Virus/Malware on a PC

Caz · 02-18-2009, 12:16 PM

So my sister's PC (win XP pro) is completely fookered with malware etc., so much that it's barely functional. Browser pop-ups 4 and 5 at a time, forms won't send, google links get sent to 3rd party sites instead of what was clicked, even her file explorer gets invaded by "anti-spyware" ads when she tries to browse local files. It's the worst I've ever seen.

Ad-aware seems to find over 100 malicious items and claims to have deleted them, but it makes no difference even after a reboot. Even when you kill the process manually, it re-spawns almost immediately. I tried running ad-aware in safe mode, and it made little difference. Now her OS is full out crashing and rebooting at random.

Suggestions? Reinstall XP completely and wipe the whole thing clean? Will that completely fix all problems?

Other options?

Dr. Grinch · 02-18-2009, 12:24 PM

Backup her data/movies/mp3s, format, reload and DON'T let her install limewire or whatever virus download system she's been using to fuck it up.

Hal-9000 · 02-18-2009, 12:32 PM

If you want to try to avoid a reformat, try booting in safe mode-->Run MalwareBytes. Ive had some luck avoiding reformatting with this app.

DJ Doublecross · 02-18-2009, 12:35 PM

A lot of malware and trojans these days will respawn whenever you reboot your computer, even if you use Ad-aware or a similar program to clean them. I just had to deal with this when I managed to pick up a trojan that slipped past all my protective services.

If you have a bit of time, you shouldn't have to reinstall XP. Download a program called Malwarebyte's Anti-Malware, as well as HijackThis and go to a tech support forum like Tech Support Guy. They'll ask you to run various programs and post the results and will lead you step by step in cleaning your computer. Malwarebyte's software is safe and easy to use by yourself, but HijackThis definitely needs the help of an experienced tech support, as you can really fuck up your computer if you don't follow their instructions exactly.

ian · 02-18-2009, 12:43 PM

Quote:

Originally Posted by DJ Doublecross

A lot of malware and trojans these days will respawn whenever you reboot your computer, even if you use Ad-aware or a similar program to clean them. I just had to deal with this when I managed to pick up a trojan that slipped past all my protective services.

If you have a bit of time, you shouldn't have to reinstall XP. Download a program called Malwarebyte's Anti-Malware, as well as HijackThis and go to a tech support forum like Tech Support Guy. They'll ask you to run various programs and post the results and will lead you step by step in cleaning your computer. Malwarebyte's software is safe and easy to use by yourself, but HijackThis definitely needs the help of an experienced tech support, as you can really fuck up your computer if you don't follow their instructions exactly.

That will work for sure, but sometimes a plain ol' format and reinstall is faster!

Caz · 02-18-2009, 12:45 PM

Hm, thanks guys. When she first got this PC, I set it up so that she is keeping the bulk of her files on an external drive. Very little is actually on the computer, I guess reinstalling might be the bestt option.

doublecross - in terms of timeframe, do you think reinstalling is easier than your suggestion? In other words how time consuming are those steps. The key here is "as little of Caz's time wasted to fix her machine as possible"

edit: oh snap - any chance the malware etc could have infected the external drive? It's a Lacie 250 GB or something

edit edit: Sorry for my ignorance, I'm a mac guy + designer. Very little tech knowledge here!

deevah · 02-18-2009, 12:47 PM

i second malware bytes w/ AVG - there's a tool that allows you to be notified when something is trying to change the registry. That pesky Spyware trojan kept coming back and the only way for me to get rid of it was to run malware + avg in combination for about a week.

a clean wipe might be easier if you don't have the patience.

Caz · 02-18-2009, 12:54 PM

What if she has some files on the PC that she wants to save. If I back them up and load them back onto the freshly wiped new OS, will any of the malware transfer over and re-infect? Probably a stupid question but I have no idea.

DJ Doublecross · 02-18-2009, 12:55 PM

I dunno, it depends how badly the computer is infected. I personally hate doing reinstalls. I used Malwarebytes on my computer and it worked just fine on its own. But if the infection runs deeper and you have to use HijackThis, it could take a few days of going back-and-forth with the tech support dude, depending on how quickly he gets back to you. Maybe there are better websites with more staff that respond promptly.

Try running Malwarebytes first and see what happens. But if there's any anti-virus software running like AVG, Norton, etc, make sure you disable it completely before running Malwarebytes. Then re-enable it once your computer is clean.

deevah · 02-18-2009, 01:00 PM

Quote:

Originally Posted by Caz

What if she has some files on the PC that she wants to save. If I back them up and load them back onto the freshly wiped new OS, will any of the malware transfer over and re-infect? Probably a stupid question but I have no idea.

i'd save them onto a clean flash drive and run them thru a scanner on a clean machine before loading them back onto the computer.

Caz · 02-18-2009, 01:02 PM

K.

Puma · 02-18-2009, 04:04 PM

Quote:

Originally Posted by deevah

i'd save them onto a clean flash drive and run them thru a scanner on a clean machine before loading them back onto the computer.

