Help needed removing malware(browser related)

[True Colors]

Hello. I am trying to fix a friend's laptop computer that has Windows 7 installed.

When he gave it to me it was infected with some assorted malware(trojans, etc.). At first, I could not open any applications whatsoever. Every time I would try it would ask me if I wanted to use internet explorer to open it.

I created a few rescue CD's(dr web, avira, avg, etc) and ran those. They cleaned up most of the problems.

Also, I installed AVG free edition and malware bytes. I ran both of those. That removed several more pieces of malware.

At that point, things were mostly good. But I noticed that almost all of the files on the computer had been marked as hidden(the desktop images were all faint, etc). So I went through and manually removed the "hidden" setting from all the PC files.

It seems like I am 99% good. However, when I open firefox browser and enter a google search, and click on a link in the search results, it sometimes redirects me to some other unwanted site. So I guess that there is still some malware lingering in the background that could not be found by AVG and malware bytes.

Any recommendations to fix this?

Thanks!

TC

 

[nikorr]

If possible, run this guide @ http://www.tomshardware.com/forum/8263-63-simple-free-guide-removing-malware

 

[Jim_L9]

Did you try cleaning it in Safe Mode? For really badly infected computers I have sometimes had to remove the hard drive and scan it with another computer running anti-virus and anti-malware software. Tell your friend to be more careful where he browses in the future.

 

[Jim_L9]

Also try the command "sfc /scannow" without the quotes at an elevated command prompt (Run as administrator).

 

[True Colors]

That is a good tip about cleaning it in safe mode. I hadn't thought about that.

However, the rescue disks that I use kind of, sort of, accomplish what you are talking about. They are boot disks which run their applications in linux based environments. So they do their thing without ever actually booting up Windows.

Regarding my friend's internet surfing habits...... I have discussed that with him. He has a couple of children who surf anything and everything. So there is not really any feasible way to restrict which sites that they look at.

However, I did tell him about using a Linux OS to do all of his internet surfing as a way of avoiding malware. He is cool with trying it so I went ahead and installed Ubuntu on his computer alongside Windows 7.

In the meantime, I still do need to complete the cleanup of his Windows 7 install.

TC

 

[aford10]

Did you try cleaning it in Safe Mode? For really badly infected computers I have sometimes had to remove the hard drive and scan it with another computer running anti-virus and anti-malware software. Tell your friend to be more careful where he browses in the future.

You should always scan in safe mode with networking. There are only minimal processes running, and less chance that malware will be active, and able to mess with your scanners. The networking services being active, will still allow your virus definitions to update, as well.

Also try the command "sfc /scannow" without the quotes at an elevated command prompt (Run as administrator).

This will require you to have the OS install disc.