MY sister's PC is screwed

[Guernsey]

This is not good for me but my sister got some malware attack on her computer. I tried using the restore point but it came back and that worked before on ym computer. I just don't know if I can just remove it especially when the cd rom drive is not working so I cannot restore anything. What can I do? I might be in trouble again and I don't want to make things worst.

[Random32]

Do you have any more details? Whats wrong? What malware do you have?

I'd try using malwarebytes

[Urzu 7]

Yeah, use Malwarebytes. Get it here: www.download.com

Try that and report the details in this thread.

[Guernsey]

For the type of Malware my sisters computer have, it looks like to be an Adware virus that is infecting the computer. My dad doesn't really treust Malwarebytes and I don't really trust it either sadly.

[Neat Hedgehog]

Any particular reason why? Just curious, since personally I would be way more likely to trust Malwarebytes to fix a problem than I would trust restore points to do anything.

[Random32]

Malwarebytes works nearly all the time...

Do you have a name for this adware?

[Guernsey]

I think it was Windows Detector or something I need to look at it again.

[-KarumA-]

Quote:

Originally Posted by Guernsey

For the type of Malware my sisters computer have, it looks like to be an Adware virus that is infecting the computer. My dad doesn't really treust Malwarebytes and I don't really trust it either sadly.

Ooh dear God, I hope you are joking.
Malwarebytes is one of the most trustworthy scanners out there, mostly because even the free version is better than most paid scanners out there.

Run the free version of MalwareBytes, if it wasn't trustworthy thenw e wouldn't recommend it. If not then enjoy your broken pc.

If I were you I'd run Malwarebytes and if the report it gives (which you can copy paste here) does not remove it then I would run Combofix, unless you think dos-like looks make it even less trustworthy.

[Guernsey]

Quote:

Originally Posted by -KarumA-

Ooh dear God, I hope you are joking.
Malwarebytes is one of the most trustworthy scanners out there, mostly because even the free version is better than most paid scanners out there.

Run the free version of MalwareBytes, if it wasn't trustworthy thenw e wouldn't recommend it. If not then enjoy your broken pc.

If I were you I'd run Malwarebytes and if the report it gives (which you can copy paste here) does not remove it then I would run Combofix, unless you think dos-like looks make it even less trustworthy.

It has been awhile since I had used some DOS type program but I'll give its a shot. Thanks for your help and I'll get started on it.

[triskelion]

I might be a bit late to this, but I also agree that Malwarebytes is probably the best scanner out there.

It saved my secondary computer a few months back. If you can't trust Malwarebytes, you can't trust anything else!

[blaze0041]

I can vouch for Malwarebytes' Anti-Malware as well. You can try Ad-Aware or Spybot - Search & Destroy (if you don't mind the dated interface)
I also would have suggested using a Linux based Anti-virus boot CD, but you've stated that your CD drive doesn't work, and presumably, can't burn CDs either.

[White Manju Bun]

I love malware bytes but sadly I have the browser redirct virus and malware bytes can't seem to get rid of it.

[Guernsey]

^ That is also a concern of mine to, how do I know if it wroks? I don't want a relapse.

[Random32]

Quote:

Originally Posted by White Manju Bun

I love malware bytes but sadly I have the browser redirct virus and malware bytes can't seem to get rid of it.

create a thread here and I'll try to help. create a thread at malwarebytes forum and they'll help as well.

Quote:

Originally Posted by Guernsey

^ That is also a concern of mine to, how do I know if it wroks? I don't want a relapse.

relapse... we have malware nowadays that fakes it is gone and comes back later? damn... I doubt the malware you have is that advanced though.

You know it works when your adware goes away. Since you have noticed the adware, that shouldn't be that hard to determine.

[blaze0041]

Good security relies on having multiple solutions- no one single application can cover every nasty out there on the Internet (that being said, do not have more than one antivirus running on the same computer!).
If you are able to, I suggest an online scan of your system: such as Trend Micro's Housecall or BitDefender's solution. AV companies may also have specific virus removal tools if you know what the piece of malware is called.

[Urzu 7]

Quote:

Originally Posted by blaze0041

Good security relies on having multiple solutions- no one single application can cover every nasty out there on the Internet (that being said, do not have more than one antivirus running on the same computer!).
If you are able to, I suggest an online scan of your system: such as Trend Micro's Housecall or BitDefender's solution. AV companies may also have specific virus removal tools if you know what the piece of malware is called.

Hmm, I have Avast! anti-virus and Malwarebytes. They won't conflict, will they? You said not to have more than one anti-virus software on your computer, but it sounds like MWB fixes viruses, too.

[blaze0041]

^ No, they should not conflict.
Example of what not to do: use X and Y on the same computer, where X and Y could equal:
Norton, McAfee, BitDefender, Kaspersky, NOD32, Avast, AVG...

[-KarumA-]

In other words what runs on the background, if you have 2 anti virus running on the background with shields up then it clashes together.

What browser redirect virus are we talking about anyway, there are tons of those.
I had one that redirected my google search results once, but like I said there are so many.

if non of the two can remove the virus then make a topic here:

http://www.bleepingcomputer.com/forums/forum22.html

Follow the instructions: scan with hijack this, post the logs that came with the 2 scanners.
These guys are pretty much pro at what they do and helped me out before when I thought I couldn't be helped anymore.
Hijack this pretty much makes a sum up of programs running in the bg, which includes the virus many times and allows you to remove it together with the registrykey. However it isn't always easy to read the logs, hence why these guys do it for you. In other words you kind of remove it manually.

[White Manju Bun]

Quote:

Originally Posted by Guernsey

^ That is also a concern of mine to, how do I know if it wroks? I don't want a relapse.

Malware Bytes does work, Ive had it for 2 years, it saved my computer once already, problem is this nasty little virus is from what Ive been reading up on is relatively new so most programs are having issues keeping up with it. Also from it sounds like your sisters comp doesnt have what I have so Id run Malware Bytes. Run it. Restart. Update Malware Bytes. Run again.

@KarumA, I made an account on that forum since it appears lots of people are asking about the google redirect virus. Thanks for the info.

[SaintessHeart]

Here is an old trick that usually works when my main drive refuses to run any antivirus:

1. Get a removable drive
2. Install the AV on it.
3. Update.
4. Plug it into your main computer and run it from the removable drive.

Usually a combination of MSRT and Malwarebytes, along with some knowledge of Windows registry combined with Simple File Shredder to corrupt viral files, can help remove alot of hard viruses. Unlike the early 2000s, most viruses nowadays are more inclined to self-replicate and cross-infect storage devices by attacking boot sectors, instead of hiding and triggering the payload after the next restart, attack virus definitions of AV software, etc. It seems that they are going back to the early 1990s age where viruses often try to monitor information sent rather than hijacking PCs completely.

Post your hijackthis log here. I know how to read them.