TRIBE - tribe.ca
Home Albums Advertise TRIBE logos Subscribe to TRIBE feed About

Go Back   TRIBE - tribe.ca > TRIBE BOARD > Geek - Computers - Gaming - Gadgets

Virus/Malware on a PC

Reply
 
Thread Tools Display Modes
Old 02-18-2009, 12:16 PM   #1
Caz
TRIBE Member
 
Join Date: Apr 2002
Location: Radical Blvd.
Posts: 13,845
Virus/Malware on a PC

So my sister's PC (win XP pro) is completely fookered with malware etc., so much that it's barely functional. Browser pop-ups 4 and 5 at a time, forms won't send, google links get sent to 3rd party sites instead of what was clicked, even her file explorer gets invaded by "anti-spyware" ads when she tries to browse local files. It's the worst I've ever seen.

Ad-aware seems to find over 100 malicious items and claims to have deleted them, but it makes no difference even after a reboot. Even when you kill the process manually, it re-spawns almost immediately. I tried running ad-aware in safe mode, and it made little difference. Now her OS is full out crashing and rebooting at random.

Suggestions? Reinstall XP completely and wipe the whole thing clean? Will that completely fix all problems?

Other options?
Caz is offline   Reply With Quote
Old 02-18-2009, 12:24 PM   #2
TRIBE Member
 
Join Date: Oct 2001
Location: Rollin' down Rodeo wit a shotgun
Posts: 5,820
Backup her data/movies/mp3s, format, reload and DON'T let her install limewire or whatever virus download system she's been using to fuck it up.
Dr. Grinch is offline   Reply With Quote
Old 02-18-2009, 12:32 PM   #3
TRIBE Member
 
Join Date: May 2000
Location: burn down their lie factories!!!
Posts: 6,586
If you want to try to avoid a reformat, try booting in safe mode-->Run MalwareBytes. Ive had some luck avoiding reformatting with this app.
Hal-9000 is offline   Reply With Quote
Old 02-18-2009, 12:35 PM   #4
TRIBE Member
 
Join Date: Jan 2000
Posts: 4,674
A lot of malware and trojans these days will respawn whenever you reboot your computer, even if you use Ad-aware or a similar program to clean them. I just had to deal with this when I managed to pick up a trojan that slipped past all my protective services.

If you have a bit of time, you shouldn't have to reinstall XP. Download a program called Malwarebyte's Anti-Malware, as well as HijackThis and go to a tech support forum like Tech Support Guy. They'll ask you to run various programs and post the results and will lead you step by step in cleaning your computer. Malwarebyte's software is safe and easy to use by yourself, but HijackThis definitely needs the help of an experienced tech support, as you can really fuck up your computer if you don't follow their instructions exactly.
DJ Doublecross is offline   Reply With Quote
Old 02-18-2009, 12:43 PM   #5
ian
TRIBE Member
 
Join Date: Apr 2000
Location: on the verge. . . or is it verve?
Posts: 9,953
Quote:
Originally Posted by DJ Doublecross View Post
A lot of malware and trojans these days will respawn whenever you reboot your computer, even if you use Ad-aware or a similar program to clean them. I just had to deal with this when I managed to pick up a trojan that slipped past all my protective services.

If you have a bit of time, you shouldn't have to reinstall XP. Download a program called Malwarebyte's Anti-Malware, as well as HijackThis and go to a tech support forum like Tech Support Guy. They'll ask you to run various programs and post the results and will lead you step by step in cleaning your computer. Malwarebyte's software is safe and easy to use by yourself, but HijackThis definitely needs the help of an experienced tech support, as you can really fuck up your computer if you don't follow their instructions exactly.
That will work for sure, but sometimes a plain ol' format and reinstall is faster!
ian is offline   Reply With Quote
Old 02-18-2009, 12:45 PM   #6
Caz
TRIBE Member
 
