Malware

[pegasis]

what is the best/safest way to remove PUP.dealply
without corrupting boot files

 

[Ketchup]

Malwarebytes. Use the Premium Trial. Step-by-step is here.

https://forums.malwarebytes.org/topic/162390-removal-instructions-for-dealply/

 

[daveybrat]

I'll add to Ketchup's list:

1) Run AdwCleaner

http://www.majorgeeks.com/files/details/adwcleaner.html

2) Run Junkware Removal Tool

http://www.majorgeeks.com/files/details/junkware_removal_tool.html

3) Run Malwarebytes

http://www.majorgeeks.com/files/details/malwarebytes_anti_malware.html


If you download and run all 3 of those, you should be good to go!

 

[corkyg]

Malwarebytes Premium has a setting that allows you to tell it to treat PUPs as malware. During scans, they will then be ID'd and allow you to decide what to do with them. I always tell it to delete them, and it does.

 

[Raizinman]

I also use Hitman. Malwarebytes doesn't always find and remove everything. Hitman does.

 

[michaelvilman]

ithink malwarebytes its free and its the best on market
https://www.malwarebytes.com/mwb-download/
also "superantispyware" do the job superantispyware

 

[corkyg]

There is a difference between Malwarebytes (free) and Malwarebytes Premium (not free.)

 

[denis280]

There is a difference between Malwarebytes (free) and Malwarebytes Premium (not free.)

Yes with the free you're limited

 

[lenjack]

You need to run the free version manually. The paid (premium) version, runs real time. meaning it is always running in the background. Well worth it. You can set it to update automatically. Not expensive.

 

[Ettitt]

For me Run Junkware Removal Tool worked. You may give it a try. Hope it will work for you too.

 

[pegasis]

I have tried everything
bitdefender is constantly finding and quarantining files, restarting to deleting, and they seem to return
same behaivoir

I see emailware*.* files, and I think the MBR is infected

what do you recommend for actions and software, please

 

[Bubbaleone]

What you're describing is typical behavior for a boot sector virus. When well crafted, they're fully capable of hiding from and/or actually disabling your antivirus software. This type of infection cannot be effectively removed from within the Windows environment. Boot viruses are removed with certainty only when when Windows is offline. IMHO, the best tool for accomplishing this task is Kaspersky's Rescue Disk 10 which runs from a live Linux CD and can fully access your offline Windows installation.

Go to this page: http://support.kaspersky.com/us/viruses/utility#, where you will find all of Kaspersky's virus tools. Scroll toward the bottom of the page and download "Kaspersky Rescue Disk + WindowsUnlocker Version 1.2.2". Burn the ISO to either CD or USB thumb drive, set your BIOS boot menu accordingly, then boot into KAV 10 and get busy.

.

 

[UsandThem]

I have tried everything
bitdefender is constantly finding and quarantining files, restarting to deleting, and they seem to return
same behaivoir

I see emailware*.* files, and I think the MBR is infected

what do you recommend for actions and software, please

I only had a really bad infection like that one time back in the early 2000's (the one and only time I used McAfee because it was free with my cable internet). The malware and viruses were so bad, and all the utilities I used wasn't able to get rid of all of it.

I ended up just formatting my drive. However, I always keep back-ups of my files, so I didn't have to worry about losing anything. I didn't see anywhere in this thread if you use anti-virus/security suite software. If not, get one. They aren't foolproof, but they do help. Outside of the one time I went with McAfee, I use Norton Security. I just pick up a 5 PCs / 1 year license when they go on sale at Amazon for $20.

http://www.av-comparatives.org/

 

[pegasis]

I format and wrote the Kaspersky Rescue Disk + WindowsUnlocker Version 1.2.2 to the USB drive using rufus and the operation completed.

I selected the boot sequence to boot to the USB, but the OS boots right to windows??

 

[pegasis]

the kapersky rescue disk maker gives an unknown error on trying to burn the Kaspersky Rescue Disk + WindowsUnlocker Version 1.2.2 to the USB

I have trird burning the .iso to usb 3 times, and it will not work for whatever reason

 

[Bubbaleone]

the kapersky rescue disk maker gives an unknown error on trying to burn the Kaspersky Rescue Disk + WindowsUnlocker Version 1.2.2 to the USB

I have trird burning the .iso to usb 3 times, and it will not work for whatever reason

Study this: How to record Kaspersky Rescue Disk 10 to a USB device and boot a computer from it.

