{"id":1034,"date":"2011-09-14T04:09:19","date_gmt":"2011-09-14T04:09:19","guid":{"rendered":"http:\/\/malwaretips.com\/Thread-How-to-remove-dayoftheweek-com-Removal-Guide"},"modified":"2011-10-23T10:22:41","modified_gmt":"2011-10-23T10:22:41","slug":"how-to-remove-dayoftheweek-com-removal-guide","status":"publish","type":"post","link":"https:\/\/malwaretips.com\/blogs\/how-to-remove-dayoftheweek-com-removal-guide\/","title":{"rendered":"How to remove *dayoftheweek.com (Removal Guide)"},"content":{"rendered":"<p><span style=\"font-weight: bold;\"><span style=\"text-decoration: underline;\"><span style=\"font-size: large;\">What is *dayoftheweek.com?<\/span><\/span><\/span><\/p><div id=\"mwtad1736137273\" class=\"gas_fallback-ad_309684--placement_360520\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"3957935887\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<p><span style=\"font-weight: bold;\">*dayoftheweek.com<\/span> is a dangerous search hijacker virus (DNS hijacker) that alters the Windows HOSTS file and registry to hijack Firefox, Explorer and other internet browsers. If your computer is infected with Search Redirect Virus it will take you to fake websites 2 or 3 times after you click on a Google \/ Yahoo \/ Bing listing, as well as loading up a series of false popups to try and sell you some fake products. *dayoftheweek.com is a serious security and privacy risk that can steal credit card information and change important Windows registry files.<br \/>\nYou are strongly advised to follow our removal instructions below.<\/p>\n<p>\n<span style=\"font-size: large;\"><span style=\"font-weight: bold;\"><span style=\"text-decoration: underline;\">Am I infected?<\/span><\/span><\/span><br \/>\nThis is how the main screen of the rogue application looks:<\/p><div id=\"mwtad4028259813\" class=\"gas_fallback-ad_381396-ad_309691-placement_360566\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"1471373341\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<p><img decoding=\"async\" src=\"\/\/i.imgur.com\/YPVb0.png\" border=\"0\" alt=\"[Image: YPVb0.png]\" title=\"\"><\/p>\n<p><span style=\"font-size: large;\"><span style=\"font-weight: bold;\"><span style=\"text-decoration: underline;\">Removal Instructions<\/span><\/span><\/span><br \/>\n(If you experience any problems completing these instructions, please start a new thread <span style=\"color: #0000FF;\"><span style=\"text-decoration: underline;\"><a href=\"http:\/\/malwaretips.com\/Forum-Malware-Removal-Assistance-and-Help\"><span style=\"font-weight: bold;\">here<\/span><\/a><\/span><\/span>)<\/p>\n<p><span style=\"font-size: medium;\"><span style=\"font-weight: bold;\">STEP 1 :<\/span> Start your computer in <span style=\"font-weight: bold;\">Safe Mode with Networking <\/span><\/span><\/p>\n<ul>\n<li>Remove all floppy disks, CDs, and DVDs from your computer, and then restart your computer.<\/li>\n<li>Do one of the following:\n<ul>\n<li>If your computer has a single operating system installed, press and hold the F8 key as your computer restarts. You need to press <span style=\"font-weight: bold;\">F8<\/span> before the Windows logo appears. If the Windows logo appears, you will need to try again by waiting until the Windows logon prompt appears, and then shutting down and restarting your computer.<\/li>\n<li>If your computer has more than one operating system, use the arrow keys to highlight the operating system you want to start in safe mode, and then press <span style=\"font-weight: bold;\">F8<\/span>.<\/li>\n<\/ul>\n<\/li>\n<li>On the Advanced Boot Options screen, use the arrow keys to highlight <span style=\"font-weight: bold;\">Safe Mode with Networking <\/span>, and then press <span style=\"font-weight: bold;\">ENTER<\/span>. For more information about options, see <a href=\"http:\/\/windows.microsoft.com\/en-US\/windows-vista\/Advanced-startup-options-including-safe-mode\" target=\"_blank\" rel=\"noopener\">Advanced startup options (including safe mode)<\/a>.<br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/I6J8P.jpg\" border=\"0\" alt=\"[Image: I6J8P.jpg]\" title=\"\"><\/li>\n<li>Log on to your computer with a user account that has administrator rights.