Dealing With Malicious Hijackers, Spyware & Viruses - Computer Repairs

Some of the problems found where:

- TR/CryptXPACK.Gen
- TR/Monderbiqq.1
- TR/Agent.aggx.1
- TR/Dldr.Small.DDT.2
- Gen/PwdZIP
- TR/Dldr.Zlob.Gen

Here's my experience and the tools I used to remove these threats....

Step 1) Back Up / System Restore:

It's crucial that we do NOT have system restore activated when trying to delete malicious software from our system. The reason for this is that we don't want to keep a backup of the problem while trying to get rid of it. The last thing we want is to find/remove all problems just to learn later on that they found a way back in because of system restore. Here's how we de-activate system restore in Windows.

• Windows: Start / Control Panel / System (Performance & Maintenance) / System Restore
• 1- Make sure that system restore IS checked "Turn off system restore".
• 2- Click Apply / OK

You may also want to backup all files that are on your computer that you feel are important. This should be done on a regular basis anyways. Get some CD-ROM disks and start backing up all the information you want kept. This step will not help to get rid of the problems, but make sure you scan every disk you have afterwards to ensure that none of your problems created a copy of itself onto your backup disks.

Step 2) Disk Cleanup Utility:

It's very important to keep your systems registry clean and discard all old history files, etc. We do this with a free tool called "CCleaner".

Download CCleaner here:
http://www.ccleaner.com/download

Remember to "Run" the program and go through the installation process.

1- Once opened click on "Analyze", then "Run Cleaner" and let it CCleaner work its magic. This may take a little while depending on your system. Once all the files are found, click on "Cleanup".

2- After cleaning your system, click on "Registry" to the right and "Scan for Issues". After finding any issues click on "Fix selected issues".

NOTE: When asked to "create a backup file" do so right away just in case. When using these "nursing tools", always remember to create a backup file just in case we delete something vital.

Step 3) Hijacking / Hijacker Removal Tools:

It's hard to say whether your computer is infected with viruses or hijackers/malware. There's a big difference and we will deal with both of them within this tutorial.

If you don't already have "Ad-Aware SE Personal", download the software here:
http://www.lavasoft.com/products/ad_aware_free.php

Again, click on "RUN" and go through the setup process. Open the program and run a "live update" to get the latest definitions. Do NOT run a scan just yet.

Once complete, we will restart your computer in order to run this program in "SAFE MODE". We do this because safe mode allows us to perform a thorough search without running programs that are not absolutely vital to use your system. Under SAFE MODE, you will be restricted to certain tasks but it won't affect your ability to scan your entire computer.

Reboot your computer and right away start clicking on F8. You will eventually be prompted to select a system to use, which you then want start your computer in "Safe Mode" and not Regular Mode. If you do not make a selection within 30 seconds, your system will automatically start in regular mode which we do not want. You may have to reset your power twice before getting the right screen.

Let your system load all the file necessary to run in Safe Mode. You will notice a big change with your graphics, and desktop icons. Not to worry, this is normal.

From Safe Mode, click on the Ad-Aware icon and run a "Full System Scan". This may take some time depending on how many files you have on your computer. Let it do-it's-thing.

When complete, fix all issues and reboot your system normally.

=====
NOTE:
=====

There are other hijacker removal tools that are extremely helpful, but please only use these tools if you know a little bit about how computers work, what files are vital, etc. Once such tool is "Spybot - Search & Destroy". I've used this tool for many years and have found hijackers within my system were others have failed. I must warn you that this tool is not for basic users, you may unwillingly delete files that are vital for your system to run.



Please use the Spybot tool at your own risk, download here:
http://www.safer-networking.org/

Step 4) Virus Scan in Safe Mode:

Assuming that you already have a virus software installed, you'll want to repeat the steps mentioned above and run a full system scan in safe mode with your virus protection tool.

NOTE: If you have software's like Norton Antivirus, get rid of it. Norton couldn't find all of the hijackers & viruses that were infecting my computer. Instead, download a free utility called "Avira AntiVir Personal", or even "AVG Free".

Download Avira AntiVir Personal here:
http://www.free-av.com/en/download/1/download_avira_antivir_personal__free_antivirus.html


Download AVG Free here:
http://free.avg.com/download-avg-anti-virus-free-edition

Both are amongst the best available at no cost. I personally use Avira, but that's my preference.

Once you have a proper anti-virus program... run the program in Safe Mode like I explained in Step 3. Reboot your system after completing this task and check to see if your problems are gone.

Step 5) HijackThis Utility if all else fails:

HijackThis is a tool dedicated to showing you (in the form of a text report) every single process that is using your system. This information is vital because with this text report you can then go within IT tech forums online and post your findings for professionals to help you out.

Download HijackThis utility here:
http://www.filehippo.com/download_hijackthis/

RUN the setup wizard and install the program. After installation, run HijackThis and click on "Do a system scan and save a log file". This will scan your computer and open up Notepad to save the findings. With these results, it's time to seek out expert advice. We do this by going to forums like the ones listed below here:

BleepingComputer.com:
http://www.bleepingcomputer.com/forums/forum22.html

Tech Support Forums:
http://www.techsupportforum.com/security-center/hijackthis-log-help/

The easiest way to find these forums is to search (Within Google.com) "Hijackthis support forum". This search will give you some of the best help on the planet. Best of all, the help you get will be free.

Step 6) Last & Worst Option - Windows System Re-Install:

Some hackers are extremely good at what they do and have come up with viruses & hijacking scripts that elude the best computer utility programs out there. If your computer is so infected that you have:

• - Blue screen of death
• - Consistently rebooting
• - Not loading up Windows
• - Can't get rid of the spyware no matter what

... Then it may be time to consider your last option for defence. You may be faced with the last option available, a complete system re-install. This is not the easiest decision you will be faced with, but may be necessary. If you do not wish to explore this option, I recommend opening up your local telephone directory and getting in touch with an IT expert that can help assess your situation.

There you have it. With the tools mentioned within this article, you should have what it takes to get rid of low risk and high risk problems from your computer.

About The Author:

Martin Lemieux is the owner of a large advertising network online and offers practical tips for everyone to use. His vast experience online has given him the ability to help 1000's of people with their computer problems, internet learning, and business growth.


For more tips like these, go here:
http://www.martinlemieux.ca/general-purpose/

Article99.com:
http://www.article99.com/IT/virus-news/

Smartads.info:
http://information-technology.smartads.info/spyware/

Martin's RSS Feed:
http://www.MartinLemieux.ca/xml/

Copyright Š, MartinLemieux.ca - All Rights Reserved. Reprints accepted.