We help IT Professionals succeed at work.

Adware on a laptop

Hi Experts. My teenaged niece just got a laptop (Toshiba/Windows 7). She went online without installing any anti virus software. Both IE and Mozilla are going straight to advertisement page when opened. Any troubleshooting advice is greatly appreciated. Are there any programs that can be installed on a USB? So that I can hopefully install on her laptop to correct the issue? Thank you experts!
Comment
Watch Question

Please download malwarebytes (http://www.malwarebytes.org/) and run that, for starters... that should help clear up a lot of it.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
As you just found, it can take but seconds to hose a computer with no protection.

You need to get her (or her caregivers) to purchase a top-rated, paid Anti Virus, install it and scan.

Even to start, she (or you) could download Microsoft Security Essentials to get started. But do follow up with paid Anti Virus. ... Thinkpads_User
And just to build on the above comments, if she got malware that quickly, it may be advisable to educate her on best practices to avoid getting an infection so that it doesn't keep happening after the issue is cleared up:

http://www.techsoup.org/learningcenter/software/page5498.cfm

http://www.readwriteweb.com/archives/how_to_avoid_malware_on_facebook_and_twitter_8_best_practices.php
CERTIFIED EXPERT
Author of the Year 2011
Top Expert 2006
Commented:
Highly doubtful that any single scanner is going to help you at all. With known infected systems you are probably going to need a 'rogue process' stopper to get your scanners to work.

Malwarebytes (mentioned above) is one of the best tools out there, but it is targeted by a lot of malware and is often blocked from running.

RogueKiller and TheKiller are two great tools for stopping those processes. EE Article here: Rogue-Killer-What-a-great-name

TheKiller
Download TheKiller to your Desktop
http://maliprog.geekstogo.com/explorer.exe

Note that TheKiller is renamed as explorer.exe
Run it by double click
Press OK button after program finish
Do not restart your system after this step, but immediately run the next scan: MalwareBytes, TDSSKiller, ComboFix

**************

For Hijacking/re-directs, you might want to start with TDSSKILLER found here:
http://support.kaspersky.com/downloads/utils/tdsskiller.zip

* Download the file TDSSKiller.zip and extract it into a folder on the infected (or potentially infected) PC.
* Execute the file TDSSKiller.exe.
* Wait for the scan and disinfection process to be over. You do not have to reboot the PC after the disinfection is over.

If the tool finds a hidden service it will prompt you to type "delete",  you can also just hit "Enter" without typing in and the scan will continue...
Please post the log to be analyzed.

You can also try FixTDSS.exe from Symantec:
http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixTDSS.exe

**************
Proper use of several scanner tools is outlined in this EE Article:
Stop-the-Bleeding-First-Aid-for-Malware

Commented:
Just another step to add to make sure you get complete rid of those terrible things:

Reboot in safemode by hitting F8 when booting the computer.

Select Safe Mode.

Run your anti virus and anti spyware progs ( malwarebytes, Spybot Search and Destroy , paid for , super anti spyware. ) I use multiple for sweeps.

If you can without cringing turn off your system restore. sometimes those buggers like to hide in there.

If you have multiple accounts on the computer repeat the steps on each account to keep them from reinfecting one another.

Take the other advice posted as well. : )
CERTIFIED EXPERT
Author of the Year 2011
Top Expert 2006

Commented:
There are a number of reasons for NOT doing your scans in "Safe Mode"; as delineated here:
Malware Fighting – Best Practices

There is no good reason to delete your System Restore points and several good reasons not to. Details here: Viruses in System Volume Information (System Restore)

Author

Commented:
Thank guys! Definitely needed this info!

Explore More ContentExplore courses, solutions, and other research materials related to this topic.