<\/li>\n<\/ul>\n<hr \/>\n<p>\n<span style=\"font-size: medium;\"><span style=\"font-weight: bold;\">STEP 2 :<\/span> Download and run <span style=\"font-weight: bold;\"><a href=\"http:\/\/www.bleepingcomputer.com\/download\/anti-virus\/rkill\" target=\"_blank\" rel=\"noopener\">RKill<\/a><\/span> to terminate known malware processes.<\/span><\/p><div id=\"mwtad1995068027\" class=\"gas_fallback-ad_309686-ad_309691-placement_360569\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"6935453015\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<p>RKill is a program  that attempts to terminate known malware processes so that your normal security software can then run and clean your computer of infections. When RKill runs it will kill malware processes and then import a Registry file that removes incorrect file associations and fixes policies that stop us from using certain tools.<\/p>\n<p>As RKill only terminates a program&#8217;s running process, and does not delete any files, after running it you should not reboot your computer as any malware processes that are configured to start automatically will just be started again.<\/p>\n<ol type=\"1\">\n<li>Download RKill<br \/>\nBelow are a list of RKill download links using different filenames. We offer RKill under different filenames because some malware will not allow processes to run unless they have a certain filename. Therefore when attempting to run RKill, if a malware terminates it please try a different filename offered below.<\/p><div id=\"mwtad3819896612\" class=\"gas_fallback-ad_381401-ad_309691-placement_360573\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"5315249587\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<form action=\"http:\/\/download.bleepingcomputer.com\/grinler\/iExplore.exe\">\n    <input type=\"submit\" value=\"iExplore.exe Download Link\"><\/form>\n<form action=\"http:\/\/download.bleepingcomputer.com\/grinler\/rkill.com\">\n    <input type=\"submit\" value=\"RKill.com Download Link\"><br \/>\n<\/form>\n<form action=\"http:\/\/download.bleepingcomputer.com\/grinler\/rkill.exe\">\n    <input type=\"submit\" value=\"RKill.exe Download Link\"><br \/>\n<\/form>\n<form action=\"http:\/\/download.bleepingcomputer.com\/grinler\/rkill.scr\">\n    <input type=\"submit\" value=\"RKill.scr Download Link\"><br \/>\n<\/form>\n<\/li>\n<li>Double-click on the RKill icon in order to automatically attempt to stop any processes associated with this rouge.<br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/ZnT7s.png\" border=\"0\" alt=\"[Image: ZnT7s.png]\" title=\"\"><\/li>\n<li>Now RKill will start working in the background, please be patient while the program looks for various malware programs and tries to ends them.<br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/gATdF.png\" border=\"0\" alt=\"[Image: gATdF.png]\" title=\"\"><\/p>\n<ul>\n<li>If you receive a message that RKill is an infection, that is a fake warning given by the rogue. As a possible solution we advise you to leave the warning on the screen and then try to run RKill again.Run RKill until the fake program is not visible but not more than ten times.<\/li>\n<li>If you continue having problems running RKill, you can download the other renamed versions of RKill from the above links.<\/li>\n<\/ul>\n<\/li>\n<li>When Rkill has completed its task, it will generate a log. You can then proceed with the rest of the guide.\n<\/li>\n<\/ol>\n<p>\nNote: <span style=\"font-style: italic;\">Do not reboot your computer after running RKill as the malware programs will start again.<\/span> <\/p>\n<hr \/>\n<p>\n<span style=\"font-size: medium;\"><span style=\"font-weight: bold;\">STEP 3 : <\/span> Download and run <a href=\"http:\/\/support.kaspersky.com\/downloads\/utils\/tdsskiller.exe\" target=\"_blank\" rel=\"noopener\"><span style=\"color: #0000FF;\">TDSSKiller<\/span><\/a>.<br \/>\n<\/span><\/p><div id=\"mwtad3608892100\" class=\"gas_fallback-ad_381404-ad_309691-placement_381406\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"8735619847\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<ul>\n<li>Download  <a href=\"http:\/\/support.kaspersky.com\/downloads\/utils\/tdsskiller.exe\" target=\"_blank\" rel=\"noopener\"><span style=\"color: #0000FF;\">TDSSKiller.exe<\/span><\/a> and save it on your desktop<\/li>\n<li>Before you can run TDSSKiller, you first need to <span style=\"font-weight: bold;\">rename<\/span> it so that you can get it to run. To do this, right-click on the TDSSKiller.exe icon that should now be on your Desktop and select <span style=\"font-weight: bold;\">Rename<\/span>. You can now edit the name of the file and should name it a random name with the .com extension. For example, azdt.com or qwerty.com.