If you're using a USB 3.0 thumb drive try switching to a USB 2.0 stick instead. If you're already using a USB 2.0 thumb drive and still having problems, try switching to a different make (inexpensive generic drives work just fine).

Edit: I hope you're not trying to burn this on your infected machine and, if you have been, perform a full format on that thumb drive before plugging it into any other PC.

.

 

[pegasis]

I have gotten a second USB to be written to, and I have configured the Bios and boot sequence to my abilities.


I see no boot from removable drive specific option.
I have set the boot priority to USB first

but windows boots right past the USB??

I can't understand why something so simple is so difficult

 

[Bubbaleone]

I have gotten a second USB to be written to, and I have configured the Bios and boot sequence to my abilities.


I see no boot from removable drive specific option.
I have set the boot priority to USB first

but windows boots right past the USB??

I can't understand why something so simple is so difficult

Post the specs for your PC so we can take a look at the user manual because I suspect you're missing a step somewhere. I can't emphasize enough that you need to burn this on an uninfected machine. Accepted best practice in your scenario dictates use of a different (clean) PC to download the ISO and USB maker from Kaspersky as well as for burning the ISO to USB.

.

 

[pegasis]

MoBO specs:

http://www.cnet.com/products/asus-z87-k-motherboard-atx-lga1150-socket-z87-series/specs/

I have sent an email to ASUS tech support

seems to be lots of articles on ASUS and booting to USB.

I have read several and watched a couple you tube video to no avail

the options that need to be selected in Z87-K bios seems to be:

secure boot off , I see no switch to turn secure boot OFF, only enable legacy??

CSM on; I have enabled this option

Thanks for the support

 

[Bubbaleone]

MoBO specs:

http://www.cnet.com/products/asus-z87-k-motherboard-atx-lga1150-socket-z87-series/specs/

I have sent an email to ASUS tech support

seems to be lots of articles on ASUS and booting to USB.

I have read several and watched a couple you tube video to no avail

the options that need to be selected in Z87-K bios seems to be:

secure boot off , I see no switch to turn secure boot OFF, only enable legacy??

CSM on; I have enabled this option

Thanks for the support

Here's the ASUS support page for your mobo:

https://www.asus.com/us/Motherboards/Z87K/HelpDesk_Manual/.

If it isn't already done, upgrade to the latest BIOS version (1402) before continuing.

Follow this guide to (temporarily) disable Secure Boot:

How to Disable or Enable Secure Boot on Your Computer via ASUS UEFI BIOS Utility

(See section 2.6.5 of the user manual, "USB Configuration"). Set "Legacy USB Support" to "Enabled".

(See section 2.8 of the user manual, "Boot menu"). Set "Fast Boot" to "Enabled", set "USB Support [Partial Initialization]" to "Full Initialization".

After you're done cleaning up the infection/s, re-enable secure boot.

.

 

[Jembo]

To boot from USB in Windows 10, you have to go to Settings ->Update & Security->Advanced Startup.

 

[Bubbaleone]

To boot from USB in Windows 10, you have to go to Settings ->Update & Security->Advanced Startup.

Secure Boot is a technology wherein the system firmware (BIOS/UEFI) checks that the operating system (Windows in this case) boot loader is signed with a cryptographic key authorized by a database contained in the firmware (BIOS/UEFI).

Secure boot prevents the installation and/or booting of any operating system other than the system that was originally installed at the time secure boot was enabled. In this case the OP needs to boot a live Linux disk (KAV Rescue 10) which is why secure boot must first be disabled, since a live Linux disk obviously won't contain the matching cryptographic key used by the Windows operating system that's currently installed and secured.

"Advanced Startup" settings within the Windows environment have nothing to do with secure boot settings within the firmware environment regardless of whether the media one is trying to boot from is ATA, SATA, USB, or optical.

.

 

[John Connor]

Do you not have a DVD drive? You can burn the ISO to DVD and boot that as well. IMGBurn can burn the ISO to DVD.

Bitdefender also makes their Bitdefender Rescue disk.