Join Date: Apr 2002
Location: Radical Blvd.
Posts: 13,845
Hm, thanks guys. When she first got this PC, I set it up so that she is keeping the bulk of her files on an external drive. Very little is actually on the computer, I guess reinstalling might be the bestt option.

doublecross - in terms of timeframe, do you think reinstalling is easier than your suggestion? In other words how time consuming are those steps. The key here is "as little of Caz's time wasted to fix her machine as possible"

edit: oh snap - any chance the malware etc could have infected the external drive? It's a Lacie 250 GB or something

edit edit: Sorry for my ignorance, I'm a mac guy + designer. Very little tech knowledge here!
Caz is offline   Reply With Quote
Old 02-18-2009, 12:47 PM   #7
TRIBE Member
 
Join Date: Jun 2001
Location: in places less obsolete
Posts: 16,191
i second malware bytes w/ AVG - there's a tool that allows you to be notified when something is trying to change the registry. That pesky Spyware trojan kept coming back and the only way for me to get rid of it was to run malware + avg in combination for about a week.

a clean wipe might be easier if you don't have the patience.
deevah is offline   Reply With Quote
Old 02-18-2009, 12:54 PM   #8
Caz
TRIBE Member
 
Join Date: Apr 2002
Location: Radical Blvd.
Posts: 13,845
What if she has some files on the PC that she wants to save. If I back them up and load them back onto the freshly wiped new OS, will any of the malware transfer over and re-infect? Probably a stupid question but I have no idea.
Caz is offline   Reply With Quote
Old 02-18-2009, 12:55 PM   #9
TRIBE Member
 
Join Date: Jan 2000
Posts: 4,674
I dunno, it depends how badly the computer is infected. I personally hate doing reinstalls. I used Malwarebytes on my computer and it worked just fine on its own. But if the infection runs deeper and you have to use HijackThis, it could take a few days of going back-and-forth with the tech support dude, depending on how quickly he gets back to you. Maybe there are better websites with more staff that respond promptly.

Try running Malwarebytes first and see what happens. But if there's any anti-virus software running like AVG, Norton, etc, make sure you disable it completely before running Malwarebytes. Then re-enable it once your computer is clean.
DJ Doublecross is offline   Reply With Quote
Old 02-18-2009, 01:00 PM   #10
TRIBE Member
 
Join Date: Jun 2001
Location: in places less obsolete
Posts: 16,191
Quote:
Originally Posted by Caz View Post
What if she has some files on the PC that she wants to save. If I back them up and load them back onto the freshly wiped new OS, will any of the malware transfer over and re-infect? Probably a stupid question but I have no idea.
i'd save them onto a clean flash drive and run them thru a scanner on a clean machine before loading them back onto the computer.
deevah is offline   Reply With Quote
Old 02-18-2009, 01:02 PM   #11
Caz
TRIBE Member
 
Join Date: Apr 2002
Location: Radical Blvd.
Posts: 13,845
K.
Caz is offline   Reply With Quote
Old 02-18-2009, 04:04 PM   #12
TRIBE Member
 
Join Date: Mar 2000
Location: Run up on your spot like CJ from San Andreas
Posts: 2,058
Quote:
Originally Posted by deevah View Post
i'd save them onto a clean flash drive and run them thru a scanner on a clean machine before loading them back onto the computer.
You might end up with 2 computers you need to format and re-install.
Puma is offline   Reply With Quote
Old 02-18-2009, 04:13 PM   #13
TRIBE Member
 
Join Date: Jul 2003
Location: Digging Deeper
Posts: 3,331
I have a Dell laptop and I got a virus a couple weeks ago that wouldn't go away. My browsers kept crashing every time I opened them. Dell has a really great feature that allowed me to re-install Windows XP without having to use cds. It only took 10 mins in total. Of course I backed up all my important files onto my external drive. It feels like I got a new computer, I love it!
smack is offline   Reply With Quote
Old 03-27-2009, 02:35 AM   #14
TRIBE Member
 