<\/li>\n<li>Once the file is renamed, double-click on it to <span style=\"font-weight: bold;\">launch it<\/span>.<\/li>\n<li>TDSSKiller will now start and display the welcome screen as shown below.<br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/N2Nk5.png\" border=\"0\" alt=\"[Image: N2Nk5.png]\" title=\"\"><\/li>\n<li>TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.<br \/>\n<img decoding=\"async\" src=\"\/\/support.kaspersky.com\/images\/support_new\/2663-2-eng.png\" border=\"0\" alt=\"[Image: 2663-2-eng.png]\" title=\"\"><\/li>\n<li>To remove the infection simply click on the <span style=\"font-weight: bold;\">Continue<\/span> button and TDSSKiller will attempt to clean the infection.<\/li>\n<li>A <span style=\"font-weight: bold;\">reboot<\/span> might require after disinfection.<\/li>\n<\/ul>\n<hr \/>\n<p>\n<span style=\"font-weight: bold;\">STEP 4 :<\/span>Download and scan with the <a href=\"http:\/\/anywhere.webrootcloudav.com\/antizeroaccess.exe\" target=\"_blank\" rel=\"noopener\">ZeroAccess rootkit removal tool<\/a><\/p>\n<ol type=\"1\">\n<li>Please download the latest version of the ZeroAccess rootkit removal tool.<br \/>\n<form action=\"http:\/\/anywhere.webrootcloudav.com\/antizeroaccess.exe\/\" >\n<input type=\"image\" src=\"\/\/i.imgur.com\/0aTRt.gif\"  title=\"Download  ZeroAccess rootkit removal tool\" alt=\"\"><br \/>\n <\/form>\n<\/li>\n<li>Double click on <span style=\"font-style: italic;\">antizeroaccess.exe<\/span> to run it.<br \/>\n<img decoding=\"async\" src=\"\/\/img7.imageshack.us\/img7\/5348\/31653863.png\" border=\"0\" alt=\"[Image: 31653863.png]\" title=\"\"><\/li>\n<li>After the program will start it will ask you if you want to perform a System scan,in order to scan : press &#8220;<span style=\"font-style: italic;\">Y<\/span>&#8221; and then <span style=\"font-style: italic;\">Enter<\/span>.<br \/>\n<img decoding=\"async\" src=\"\/\/img43.imageshack.us\/img43\/7488\/28987717.png\" border=\"0\" alt=\"[Image: 28987717.png]\" title=\"\"><\/li>\n<li>The ZeroAccess rootkit removal tool will start now removing the malicious files. <br \/>\nIf during the removal process the program will displays a message stating that it needs to reboot, please allow this request.<\/li>\n<\/ol>\n<p><span style=\"font-size: medium;\"><span style=\"font-weight: bold;\">STEP 5 :<\/span>Download and scan with <span style=\"font-weight: bold;\"><a href=\"http:\/\/www.malwarebytes.org\/products\/malwarebytes_free\" target=\"_blank\" rel=\"noopener\">Malwarebytes Anti-Malware<\/a><\/span><\/span><\/p>\n<ol type=\"1\">\n<li>Please download the latest official version of Malwarebytes&#8217; Anti-Malware.  <img decoding=\"async\" src=\"\/\/cache.filehippo.com\/img\/ex\/1208__malwarebytes.png\" border=\"0\" alt=\"[Image: 1208__malwarebytes.png]\" title=\"\"><br \/>\n<form action=\"http:\/\/www.filehippo.com\/download_malwarebytes_anti_malware\/\" >\n<input type=\"image\" src=\"\/\/i.imgur.com\/0aTRt.gif\"  title=\"Download Malwarebytes' Anti-Malware\" alt=\"\"><br \/>\n <\/form>\n<\/li>\n<li>Install Malwarebytes&#8217; Anti-Malware by double clicking on <span style=\"font-weight: bold;\">mbam-setup<\/span>.<br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/AxE4f.png\" border=\"0\" alt=\"[Image: AxE4f.png]\" title=\"\"><\/li>\n<li>Follow the prompts. Make sure that <span style=\"font-weight: bold;\">Update Malwarebytes&#8217; Anti-Malware<\/span> and <span style=\"font-weight: bold;\">Launch Malwarebytes&#8217; Anti-Malware<\/span> are checked. Then click <span style=\"font-weight: bold;\">Finish<\/span>.<br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/EFk1d.png\" border=\"0\" alt=\"[Image: EFk1d.png]\" title=\"\"><\/li>\n<li>On the <span style=\"font-weight: bold;\">Scanner<\/span> tab, make sure the <span style=\"font-weight: bold;\">Perform full<\/span> scan option is selected and then click on the <span style=\"font-weight: bold;\">Scan<\/span> button to start scanning your computer for malicious files.