Windows 7: Help needed removing malware(browser related)

Hello. I am trying to fix a friend's laptop computer that has Windows 7 installed.

When he gave it to me it was infected with some assorted malware(trojans, etc.). At first, I could not open any applications whatsoever. Every time I would try it would ask me if I wanted to use internet explorer to open it.

I created a few rescue CD's(dr web, avira, avg, etc) and ran those. They cleaned up most of the problems.

Also, I installed AVG free edition and malware bytes. I ran both of those. That removed several more pieces of malware.

At that point, things were mostly good. But I noticed that almost all of the files on the computer had been marked as hidden(the desktop images were all faint, etc). So I went through and manually removed the "hidden" setting from all the PC files.

It seems like I am 99% good. However, when I open firefox browser and enter a google search, and click on a link in the search results, it sometimes redirects me to some other unwanted site. So I guess that there is still some malware lingering in the background that could not be found by AVG and malware bytes.



Any recommendations to fix this?

Thanks!

TC

A friend of mine had an issue with his browser redirecting search results, and it took me a few days to find a fix, but I found a program called TDSSKiller and that removed the problem. You can try it out for yourself to see if it will also be a fix for you, and hopefully it will.

Anti-rootkit utility TDSSKiller

Edit: Here's a little bit more info about the trojan if you need it. Backdoor.Tidserv | Symantec

In addition to excellent idea TDSS Killer, I'd install MSE or Avast6 but not AVG which is no longer recommended by anyone here. For a boot scan use Microsoft Standalone System Sweeper

Often a serious infection requires reinstalling. In your case you can run Dell factory recovery after backing up your files: Dell Restoring Your Computer´s Software to the Factory Settings

Or if you're one of the lucky ones who got the Dell Reinstallation DVD you have the option to do a clean reinstall without the factory bloatware for a lighter weight install. Follow these steps to get it perfect: Reinstalling Windows 7

If you get to the point where you are contemplating a repair install or fresh install, then I would give this tool a try first, as I have read some very positive things about it, and at this point, you really have nothing to lose:

|MG| Tweaking.com - Windows Repair 1.4.3 Download

You may wish to give Norton Power Eraser a try, which offers a rootkit scan in addition to virus scanning:

Norton Rescue Tools

But, as gregrocker stated, your safest bet for a clean PC is a clean install.

Hi,

You might also want to flush the DNS and reset the hosts file. Please try this:

1. Copy the following text into a blank Notepad file:

@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0

2. Save this as FLUSH.BAT to your desktop.
3. Right-click on FLUSH.BAT and run as Administrator.

The PC will reboot itself. Once it has done that, open a browser and see if the redirection has been fixed.

Regards,
Golden

I have to admit, that if my machine were to ever get infected, I would re-image to my once per month image. Even if I didn't have an image to fall back on, I would then re-install windows. I know it's excessive and most might find it unnecessary, but that is just me. I would never feel 100% safe using a machine that I knew had at one point in time been compromised.

But if I were cleaning a friend's machine, then all of the advice in this thread would be followed. I would like to also add Hitman Pro ( Home - SurfRight) as a great tool as well. Also, SUPERAntiSpyware has an online scanner that is pretty good too. ( SUPERAntiSpyware.com - SUPERAntiSpyware Portable Scanner )

Hey guys, thanks for all of the good information. I will try your recommendations and report back.

A few other things......

First, why is AVG out of favor with people here? I have had decent luck with it over the years, especially for something free. Call me cheap, but I am VERY partial to free stuff

Also, I do agree with the remarks that fresh installs are better. That is what I usually do myself with my own computers. However, in this case, this is my friend's computer, and he wants to keep his applications and settings. So if I can get his system disinfected then he will try that for a while. But it would not surprise me if we eventually do end up going with a new install at some point.

Regarding a possible reinstallation for him.......... I have gotten to the point where I usually buy dell systems for myself, in part, because the windows reinstallation disks are so easy to come by. However, this laptop is an MSI product. I do not have an MSI specific Windows installation disk.

I do have a Dell reinstallation disk. Can I use that to reinstall Windows on his laptop? He does have an authentic Windows 7 license key. And thank the lord, it is still legible.

Thanks,

TC

The Dell DVD is an OEM version and will throw a wobbly if you try and install it on a computer other than the one it's tied to, unfortunately.

You say the product key is still legible. Can you borrow a Windows DVD off someone? It would need to be the same version as what is on his computer.

If you're partial to free stuff, then use the AV's which are recommended for best performance with Windows 7 and it's firewall, MSE and Avast6.

All that's extra in the Dell Reinstallation DVD is Dell branding and SLP reactivation, I believe, which won't activate in another machine. You can try using it to clean reinstall, then remove the Dell logo from Computer>Properties page, activate with key on COA sticker.

But it would be best to find a clean-copy ISO for your version to burn to DVD or write to stick using Windows 7 USB-DVD Download Tool. If you need to download one, google Official Windows 7 ISO download from My Digital Life