Join Date: Apr 2000
Location: ۞
Posts: 9,845
i've been trying to figure out an issue with my mom's computer, which also happens to be a Dell. whatever was/is on there is causing popular sites like gmail and hotmail to take forever to load or just not load at all. i did the usual full system scan with avast and also tried malawarebytes and spybot. the problem remained.

i then discovered the option smack noted above and tried that, but i wasn't comfortable in how it took only 10 minutes. however since she had an OEM copy of XP i didn't have any other option. problem remained.

so yesterday we break down and go out and buy a copy of XP. re-install, get all the drivers and such going - the problem is still there.

i'm loosing my mind at this point. my question is when you re-install windows does it format at the same time or must i do this first and then install XP? will this affect the BIOS settings? can this virus still be hiding somewhere on the machine after all this?

i really need some ideas because i am getting very frustrated.
billy is offline   Reply With Quote
Old 03-27-2009, 04:19 AM   #15
TRIBE Member
 
Join Date: Jun 2006
Location: Scotland
Posts: 6,899
Quote:
Originally Posted by billy View Post
i've been trying to figure out an issue with my mom's computer, which also happens to be a Dell. whatever was/is on there is causing popular sites like gmail and hotmail to take forever to load or just not load at all. i did the usual full system scan with avast and also tried malawarebytes and spybot. the problem remained.

i then discovered the option smack noted above and tried that, but i wasn't comfortable in how it took only 10 minutes. however since she had an OEM copy of XP i didn't have any other option. problem remained.

so yesterday we break down and go out and buy a copy of XP. re-install, get all the drivers and such going - the problem is still there.

i'm loosing my mind at this point. my question is when you re-install windows does it format at the same time or must i do this first and then install XP? will this affect the BIOS settings? can this virus still be hiding somewhere on the machine after all this?

i really need some ideas because i am getting very frustrated.
If you reinstalled over the old partition(s) the problem shouldn't exist which leads me to believe it's not a virus/spyware issue at all but maybe an issue with the local internet at your mom's location.

I had similar problems when I set up my GF's website.
I could access it from home just fine but when I tried from her workplace it was being routed through all kinds of places before timing out.

Try connecting a different computer to your mom's connection to determine if it's a connection problem (I think it's highly likely).

If it is, I suggest calling Bell, Rogers or whoever deals with her connection to get it sorted.
workdowntown is offline   Reply With Quote
Old 03-27-2009, 12:13 PM   #16
TRIBE Member
 
Join Date: Apr 2000
Location: ۞
Posts: 9,845
Quote:
Originally Posted by workdowntown View Post
Try connecting a different computer to your mom's connection to determine if it's a connection problem (I think it's highly likely).
that's a great idea. i hope it is the case because i'm really stumped at this stage.
billy is offline   Reply With Quote
Old 03-27-2009, 12:27 PM   #17
TRIBE Member
 
Join Date: Jun 2006
Location: Scotland
Posts: 6,899
Quote:
Originally Posted by billy View Post
that's a great idea. i hope it is the case because i'm really stumped at this stage.
Try a traceroute.

Then you'll see if you get answers back from all of the stops on the way (so to speak)

go to the Run dialog.

Type

cmd /k tracert websiteyou'rehavingproblemswith.com

and hit return
workdowntown is offline   Reply With Quote
Old 03-30-2009, 09:35 PM   #18
TRIBE Member
 
Join Date: Apr 2000
Location: ۞
Posts: 9,845
Quote:
Originally Posted by workdowntown View Post
Try a traceroute.
what am i looking for when doing this? I can't copy what came up in the command window. I am using my machine on her connection at the moment and yes, sites like gmail took a while to come up.
billy is offline   Reply With Quote
Old 03-30-2009, 09:57 PM   #19
TRIBE Promoter
 
Join Date: Jul 2000
Location: Yo Mamma!
Posts: 5,440
Uh oh...sounds like conficker!