<br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/Yomki.png\" border=\"0\" alt=\"[Image: Yomki.png]\" title=\"\"><\/li>\n<li>Malwarebytes&#8217; Anti-Malware will now start scanning your computer for infected files .When the scan is complete, click <span style=\"font-weight: bold;\">OK<\/span>, then <span style=\"font-weight: bold;\">Show Results<\/span> to view the results.<br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/dVY31.png\" border=\"0\" alt=\"[Image: dVY31.png]\" title=\"\"><\/li>\n<li>You will now be presented with a screen showing you the malware infections that the program found.<br \/>\nPlease note that the infections found may be different than what is shown in the image.<br \/>\nMake sure that everything is <span style=\"font-weight: bold;\">Checked<\/span> (ticked) and click on <span style=\"font-weight: bold;\">Remove Selected<\/span>.<br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/ZqRnb.png\" border=\"0\" alt=\"[Image: ZqRnb.png]\" title=\"\"><\/li>\n<li>Malwarebytes&#8217; Anti-Malware will start now removing the malicious files. <br \/>\nIf during the removal process Malwarebytes will displays a message stating that it needs to reboot, please allow this request.<br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/kY6jB.png\" border=\"0\" alt=\"[Image: kY6jB.png]\" title=\"\">\n<\/li>\n<\/ol>\n<p>Malwarebytes should completely remove this infection however you should also download other free anti-malware software from the list below and run a full system scan to make sure that your computer is clean :<\/p><div id=\"mwtad1461414870\" class=\"gas_fallback-ad_360582-ad_309691-placement_360581\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"9971336976\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<ul>\n<li><a href=\"http:\/\/www.surfright.nl\/en\/downloads\" target=\"_blank\" rel=\"noopener\">Hitman Pro 3.5<\/a><\/li>\n<li><a href=\"http:\/\/www.microsoft.com\/security\/scanner\/en-us\/default.aspx\" target=\"_blank\" rel=\"noopener\">Microsoft Safety Scanner<\/a><\/li>\n<li><a href=\"http:\/\/www.freedrweb.com\/cureit\/how_it_works\/\" target=\"_blank\" rel=\"noopener\">Dr.Web CureIt!<\/a><\/li>\n<li><a href=\"http:\/\/www.eset.com\/us\/online-scanner\" target=\"_blank\" rel=\"noopener\">ESET Online Scanner<\/a><\/li>\n<\/ul>\n<hr \/>\n<p><span style=\"font-size: medium;\"><span style=\"font-weight: bold;\">STEP 6<\/span> : Make sure that <span style=\"font-weight: bold;\">DNS settings are not changed<\/span><\/span><\/p>\n<ol type=\"1\">\n<li>Right click on the <span style=\"font-weight: bold;\">Network icon<\/span> in the Notification area, and click on <span style=\"font-weight: bold;\">Open Network and Sharing Center<\/span>. <br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/iKUf0.png\" border=\"0\" alt=\"[Image: iKUf0.png]\" title=\"\"><\/li>\n<li>Click on the <span style=\"font-weight: bold;\">Change adapter settings<\/span> link in the left blue pane. <br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/nX5Rf.png\" border=\"0\" alt=\"[Image: nX5Rf.png]\" title=\"\"><\/li>\n<li>Right click on <span style=\"font-weight: bold;\">Local Area Connection<\/span> icon and select <span style=\"font-weight: bold;\">Properties<\/span>.<br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/uuE9i.png\" border=\"0\" alt=\"[Image: uuE9i.png]\" title=\"\"><\/li>\n<li>Select <span style=\"font-weight: bold;\">Internet Protocol Version 4 (TCP\/IPv 4)<\/span> and click <span style=\"font-weight: bold;\">Properties<\/span> button. <br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/UvSEz.png\" border=\"0\" alt=\"[Image: UvSEz.png]\" title=\"\"><\/li>\n<li>Choose Obtain DNS server address automatically and click OK.<br \/>\n<img decoding=\"async\" src=\"\/\/img405.imageshack.us\/img405\/1275\/44032302.png\" border=\"0\" alt=\"[Image: 44032302.png]\" title=\"\"><\/li>\n<\/ol>\n<p>\n<span style=\"font-size: medium;\"><span style=\"font-weight: bold;\">STEP 7<\/span> :  Check <span style=\"font-weight: bold;\">Windows HOSTS file<\/span><\/span><br \/>\nThe hosts file is one of several system facilities to assist in addressing network nodes in a computer network. It is a common part in an operating system&#8217;s Internet Protocol (IP) implementation, and serves the function of translating human-friendly hostnames into numeric protocol addresses, called IP addresses, that identify and locate a host in an IP network.