Solved

Adware on a laptop

Posted on 2012-03-13
7
569 Views
Last Modified: 2013-12-06
Hi Experts. My teenaged niece just got a laptop (Toshiba/Windows 7). She went online without installing any anti virus software. Both IE and Mozilla are going straight to advertisement page when opened. Any troubleshooting advice is greatly appreciated. Are there any programs that can be installed on a USB? So that I can hopefully install on her laptop to correct the issue? Thank you experts!
0
Comment
Question by:Rhiaanon44
7 Comments
 
LVL 8

Expert Comment

by:Tymetwister
ID: 37717904
Please download malwarebytes (http://www.malwarebytes.org/) and run that, for starters... that should help clear up a lot of it.
0
 
LVL 93

Expert Comment

by:John Hurst
ID: 37717916
As you just found, it can take but seconds to hose a computer with no protection.

You need to get her (or her caregivers) to purchase a top-rated, paid Anti Virus, install it and scan.

Even to start, she (or you) could download Microsoft Security Essentials to get started. But do follow up with paid Anti Virus. ... Thinkpads_User
0
 
LVL 8

Expert Comment

by:Tymetwister
ID: 37717931
And just to build on the above comments, if she got malware that quickly, it may be advisable to educate her on best practices to avoid getting an infection so that it doesn't keep happening after the issue is cleared up:

http://www.techsoup.org/learningcenter/software/page5498.cfm

http://www.readwriteweb.com/archives/how_to_avoid_malware_on_facebook_and_twitter_8_best_practices.php
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 38

Accepted Solution

by:
younghv earned 500 total points
ID: 37717962
Highly doubtful that any single scanner is going to help you at all. With known infected systems you are probably going to need a 'rogue process' stopper to get your scanners to work.

Malwarebytes (mentioned above) is one of the best tools out there, but it is targeted by a lot of malware and is often blocked from running.

RogueKiller and TheKiller are two great tools for stopping those processes. EE Article here: Rogue-Killer-What-a-great-name

TheKiller
Download TheKiller to your Desktop
http://maliprog.geekstogo.com/explorer.exe

Note that TheKiller is renamed as explorer.exe
Run it by double click
Press OK button after program finish
Do not restart your system after this step, but immediately run the next scan: MalwareBytes, TDSSKiller, ComboFix

**************

For Hijacking/re-directs, you might want to start with TDSSKILLER found here:
http://support.kaspersky.com/downloads/utils/tdsskiller.zip

* Download the file TDSSKiller.zip and extract it into a folder on the infected (or potentially infected) PC.
* Execute the file TDSSKiller.exe.
* Wait for the scan and disinfection process to be over. You do not have to reboot the PC after the disinfection is over.

If the tool finds a hidden service it will prompt you to type "delete",  you can also just hit "Enter" without typing in and the scan will continue...
Please post the log to be analyzed.

You can also try FixTDSS.exe from Symantec:
http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixTDSS.exe

**************
Proper use of several scanner tools is outlined in this EE Article:
Stop-the-Bleeding-First-Aid-for-Malware
0
 
LVL 1

Expert Comment

by:DrMadAxe
ID: 37756197
Just another step to add to make sure you get complete rid of those terrible things:

Reboot in safemode by hitting F8 when booting the computer.

Select Safe Mode.

Run your anti virus and anti spyware progs ( malwarebytes, Spybot Search and Destroy , paid for , super anti spyware. ) I use multiple for sweeps.

If you can without cringing turn off your system restore. sometimes those buggers like to hide in there.

If you have multiple accounts on the computer repeat the steps on each account to keep them from reinfecting one another.

Take the other advice posted as well. : )
0
 
LVL 38

Expert Comment

by:younghv
ID: 37756381
There are a number of reasons for NOT doing your scans in "Safe Mode"; as delineated here:
Malware Fighting – Best Practices

There is no good reason to delete your System Restore points and several good reasons not to. Details here: Viruses in System Volume Information (System Restore)
0
 

Author Closing Comment

by:Rhiaanon44
ID: 37778640
Thank guys! Definitely needed this info!
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
Read about achieving the basic levels of HRIS security in the workplace.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question