[Bglug] O.T. Windows Malware removal Tip

Bob Jonkman bjonkman at sobac.com
Sun Jul 17 17:01:08 EDT 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

As a Linux user, I thought you might have booted the computer from a
live Linux image, then used GNU/Linux tools to scan and clean the
Windows drive. I've done that successfully...

But in general, when the malware goes so deep into the OS as you
describe, the best solution is to save the documents to an external
drive, wipe the computer drive, re-install Windows, then restore the
documents.  And hope the malware isn't carried back to the computer in
those restored documents!

- --Bob.


On 2016-07-17 10:22 AM, LP wrote:
> Hi all, My Wife's PC was acting different, first clue. Windows will
> not update even after running MS fix it software for updates 
> issues, second clue. Her VPN keeps being turned off so I locked it
> with Kill, Third clue. Ran Hit Man Pro found some tracking cookies,
> was unable to remove even though Hit man said it was gone. PC set
> to refuse cookies and or delete History "Never Remember" also ran
> adwcleaner, JRT, & Malware Bytes, tracking cookies keep re 
> appearing. So I ran this Tutorial:
> http://www.wintips.org/malware-removal-guide/ Still cannot update
> Windows & Hit Man keeps finding the Same tracking cookies. So... I
> decided to download spybot search and destroy, BUT I could not
> open safer-networking.org. I ran whois  safer-networking.org = 
> https://www.virustotal.com/en/ip-address/69.172.201.153/information/
>
> 
I also found many pages stating that Spybot S&D Server at 69.172.201.153 is
> pushing drive by Malware of just about everything you can name, and
> that is why Avira would not allow me to connect. It all started
> after my Daughter installed a very popular kids game "ROBLOX" not
> sure if there is a connection. LP
> 
> 
> 
> _______________________________________________ Group mailing list 
> Group at bglug.ca http://bglug.ca/mailman/listinfo/group_bglug.ca
> 

- -- 


- --
Bob Jonkman <bjonkman at sobac.com>          Phone: +1-519-635-9413
SOBAC Microcomputer Services             http://sobac.com/sobac/
Software   ---   Office & Business Automation   ---   Consulting
GnuPG Fngrprnt:04F7 742B 8F54 C40A E115 26C2 B912 89B0 D2CC E5EA



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Ensure confidentiality, authenticity, non-repudiability

iEYEARECAAYFAleL8hMACgkQuRKJsNLM5erIsgCgxloemSNIAnr4xBvHmIhQ69/G
64EAoMXPBz/IchqSBWbwpdnPVPJBo15J
=BV43
-----END PGP SIGNATURE-----




More information about the Group mailing list