j/k
solacevip is offline   Reply With Quote
Old 03-30-2009, 10:03 PM   #20
TRIBE Member
 
Join Date: Feb 2009
Location: BoTtoM of the barrel!
Posts: 580
I have the same problem as originally posted. MY COMP IS FUCKED now, and will boot up until the log in. Once it hits the log in, I got nothing, like I mean nothing. I have left it idle for 24 hours and it is still trying to accept my password? What do I do? Buy a new one? I have tried to open it in Safe mode( i believe F12) Please help.....
<FresHFunK> is offline   Reply With Quote
Old 03-30-2009, 10:12 PM   #21
TRIBE Member
 
Join Date: Jun 2006
Location: Scotland
Posts: 6,899
Quote:
Originally Posted by <FresHFunK> View Post
I have the same problem as originally posted. MY COMP IS FUCKED now, and will boot up until the log in. Once it hits the log in, I got nothing, like I mean nothing. I have left it idle for 24 hours and it is still trying to accept my password? What do I do? Buy a new one? I have tried to open it in Safe mode( i believe F12) Please help.....
I'd suggest a clean install of windows.
workdowntown is offline   Reply With Quote
Old 03-31-2009, 12:14 AM   #22
TRIBE Member
 
Join Date: Apr 2000
Location: ۞
Posts: 9,845
Quote:
Originally Posted by solacevip View Post
Uh oh...sounds like conficker!

j/k
if my mom caught wind of that she would probably have a panic attack.

for those following my issue, i did hook up my machine to her connection and it had similar delays though not as long but that could simply be a matter of a better machine.

i called up rogers and spent a good hour with the tech. we tried a variety of tests and steps and could not find an instant answer. he initially pinged me and was surprised he could with the firewall on. we did some speed tests using the rogers site (which took a while to load) and although the download speed was as it should be, the upload portion did not work. we also tried speedtest.net and it had the same result. some ping tests showed that times were normal.

so a ticket has been created and is to be passed on to the engineers. we'll see what comes up in a day or two.
billy is offline   Reply With Quote
Old 03-31-2009, 01:21 AM   #23
TRIBE Member
 
Join Date: Jul 2005
Location: whitby ontario
Posts: 4,398
nuke the site from orbit. It's the only way to be sure.
KodiaK is offline   Reply With Quote
Old 03-31-2009, 02:39 AM   #24
TRIBE Member
 
Join Date: Apr 2000
Location: ۞
Posts: 9,845
next.
billy is offline   Reply With Quote
Old 04-03-2009, 01:49 PM   #25
TRIBE Member
 
Join Date: Apr 2000
Location: ۞
Posts: 9,845
so the problem still exists and it's starting to really stress us out. the ticket rogers created returned with an automatic response saying the problem had been fixed, but the load time problem remains.

she called rogers back last night. they had no record of my converstaion with them so they went through the same steps again. he told her that she was using windows 6 and should be at 7 or 8 (i'm not sure what that means) and to go to the microsoft site to get the updates. well she did that and it timed out in the process. i'm really not sure if that would have meant much as she had all the necessary updates before we re-installed windows and when the problem popped up.

she can't even register her new copy of windows online as it can't connect. she is online though. some sites have no problem, but she has to use the HTML version of gmail just to see anything. she has the 6mbps service (as i do at my place).

guys - i'm into all and any ideas. it's causing us stress just not about the problem, but i don't know what else to tell her and truthfully am getting tired of the whole thing but she won't figure this out on her own.
billy is offline   Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -4. The time now is 10:59 PM.



Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0

Who owns what on TRIBE® | TRIBE® Policy Statements | Monetize your forum with FORUMCAST
Mindful Movement Centre : Pilates, Yoga, and Budokon | Treasure Finders Treasure Hunting Tours in KZN South Africa | ehMac.ca: Canada's Mac Community!



© 1993 - 2014 TRIBE COMMUNICATIONS INC.