<br \/>\nBecause of its role in local name resolution, the hosts file represents an attack vector for malicious software. The file may be hijacked, for example, by adware, computer viruses, trojan horse software, and may be modified to redirect traffic from the intended destination to sites hosting content that may be offensive or intrusive to the user or the user\u2019s computer system.<\/p>\n<ol type=\"1\">\n<li>Go to > <span style=\"font-style: italic;\">C:\\WINDOWS\\system32\\drivers\\etc.<\/span><br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/ZO11L.png\" border=\"0\" alt=\"[Image: ZO11L.png]\" title=\"\"><\/li>\n<li>Double-click \u201chosts\u201d file to open it. Choose to open with Notepad.<br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/ICJx6.png\" border=\"0\" alt=\"[Image: ICJx6.png]\" title=\"\"><\/li>\n<li>The \u201chosts\u201d file should look the same as in the image below. There should be only one line: 127.0.0.1 localhost in Windows XP and 127.0.0.1 localhost ::1 in Windows Vista\/7.  If there are more, then remove them and save changes.<br \/>\nWindows XP : <br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/GosL9.jpg\" border=\"0\" alt=\"[Image: GosL9.jpg]\" title=\"\"><br \/>\nWindows Vista and 7 :<br \/>\n<img decoding=\"async\" src=\"\/\/i.imgur.com\/vMS3u.png\" border=\"0\" alt=\"[Image: vMS3u.png]\" title=\"\"><br \/>\nYou can find more details on how to reset your host file <a href=\"http:\/\/support.microsoft.com\/kb\/972034\" target=\"_blank\" rel=\"noopener\">here<\/a>.<\/li>\n<\/ol>\n<p>If you are still experiencing problems on your machine, please start a new thread <span style=\"color: #0000FF;\"><span style=\"text-decoration: underline;\"><a href=\"http:\/\/malwaretips.com\/Forum-Malware-Removal-Assistance-and-Help\"><span style=\"font-weight: bold;\">here<\/span><\/a><\/span><\/span>.<\/p><div id=\"mwtad2510434037\" class=\"gas_fallback-ad_360567-ad_309691-placement_360771\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"6224621518\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<p><span style=\"font-size: large;\"><span style=\"font-weight: bold;\"><span style=\"text-decoration: underline;\">How was I infected?<\/span><\/span><\/span><\/p>\n<ul>\n<li>Rogues can get on to computers without the user&#8217;s consent through <span style=\"font-weight: bold;\">Drive-by downloads<\/span>. When a user visits a compromised or infected website, the site immediately checks for any security vulnerabilities on the machine to inject the malicious code.<\/li>\n<li>Peer-to-peer (P2P) programs <span style=\"font-weight: bold;\">utorrent<\/span>, <span style=\"font-weight: bold;\">Limewire<\/span>, and <span style=\"font-weight: bold;\">Kazaa<\/span> are frequently used by hackers to distribute malware<\/li>\n<li>Hackers can also trick the user into downloading a file, saying it is a legitimate file needed to view a video or pictures.<\/li>\n<\/ul>\n<p>\n<span style=\"font-size: large;\"><span style=\"text-decoration: underline;\"><span style=\"font-weight: bold;\">How can I prevent these infections?<\/span><\/span><\/span><\/p>\n<p>\n<span style=\"color: blue;\"><span style=\"font-weight: bold;\">1. Keep Your System Updated<\/span><\/span><\/p>\n<ul>\n<li>Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office product bugs and vulnerabilities. <span style=\"font-weight: bold;\">Please ensure you update your system regularly.<\/span>\n<p><span style=\"font-weight: bold;\">To update Windows and Office<\/span><\/p>\n<p>1. Go to Start > Control Panel > <span style=\"font-weight: bold;\">Automatic Updates<\/span><br \/>\n2. Select <span style=\"font-style: italic;\">Automatic (recommended)<\/span> if you want the updates to be downloaded and installed without prompting you.<br \/>\n3. Select <span style=\"font-weight: bold;\">Download updates for me<\/span>, but <span style=\"font-style: italic;\">let me choose when to install them<\/span> button if you want the updates to be downloaded automatically but to be installed at another time.