I am the resident computer guy.  So I get lots of requests to fix computers.  It is now so easy to remove most malware that I am really surprised people still ask me.  Here is how I remove malware on most systems.

Step 1.  Download the Trial Version of malwarebytes

You can get the trial version for 30-days.  It is great software so I encourage you to buy it - https://www.malwarebytes.com/  Download the free trial on your desktop or somewhere you can easily find it.

Step 2.  Restart your system in “Safe Mode”

Once malwarebytes is downloaded on your system, restart the computer and hit the “F8” key to over and over until you are given the option to boot the system in a different state. Select “Safe Mode”

Step 3.  Install Malwarebytes

Double click Malwarebytes, and follow the instructions.

Step 4. Start Malwarebytes

How long this takes depends on how much data Malwarebytes has to go through and how fast you system is.  Some things will take more than normal antimalware software.  Rootkits for example, are a little harder to get rid of.  For these, I have found it helpful to google the errors, warning banners and symptoms you are seeing to find someone else who had the same issue and fixed it.  Some are so bad you will have to search for an answer on a separate system.

Good luck to you.

**Sent from a subscriber**

I was surfing the Internet and I found following bad link: http://www.1zoom.net/ Cities /wallpaper/306150/z904/

As I was trying to move my cursor to get out of the site, another tab popped up saying that I must update my google chrome.  I closed it.  

I tried opening the tabs once more with the website to confirm if my suspicion was right.  It led me to another tab that was asking me to download a software in my toolbar.  I have not taken the screenshot on that one.  I went back to my computer history to search for that specific link and it was not there anymore.  A warning of a virus appeared in my screen. That is really scary. Always be cautious and careful while browsing online.

Malware detected

Dear NAMEUSER,

You have to appear in the Court on the April 14.  You are kindly asked to prepare and bring the documents relating to the case to Court on the specified date.  Note: The case will be heard by the judge in your absence if you do not come.

You can review complete details of the Court Notice in the attachment.

Regards,
Hugh Buckley,
Clerk of Court.

State Court <hugh.buckley@ns89.websitewelcome.com>

I have been getting a lot of these “County Court” notifications.  They usually have an infected attachment with them.  If you open the attachment, your system gets infected with all kinds of stuff.

courtesy of techcrunch.com

Dear user,

This is to inform you to appear in the Court on the April 24 for your case hearing.
Please, prepare all the documents relating to the case and bring them to Court on the specified date.
Note: If you do not come, the case will be heard in your absence.

The copy of Court Notice is attached to this email.

Regards,
Brad Marks,
District Clerk.

More online fraud.  Here is a fake fedex email that attempts to deliver you an attachment with malware.  If you get the email do NOT open the attachment and do NOT respond.

FedEx International Ground <clifford.barron@cio.posluh.hr>

Dear UserName,

Your parcel has arrived at March 14. Courier was unable to deliver the parcel to you.
You can review complete details of your order in the find attached.

Yours trully,
Clifford Barron,
FedEx Station Agent.

The attachment has the following malware:

Reporting mail fraud: Notice of appearance in Court #00000443455

If you receive this email, Do NOT open the attachment.

Notice of Appearance in Court – email malware with attachment: Court_Notification_00000443455.zip

DO NOT OPEN the Attachment!

This attachment has the following malware:

Dear UserName,

This is to inform you to appear in the Court on the April 02 for your case hearing.
Please, do not forget to bring all the documents related to the case.
Note: If you do not come, the case will be heard in your absence.

The copy of Court Notice is attached to this email.

Sincerely,
Alberto Crabtree,
Court Secretary.

Be careful when you download new software.  Download from the actual creator of the software as much as possible.  Avoid getting software from bittorrents.  If you do, at least look at the comments of the bittorrent you plan on downloading.

Search engines such as google are great for finding software, but not always the safest.  Its best to get software directly from the organization that created not random sites.

For example, at one time “Joydownload. com” was among the top results for the “Yahoo Messenger”   and other apps.  But this site may have trojans in it.

Joydownload is a known malware distributions site:

• http://safeweb.norton.com/reviews?url=joydownload.com
• http://www.scumware.org/report/www.joydownload.com.html

Joydownload scan From VirusTotal:

If you got lloyds message service – debit posted in an email then its a virus.  This .zip is malware verified by VirusTotal.com

courtesy of tranquilnet

Subject: You have received a new debit

This is an automatically generated email by the Lloyds TSB PLC

LloydsLink online payments Service to inform you that you have

receive a NEW Payment.

The details of the payment are attached.

This e-mail (including any attachments) is private and confidential

and may contain privileged material. If you have received this

Scan From VirusTotal:

What is AutoRun.inf?
What exactly is an autorun.inf? Is it a virus or just a file that needed by other application in our computer to run? Have you ever gotten alerted by your system anti-virus application that autorun.inf was detected as a threat to your computer?

AutoRun.inf is a primary instruction file associated with Autorun function. Autorun.inf is just a simple text-based configuration file that tells the operating system which executable to start or which icon to use. In other words, Autorun.inf simply tells the operating system how to deal on the programs or executable files and how the operating will treat the contents of a CD or any removable disks that is plug to your computer.

Autorun.inf is not a malware, but a virus might use autorun.inf to get access to your computer programs and files. Common virus like bacalid, ravmon.exe and even Trojan virus hides in autorun.inf to easily spread to your computer. These viruses save themselves in the root directory of the infected hard disks and will run themselves every time you double click the drive. Usually if a USB stick or a CD was infected by a virus, once it was plugged to your computer the device automatically runs itself especially with the device where autorun was enabled.

If autorun.inf was detected by your anti-virus as a threat to your computer but not yet tried to make an action then here are some tips to remove autorun.inf which are infected by virus.

You can disable autorun.inf for all drives by configuring the registry of your computer. First you need to open the registry by typing regedit.exe to the command prompt or you may execute it in run. Then look for this registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Double-click the NoDriveAutorun DWORD entry and type the value HEX: FF (255 in Decimal). (If the NoDriveAutorun does not exists, you can create it by right-clicking the right side area of the regedit window, then click New->DWord Value -> type NoDriveAutorun) Close the registry and restart the computer. This procedure will disable all the autorun for all drives of your computer and at least will prevent the autorun function of infected USB drives or CDs and avoid the infection of viruses like the Bacalid and RavMon.exe.

Another procedure to disable or delete autorun.inf that has been infected by virus is by using the command prompt, type cd\ then press enter. You may type the letter of your USB drive or CD drive, for example F: then press enter. Type this attrib –h –r –s autorun.inf then press enter, type del autorun.inf.That’s the easiest way to avoid spreading virus from your computer especially using sutorun.inf. If you have any questions, you can comment on this post, thank you!

Sophos put out a Star Trek Based Anti-Virus. Pure genius. The downloads for it are off the charts. Its free. Its fun and its increbibly smart marketing. Like many brilliant ideas it was an accident. Well, it was put out as an accident. But I for one am glad it was.

The Star Trek movie was awesome by the way! Great move for a franchise that deserves a larger commercial audience. I’m anxious for more movies and shows.