trojans that keep coming back even after mwb! This is a must in any technicians toolkit these days!
Used that one also. Next?  :)
"Elvis Has Left The Building"

Offline DH Data Recovery

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Jul 2012
  • Posts: 4543
  • Total likes: 6
  • DansDeals.com Hat Tips 64
    • View Profile
Re: Viruses & How To Remove Them
« Reply #28 on: August 05, 2012, 12:41:37 PM »
ok lets try to go through the process of what was done.
a) did you try system restore to before you got the virus?
b) did you run combofix in safe mode - and if you did - try running it twice.

Offline HelpMe

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Aug 2011
  • Posts: 3427
  • Total likes: 40
  • DansDeals.com Hat Tips 1
    • View Profile
Re: Viruses & How To Remove Them
« Reply #29 on: August 05, 2012, 12:52:55 PM »
I don't use system restore. I use Ghost to backup my OS. I only load the OS on C and everything else (programs/data) on different drives/partitions.

MWB & Combofix ran in Safe mode only once.

I get a popup about a virus being detected when I go to FT. Not sure why it only activates on that site. This is a fake popup that the virus generates. If you click on ANYTHING the virus will run and take control of your computer. The only way to stop it from running at this point is to power down the computer completely.
"Elvis Has Left The Building"

Offline DH Data Recovery

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Jul 2012
  • Posts: 4543
  • Total likes: 6
  • DansDeals.com Hat Tips 64
    • View Profile
Re: Viruses & How To Remove Them
« Reply #30 on: August 05, 2012, 01:08:02 PM »
run combofix again, run tdsskiller again. run spybot s&d ( i dont like the new one - I use version 1.62) also empty all the temp files and folders

Offline DH Data Recovery

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Jul 2012
  • Posts: 4543
  • Total likes: 6
  • DansDeals.com Hat Tips 64
    • View Profile
Re: Viruses & How To Remove Them
« Reply #31 on: August 07, 2012, 06:07:51 PM »
Did it work?

Offline steeeveknowsbest

  • Dansdeals Platinum Elite + Lifetime Gold Elite
  • ******
  • Join Date: Aug 2011
  • Posts: 934
  • Total likes: 4
  • DansDeals.com Hat Tips 0
    • View Profile
  • Location: denver, Co
Re: Viruses & How To Remove Them
« Reply #32 on: August 07, 2012, 06:56:57 PM »
k so about a year ago i got a google redirect virus on my desktop

i tried getting rid of it using malwarebytes anti-malware, tdsskiller,norton 360, spybot search and destroy and rkill, but no luck

it somehow has gotten onto my laptop as well and i cannot use google on IE,Chrome or mozilla, it does not affect safari but covenant eyes won't work with safari.

At this point i have just resigned myself to not using google (yahoo search SUCKS!) and i occasionally sweep the computers for virus's and tracking cookies which it seems to bring in.

recently i started not being able to run mozilla because it justs keep crashing, i have tried uninstalling and redownloading but still no luck. Also my comp won't display any recaptcha boxs (which can be really annoying because you can't get some sites!)

any obvious connection? or are these unrelated problems, any advice?

Thanks a million!

Offline DH Data Recovery

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Jul 2012
  • Posts: 4543
  • Total likes: 6
  • DansDeals.com Hat Tips 64
    • View Profile
Re: Viruses & How To Remove Them
« Reply #33 on: August 07, 2012, 09:23:22 PM »
Try combofix.
I've actually had on every rare case when the google redirect virus effected the router i have no clue how it happened - but every single computer I connected to the clients router was redirected when using google. I doubt you got that but try combofix first.

Offline Name Changed

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Sep 2011
  • Posts: 4831
  • Total likes: 6
  • DansDeals.com Hat Tips 13
    • View Profile
  • Location: Lakewood
  • Programs: Avis Presidents Club, National Executive Elite, Hertz Presidents Circle, Sixt Platinum, SPG Gold, eBay Platinum
Re: Viruses & How To Remove Them
« Reply #34 on: August 07, 2012, 09:24:47 PM »
any obvious connection? or are these unrelated problems, any advice?
Yea, you have a virus ;)

Offline DH Data Recovery

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Jul 2012
  • Posts: 4543
  • Total likes: 6
  • DansDeals.com Hat Tips 64
    • View Profile
Re: Viruses & How To Remove Them
« Reply #35 on: August 07, 2012, 09:27:29 PM »

Offline steeeveknowsbest

  • Dansdeals Platinum Elite + Lifetime Gold Elite
  • ******
  • Join Date: Aug 2011
  • Posts: 934
  • Total likes: 4
  • DansDeals.com Hat Tips 0
    • View Profile
  • Location: denver, Co
Re: Viruses & How To Remove Them
« Reply #36 on: August 07, 2012, 10:40:56 PM »
Yea, you have a virus ;)
thanks captain obvious!  :D :D



Offline HelpMe

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Aug 2011
  • Posts: 3427
  • Total likes: 40
  • DansDeals.com Hat Tips 1
    • View Profile
Re: Viruses & How To Remove Them
« Reply #37 on: August 08, 2012, 01:18:00 AM »
Did it work?
I just stop clicking on FT. :)  Not my main computer and it would take hours to run them all again.
"Elvis Has Left The Building"

Offline miamiles

  • Dansdeals Platinum Elite
  • ****
  • Join Date: Mar 2009
  • Posts: 252
  • Total likes: 0
  • DansDeals.com Hat Tips 0
    • View Profile
Re: Viruses & How To Remove Them
« Reply #38 on: August 08, 2012, 11:34:03 PM »
I recently had a virus.....and had a guy from norton log into my computer and fix it for me as part of the service.  If you bought their product, why not try giving them a call

Offline miamiles

  • Dansdeals Platinum Elite
  • ****
  • Join Date: Mar 2009
  • Posts: 252
  • Total likes: 0
  • DansDeals.com Hat Tips 0
    • View Profile
Re: Viruses & How To Remove Them
« Reply #39 on: August 09, 2012, 10:21:09 PM »
other companies on the internet will try to charge like $75 -$100 to fix the issue, but norton is included