Dealing with malware

Since I retired I have started volunteering for the RNIB, went to a client today and her PC is riddled with malware and probably viruses as well. When I got there it had a dozen or more browser windows open all sell their wares. I have never really been involved in sorting out this type of problem before, where do I start? She only has windows defender for protection and that won’t update now either. I’ll ask in the RNIB forums as well but thought I’d ask the experts first.

Depends on how bad it is. If it is so bad you can’t install anti-virus/malware software then I’d get another system set up with anti-virus/anti-malware. Then remove the hard disk and connect it to the cleaning system and run what you can at it.

I would try Malwarebytes first if it will allow you. The free version is damn good at picking up a lot of nasties.

i always find there not well hidden, just use task manager to scout out things that look dodgy, close them and then install malwarebytes. or safe mode then malwarebytes/hijack this (i dont know how many up to date these are now) to analyse the hijack this data i always used http://www.hijackthis.de/ . not had to do one for a long time but hope this helps
Bully

Malwarebytes is still active for sure. They give you a free trial of the paid for version on new installs so that might help. Otherwise there is still a free version.

Cheers guys, at least it gets me started, I also found that Kasperky do a free recovery disk updated with the latest virus definitions every day.

Went to my client yesterday, and took my HTPC with me installed her hard drive in it and removed some 400 items with my Norton installation, refitted hard drive and installed free versions of Malwarebytes and BitDefender, three scan cycles later there were still objects being detected but between them some two thousand items cleaned, much much better but still some way to go, they seem to reappear as soon as you remove them, am I doing something wrong? But anyway chaps thanks for the help.

sometimes, even a drive pull and clean can’t get rid - especially if it’s a kernel rootkit infection.

Sounds like a pull the data and re-install job :frowning:

One thing to remember is System Restore. The malware can keep a copy there and re-infect your system again when you reboot. I had a frustrating fight a long time back and it wasn’t until I turned off system restore and then cleaned up the hard drive that I managed to get rid of it. Nasty little sod it was.