# Removing PC Malware



## plowjockey (Aug 18, 2008)

This gets so old. :flame:
My son's PC is now infected with "Vista Internet Security", which is a fake security program that installs itself, disables whatever malware protection you have, then prompts you to "buy". It's in pretty deep as it shows up as a valid security program, in Windows Security Center. Starting firefox.exe will call it to open.

I've searched online for fixes, but often, the "fixes" are actually provided by whoever wrote the malware and either do not fix the problem, or make it worse. I can kill the "av.exe" program process, which will stop it, but it will then restart again. "av.exe" does not show up in a file search, even though the folder it is supposed to reside in does not have hidden files.

We were using the current version of the AVG complete protection package. Son does not remember when it started so we don't know if system recovery is and option.

Any ideas on how to clean this mess up?


----------



## Eagle_and_hawk (Nov 22, 2008)

One of the better known malware/spyware programs is Spybot if you have not tried it. You can search for it to download and it's free.

If that program you are trying to stop is in his list, it's usually pretty good at getting rid of it. I have seen it search, find a problem, and need you to reboot to clear it up. What this allows, is for Spybot to get rid of it before Windows fully starts as a lot of times, once the program gets running, it will not let you deleted the files.

Be sure and get the updated files if you download it so you have the current list. I think the one yo are after is the same one my wife got on hers and it did clean it up from what I recall.

David


----------



## lharvey (Jul 1, 2003)

Run MalwareBytes http://malwarebytes.org in Safe Mode. That will clean it out.

Malware is the new scurge of the computer world. You'd think that the Govt would track these people down and prosecute them.

Malware and Virii cost billions of dollars a year for businesses, govts and us regular folks.


----------



## HOTW (Jul 3, 2007)

I agree with lharvey. Twice my daughters have infected my work computer by senseless clicking ( which I have warend tham bout over and over and both times my son managed to get rid of the problem with malwarebytes. He also downloaded another program can't remember which one it was. Usually the first time you can download and start it up and it will find the problem, the second time in safe mode because the infection disabled it. Took about 4 hours each time.I was not a happy camper.


----------



## mnn2501 (Apr 2, 2008)

I agree, Malwarebytes will get rid of it. Malwarebytes needs to be put on every computer, get it BEFORE you have problems.


----------



## WisJim (Jan 14, 2004)

The free version of Malwarebytes only shows the problems, doesn't delete them, though. Don't you have to buy the full version to delete all the problems? Is it worth buying?


----------



## rkintn (Dec 12, 2002)

I have the free version and it does quarantine the problems. I also subscribe to SecureIT for around $4/month. They are wonderful! I had a nasty google redirect virus a couple of weeks ago and the tech remotely fixed the problem. Took him a couple of hours to do it but I haven't had any trouble since.


----------



## mnn2501 (Apr 2, 2008)

WisJim said:


> The free version of Malwarebytes only shows the problems, doesn't delete them, though. Don't you have to buy the full version to delete all the problems? Is it worth buying?


It quarentines them and allows you to delete them, you do not need the full version.


----------



## lharvey (Jul 1, 2003)

ditto mnn's remarks


----------



## UncleTom (Jan 24, 2003)

I had the phony antivirus 2010 several times and i read that if you hold in the shut off button for 5 seconds and shut it off it will not infect your pc. I tried it the last time i got it and started it up and it was gone. Then i scanned it with Malwarebytes and spybot and it was clean. Made it alot easier to get rid of it.


----------



## ninny (Dec 12, 2005)

UncleTom said:


> I had the phony antivirus 2010 several times and i read that if you hold in the shut off button for 5 seconds and shut it off it will not infect your pc. I tried it the last time i got it and started it up and it was gone. Then i scanned it with Malwarebytes and spybot and it was clean. Made it alot easier to get rid of it.




Here's a website with step-by-step instructions with illustrations on how to remove IS2010 

http://www.howtogeek.com/howto/9487...y-2010-and-other-roguefake-antivirus-malware/

.


----------



## ||Downhome|| (Jan 12, 2009)

you can also get a live cd (basicly a windows install that boots from cd)

http://www.scribd.com/doc/213300/Malware-Removal-Starter-Kit

can really speed up the process. theres a whole host of live and boot cds that can really help. 
heres yet another.

http://www.strimoo.com/video/148042...-Ultimate-Boot-CD-for-Win-Part-2-Youtube.html

I've got a copy of hirens boot cd with a big old list of programs most a normal user wouldnt need then theres also barts pe and ultimate boot cd. 

look around Im sure theres one for you !


----------



## Spiralina (Oct 17, 2009)

I don't have any better suggestions then the ones already given but this is a typical problem for all of U.S. 

I do have a comment however... i e. sparked the imagination, so to speak.

You know how they talk about shutting down the internet? Or coming online with an internet 2? or whatever... (correct me if I'm wrong) bhaaaa

Well since nothing can bring down the internet they could confound your computer by sending you a packet of information called an upgrade from micorsoft or what have you... and BAMB.... grounded And no more surfing. Communications is the first target while government take downs are in progress. It'll be our recievers (our computers) that are targeted. First selectively, and then, [ worse case ], regionally or globally. 

And, what with the tv HD boxes, they can disable signals when not under observation. Heckfire, 'even That is peanuts'... because the satilites (sp) are just one push of a button away from shutting down a nation if need be. 

Anyway, this is how I rec.on, it is


----------



## arabian knight (Dec 19, 2005)

Spiralina said:


> .* and BAMB.... grounded And no more surfing. *
> 
> *And, what with the tv HD boxes, they can disable signals when not under observation. *


 Where from what left field are you reading such stuff as that??????
HD Boxes can see a person.:yawn: Heck fire then they have a lot of naked pics of me as I parade around the house.


----------



## StaceyS (Nov 19, 2003)

ninny said:


> Here's a website with step-by-step instructions with illustrations on how to remove IS2010
> 
> http://www.howtogeek.com/howto/9487...y-2010-and-other-roguefake-antivirus-malware/
> 
> .


Thanks for this site recommendation! Awesome info. I just got the bug again and the reader comments on the bottom are great.


----------



## WindowOrMirror (Jan 10, 2005)

superantispyware, GMER, malwarebytes, and AVG are what I use in addition to a host of boot CD / USB images and Hijaak Pro.


----------

