On 7/26/2015 8:28 PM, Paul wrote:
Rene Lamontagne wrote:
On 7/26/2015 11:23 AM, Wolf K wrote:
On 2015-07-25 11:30 PM, A.M wrote:
On 2015-07-25 8:29 PM, Rene Lamontagne wrote:
My Sons computer is infected with this crap, is there a simple way to
remove it?
Spyhunter 4 is supposed to work at $47.95, also found many
solutions on
the net with umpteen pages of instructions, Mostly fairly complicated,
or should I just wait 4 more days and install win10?
BTW it has disabled his CDROM so I cannot install his Macrium image
backups, also system restore is disabled.
I swear if I could ever catch one of these malware *******s his
reproduction system would be seriously impeded, I have Number 10 boots

My solution is always more or less the same:

1) remove any software which was unwanted from add/remove program
2) verify the settings of every browser installed on the computer to
make sure that no unwanted extensions are installed
3) delete any folders in c:\program files (x86) and c:\program files
which had anything to do with the unwanted software
4) clean the registry with CCleaner to make sure the software's
registry
entries are removed as well
5) scan and clean the registry manually if not convinced CCleaner found
everything
6) download malwarebytes and let it do its thing
7) restart

Generally, that takes care of it. It's how I fixed my co-workers'
computers when they were infected.

Good advice, been there, done that. :-) or :-(, depending.

But be warned, it can take hours to do all that.

There are Linux-based malware cleaners, run from the CD/DVD drive, it
should boot, unless the baddies have written the crap to recognise Linux
discs and block them, too. I understand you can get into BIOS and
specify boot order. Try attaching an external optical drive, and specify
it (by brand/model) as the default boot.

FWIW, Vipre anti-malware has refused to allow execution of an install
package because some PUP or malware was included.

Good luck,


In desperation today I tried booting my 3 Macrium recovery disks, None
would boot, also could not see the files, the disks seemed empty yet
on my machine all files were present .But in looking through my disk
collection I found another one.
This one did boot OK and ran Macrium recovery which I used to put his
system back up and running Sans malware.
Now comes the stupid part, his drive would read any of his disks OK so
I deduced that his drive was partially screwed. I installed a new
drive today and now it boots all disk fine, So the malware probably
had nothing to do with his drive, Just coincidence that it occurred at
this time.
Problem solved. And thanks to all who responded and lent me their
thoughts, Much appreciated.

Best Regards, Rene


Just as long as the malware didn't try to modify the
firmware in the (broken) optical drive.

Computers are filled with firmware chips, and
nation-state-provided malware, can attack such things.
Regular malware would not be as thorough, and be ready to
deal with as many types of hardware.

Even a hard drive has firmware, and I don't think it's
that difficult to reprogram one.

http://www.pcworld.com/article/28849...an-russia.html


Paul


Yes safe computing is getting harder to maintain as more malware
creators are finding new ways to use their malware to increase their
bottom line.
Anyway the optical drive is on its way to the dump and The HD has been
wiped and updated, now i have to install numerous updates again.

Regards, Rene