<\/li>\n<\/ul>\n<p>\n<span style=\"font-weight: bold;\"><span style=\"text-decoration: underline;\">To manually update Windows<\/span><\/span>,<\/p><div id=\"mwtad2239706431\" class=\"gas_fallback-ad_360571-ad_309691-placement_360772\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"5867729999\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<ul>\nStart Internet Explorer. Go to Tools > Windows Update\n<\/li>\n<\/ul>\n<p>\n<span style=\"color: #0000FF;\"><span style=\"font-weight: bold;\">2. Keep your Antivirus up-to-date<\/span><\/span><\/p>\n<p>Make sure that you update your antivirus, firewall and anti-spyware programs regularly. If you don&#8217;t have an antivirus, download any one of the following:<\/p>\n<ul>\n<li><a href=\"http:\/\/www.free-av.de\/en\/download\/1\/avira_antivir_personal__free_antivirus.html\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: bold;\"><span style=\"color: red;\">Avira AntiVir Personal<\/span><\/span><\/a>&#8211; Free anti-virus software for Windows. Detects and removes more than 50000 viruses. Free support.<\/li>\n<li><a href=\"http:\/\/www.avast.com\/free-antivirus-download\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: bold;\"><span style=\"color: orange;\">avast! 5 Home Edition<\/span><\/span><\/a> &#8211; Anti-virus program for Windows. The home edition is freeware for noncommercial users.<\/li>\n<li><a href=\"http:\/\/www.microsoft.com\/security_essentials\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: bold;\"><span style=\"color: green;\">Microsoft Security Essentials<\/span><\/span><\/a> &#8211;    Free anti-virus program for Windows.<\/li>\n<\/ul>\n<p>\n<span style=\"color: #0000FF;\"><span style=\"font-weight: bold;\">3. Avoid Peer-to-peer programs<\/span><\/span><\/p><div id=\"mwtad2276296394\" class=\"gas_fallback-ad_360576-ad_309691-placement_360773\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"6594472392\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<ul>\n<li>Peer-to-peer programs are legitimate but the files shared are extremely dangerous. Hackers often use fake file names to trick users into downloading malware. <\/li>\n<\/ul>\n<p>\n<span style=\"color: #0000FF;\"><span style=\"font-weight: bold;\">4. Switch your browser<\/span><\/span><\/p>\n<ul>\n<li><a href=\"http:\/\/www.mozilla.com\/en-US\/firefox\/\" target=\"_blank\" rel=\"noopener\"><span style=\"color: #FF0000;\">Firefox<\/span><\/a> is a more secure, faster browser than Internet Explorer. Firefox contains less vulnerabilities, reducing the risk of drive-by downloads.<\/li>\n<li><a href=\"http:\/\/www.google.com\/chrome\" target=\"_blank\" rel=\"noopener\">Google Chrome<\/a> is another good browser that is faster and more secure than Internet Explorer. <\/li>\n<\/ul>\n<p>\n<span style=\"color: #0000FF;\"><span style=\"font-weight: bold;\">5. Read our other <a href=\"http:\/\/malwaretips.com\/Thread-Security-Tips\">&#8220;Security Tips&#8221;<\/a><\/span><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>What is *dayoftheweek.com?<\/p>\n<p>*dayoftheweek.com is a dangerous search hijacker virus (DNS hijacker) that alters the Windows HOSTS file and registry to hijack Firefox, Explorer and other internet browsers. If your computer is infected with Search Redirect&#8230;<\/p>\n","protected":false},"author":1,"featured_media":2112,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ai_generated_summary":"","footnotes":""},"categories":[49],"tags":[],"class_list":["post-1034","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-scam-reports","masonry-post","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50"],"_links":{"self":[{"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/posts\/1034","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/comments?post=1034"}],"version-history":[{"count":0,"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/posts\/1034\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/media\/2112"}],"wp:attachment":[{"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/media?parent=1034"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/categories?post=1034"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/tags?post=1034"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}