IMO ZoneAlarm is a waste of money. The Windows firewall is perfectly sufficient for an average home user.

I'm going to get around to updating the OP with some more information that's been suggested as well, such as ComboFix and System Restore. Just been busy.

quote:

---

Any thoughts about ZoneAlarm?

---

Agreed w/ 99. IMHO, ZoneAlarm used to be really decent (even the free version). These days it's just bloatware that will impact your computer's performance just as much as the malware it tries to keep you from seeing. It's not worth it any more.

As already mentioned, the Windows Firewall, while not perfect, is usually more than adequate against most casual browsing.

Could add links to bleeping computer where they offer free assistance.

Also for those that can't install any new programs there is rkill (available free from bleeping computer)

quote:

---

Firefox whenever possible.

---

And run noscript JAvascript blocker on FF. Will address 90 percent of the malware delivered by websites now (more common than e-mail malware).

What about for Mac's? Is there an antivirus or antispy/malware that anyone can recommend? Very helpful thread by the way. Thanks to the OP on this.

Macs comprise a very small percentage of the the computer market, so not many viruses/spyware are targeted at them. In all honesty, you probably don't need A/V for a Mac. If it makes you feel better, however, ClamXAV is pretty good.

Thanks Jason, I know the Mac is a very small % of the market so they get overlooked by virus and such, but I think it is just a matter of time before something ugly comes out there way because someone wants to make a point. I would rather be safe than sorry. Thanks again for the info.

I'm unable to access the safe mode in Windows 7. For some reason, it tells me to enter a code or something similar. How do I get past this to run the malware protection SWs?

I can't think of anything it would be asking besides your administrator login.

You can try running the SW without being in safe mode. If it won't run, try running RKILL first.

+ 1 for rkill. Download the internet explorer version and use it to kill the malware process. Then run malwarebytes and it cleans it up quite well.

The dewshes that do this malware crap can diaf as far as I am concerned.

Best thing to do might be to wipe the disk and reinstall everything unless you are absolutely positive that you only got the viruses you know about and they don't do anything that could make your computer susceptible to further attacks.

If it installs a rootkit, you will never be able to be sure that you got rid of everything. Or even that you got rid of anything.

Any advice on getting rid of a Google redirect virus???

ttt

quote:

---

Any advice on getting rid of a Google redirect virus???

---

Navigate to C:\Windows\System32\drivers\etc and open the hosts file with Notepad. Make sure that nothing in there points Google anywhere. Save any necessary changes.

On my computer there is a main account and then a guest account. The guest account was being used when it got infected. I downloaded Malwarebytes, but when I tried to update to the latest definitions, it gave me this error, PROGRAM_ERROR_UPDATING (12007,0,WinhttpSendRequest), and I when I just try to download to a flash, I don't see any options to download the latest definitions as well. Any help with how I can get them?

I scanned the main account with Malwarebytes and it found 15 items that it removed, but it won't let me scan on the guest account because the fake anti-virus software (XP Security 2011 or something like that) starts running. The fake version even runs in safe mode. Also installed and ran MSE on the main after Malwarebytes finished and it found nothing with the quick scan (running full scan now).

What should I do next? Not sure how to clean the guest account.

re sticky

+1 for Malwarebytes, Combofix and rkill. Combofix and rkill can both be downloaded through Bleepingcomputer.com. I had SuperAntiSpyware eat one OS so I don't use that one anymore.

KHKman22, try the rkill tool before running Malwarebytes. rkill will stop most active malware processes which should allow you to run Malwarebytes.

Another viable way would be to make a Linux boot usb key and use that to be able to clean the hard drive. It should allow a safe controlled platform.

Or am I crazy?

There's a few things exactly like that.

Trinity Rescue Kit

Knoppix-STD

LinuxDefender (I believe this is based on Knoppix)

I'm sure there's more. Many AV products have their own boot CDs as well. Not linux-based, but same concept.

ttt

quote:

---

I'm sure there's more.

---

There are also AVG, Kapersky, and Bit Defender rescue cds.

bump...some people were asking about it.

Bump...

Thanks!!

Thank you texags! I had a bad virus and this worked very well. I couldn't use the Internet or even open files, but when I booted in "safe mode with networking" I could, and it was smooth sailing from there.

ttt for agracer

tks

TTT

three years later, I'm curious how up to date these instructions are. Are those programs by OP still up to date?

The programs listed in the OP are still very much "up to date" so long as you download the most current version.

MalwareBytes and Microsoft Security Essentials are still very good programs and ones most people still suggest in my experience. There may be some new options out there, but using the ones in the OP aren't going to cause you any issues.