Yahoo Malware Removal
- The Go.Yahoo infection exhibits certain characteristics, which distinguish it from other, better-known viruses. Some of these include slow searches and search re-directions, including those from the search bar and the address bar when typing in a direct URL. These searches redirect to either an infected search results page, or an advertisement page. In both cases, the links are infected, and clicking on the links or ads will further harm the PC. The virus will block access to security programs pages, such as McAfee.com, or Malwarebytes.org, as well as "self-help security forums." The infection redirects either to more pages with advertisements or pages stating "No Internet Connection" or "Page Not Found." The infection also disables and/or removes the "F8" key, normally present in the Boot Menu when starting the PC; this key allows the PC to boot in "Safe Mode." All downloads from security sites freeze to stop the disinfection, as the infection knows all names of the security programs. In addition, by disabling certain vulnerability security patches previously installed by Microsoft to fix an unrelated problem, it allows further and more dangerous infections to install themselves through the new holes created in these patches.
- Download the Malwarebytes Anti-Malware 2009, a free program, from an uninfected PC onto a flash drive, or other removable storage drive and rename it from "mbam-setup.exe" to "bammy.exe" or something similar, to stop the Trojan from detecting the anti-malware program as it installs itself on the infected PC. Disable the Autorun and System Restore features. Allowing them to run will stop disinfection efforts and makes the problem worse. Both features will reinfect a PC after cleaning. Security programs cannot reach the System Restore drive to clean it when on, so when the PC starts up after disinfection, the infected file on the System Restore drive will reinfect the system. The Autorun feature, if left on during the cleaning process, will infect the flash drive when inserted, making Malwarebytes useless.
- Insert the flash drive with the Malwarebytes Anti-Malware 2009 program into the USB drive of the infected PC. Click "Start" then "My Computer," then double-click the flash drive's corresponding letter, usually "D," "E," or "F," although it depends on the computer. Double-click the file you renamed to run the "Installation Wizard" and follow the prompts, changing none of the settings, to install Malwarebytes. When installation finishes, on the dialogue box that opens, check the boxes labeled "Launch Malwarebytes" and "Update Malwarebytes" then click "Finish" and the program will start. Click "OK" to close the dialogue box that opens asking if you want to update virus definitions, as you updated them with program installation. Click the tab labeled "Scanner" then "Perform Full Scan" then "Scan" to start the Malwarebytes detection scan. The process can take anywhere up to four hours or more to scan the PC completely, depending on its size and the extent of the infections found. Click "OK" when the dialogue box opens alerting you to the finished scan, then click "Show results" and, making sure all boxes next to the results are checked, click "Delete Selected" to remove any infections found. When Malwarebytes finishes this process, it opens a log file in the Note Pad program, and you can delete or save this file for reference. Run the scan one more time for assurance the infection is gone.
