Search forums

Forums

Export thread

Oh, balls. Malware detection/deletion

Oct 3, 2013#1

Chad Sexington

I think my colleague's computer has some less-than great sneaky files on it. What're my best options?

Working on Windows 7 64bit

MSE says no threats are detected, but she's getting a pop up near the start menu that says "Backup your computer now for free!" and there are few things in the task manager that are unkillable: they just start up again when ended.

Oct 3, 2013#2

strawman

Yep, you got a bug.

Spyware search and destroy is a good option for that.

Oct 3, 2013#3

Tinwhistler

malwarebytes
AVG antivirus

Oct 3, 2013#4

GasBandit

Malwarebytes. A lot of these "ad pop up" things aren't technically classified as viruses and virus scanners like MSE, AVG and the rest may not catch them (plus new ones come out every day). Malwarebytes is pretty good at ferreting out this stuff though.

Oct 3, 2013#5

PatrThom

Another vote for MalwareBytes as your first go-to solution.
HijackThis is another extremely competent tool, but it has a startlingly steep learning curve.

--Patrick

Oct 3, 2013#6

Chad Sexington

PatrThom said:
Another vote for MalwareBytes as your first go-to solution.
HijackThis is another extremely competent tool, but it has a startlingly steep learning curve.

--Patrick

I've used HijackThis in the past, but it was a challenge, you're quite right about the learning curve.

Oct 3, 2013#7

PatrThom

Oh! And if it's just a process you can't kill (one that keeps relaunching), sometimes you can use selective startup to get rid of it.
Here is an article from a rather surprising source that may help you with this process.

--Patrick

Oct 3, 2013#8

Zappit

Run Malwarebytes, then Spybot: Search and Destroy. Should handle your business.

Oct 3, 2013#9

Jay

CC Cleaner

Oct 3, 2013#10

GasBandit

Jay said:
CC Cleaner

Big old heapin' help'a placebo.exe.

Oct 3, 2013#11

Ravenpoe

GasBandit said:
Big old heapin' help'a placebo.exe.

Don't crush Jay's dreams.

Oct 3, 2013#12

PatrThom

CCleaner (not to be confused with Carbon Copy Cloner) is useful for getting rid of registry entries that don't point to anything any more, or for removing things you don't want it to point to any more. But I wouldn't really call it an antimalware solution.

--Patrick

Oct 3, 2013#13

Terrik

I just use System Mechanic for everything.

Oct 3, 2013#14

bhamv3

Would nuking the site from orbit be a valid backup plan?

And by nuking the site I mean reformatting and reinstalling.

Or you could nuke it.

Oct 4, 2013#15

Ravenpoe

bhamv3 said:
Would nuking the site from orbit be a valid backup plan?

And by nuking the site I mean reformatting and reinstalling.

Or you could nuke it.

Put it in the microwave. No virii will survive.

Oct 4, 2013#16

PatrThom

Ravenpoe said:
Put it in the microwave. No virii will survive.

You're thinking of sponges.

--Patrick

Oct 4, 2013#17

drawn_inward

@Chad Sexington your "colleague's" PC? Really? :troll:

Oct 4, 2013#18

Chad Sexington

drawn_inward said:
@Chad Sexington your "colleague's" PC? Really?

Really. I'm the 'boss' in the office, and really I could just call up IT but opening a ticket and getting them to fix things takes forever, and I'm generally tech savvy enough to solve most problems. So I did what I could, consulted y'all, which helped me fine 108 objects with Malwarebytes; uninstalled a handful of toolbars, etc, and her comp seems fine now.

Thanks to all!

Oct 4, 2013#19

Bowielee

Tell her not to download attachments, even if they do say they have pictures of Ryan Gosling naked

Oct 4, 2013#20

Chad Sexington

Bowielee said:
Tell her not to download attachments, even if they do say they have pictures of Ryan Gosling naked

I think it was actually the person who used the computer previous to her, but... Given her Ryan Gosling love, I am definitely going to leave that as a note on her desk!

Forums