You might end up with 2 computers you need to format and re-install.

smack · 02-18-2009, 04:13 PM

I have a Dell laptop and I got a virus a couple weeks ago that wouldn't go away. My browsers kept crashing every time I opened them. Dell has a really great feature that allowed me to re-install Windows XP without having to use cds. It only took 10 mins in total. Of course I backed up all my important files onto my external drive. It feels like I got a new computer, I love it!

billy · 03-27-2009, 02:35 AM

i've been trying to figure out an issue with my mom's computer, which also happens to be a Dell. whatever was/is on there is causing popular sites like gmail and hotmail to take forever to load or just not load at all. i did the usual full system scan with avast and also tried malawarebytes and spybot. the problem remained.

i then discovered the option smack noted above and tried that, but i wasn't comfortable in how it took only 10 minutes. however since she had an OEM copy of XP i didn't have any other option. problem remained.

so yesterday we break down and go out and buy a copy of XP. re-install, get all the drivers and such going - the problem is still there.

i'm loosing my mind at this point. my question is when you re-install windows does it format at the same time or must i do this first and then install XP? will this affect the BIOS settings? can this virus still be hiding somewhere on the machine after all this?

i really need some ideas because i am getting very frustrated.

workdowntown · 03-27-2009, 04:19 AM

Quote:

Originally Posted by billy

i've been trying to figure out an issue with my mom's computer, which also happens to be a Dell. whatever was/is on there is causing popular sites like gmail and hotmail to take forever to load or just not load at all. i did the usual full system scan with avast and also tried malawarebytes and spybot. the problem remained.

i then discovered the option smack noted above and tried that, but i wasn't comfortable in how it took only 10 minutes. however since she had an OEM copy of XP i didn't have any other option. problem remained.

so yesterday we break down and go out and buy a copy of XP. re-install, get all the drivers and such going - the problem is still there.

i'm loosing my mind at this point. my question is when you re-install windows does it format at the same time or must i do this first and then install XP? will this affect the BIOS settings? can this virus still be hiding somewhere on the machine after all this?

i really need some ideas because i am getting very frustrated.

If you reinstalled over the old partition(s) the problem shouldn't exist which leads me to believe it's not a virus/spyware issue at all but maybe an issue with the local internet at your mom's location.

I had similar problems when I set up my GF's website.
I could access it from home just fine but when I tried from her workplace it was being routed through all kinds of places before timing out.

Try connecting a different computer to your mom's connection to determine if it's a connection problem (I think it's highly likely).

If it is, I suggest calling Bell, Rogers or whoever deals with her connection to get it sorted.

billy · 03-27-2009, 12:13 PM

Quote:

Originally Posted by workdowntown

Try connecting a different computer to your mom's connection to determine if it's a connection problem (I think it's highly likely).

that's a great idea. i hope it is the case because i'm really stumped at this stage.

workdowntown · 03-27-2009, 12:27 PM

Quote:

Originally Posted by billy

that's a great idea. i hope it is the case because i'm really stumped at this stage.

Try a traceroute.

Then you'll see if you get answers back from all of the stops on the way (so to speak)

go to the Run dialog.

Type

cmd /k tracert websiteyou'rehavingproblemswith.com

and hit return

billy · 03-30-2009, 09:35 PM

Quote:

Originally Posted by workdowntown

Try a traceroute.

what am i looking for when doing this? I can't copy what came up in the command window. I am using my machine on her connection at the moment and yes, sites like gmail took a while to come up.

solacevip · 03-30-2009, 09:57 PM

Uh oh...sounds like conficker!

j/k

<FresHFunK> · 03-30-2009, 10:03 PM

I have the same problem as originally posted. MY COMP IS FUCKED now, and will boot up until the log in. Once it hits the log in, I got nothing, like I mean nothing. I have left it idle for 24 hours and it is still trying to accept my password? What do I do? Buy a new one? I have tried to open it in Safe mode( i believe F12) Please help.....

workdowntown · 03-30-2009, 10:12 PM

Quote:

Originally Posted by <FresHFunK>

I have the same problem as originally posted. MY COMP IS FUCKED now, and will boot up until the log in. Once it hits the log in, I got nothing, like I mean nothing. I have left it idle for 24 hours and it is still trying to accept my password? What do I do? Buy a new one? I have tried to open it in Safe mode( i believe F12) Please help.....

I'd suggest a clean install of windows.

billy · 03-31-2009, 12:14 AM

Quote:

Originally Posted by solacevip

Uh oh...sounds like conficker!

j/k

if my mom caught wind of that she would probably have a panic attack.

for those following my issue, i did hook up my machine to her connection and it had similar delays though not as long but that could simply be a matter of a better machine.

i called up rogers and spent a good hour with the tech. we tried a variety of tests and steps and could not find an instant answer. he initially pinged me and was surprised he could with the firewall on. we did some speed tests using the rogers site (which took a while to load) and although the download speed was as it should be, the upload portion did not work. we also tried speedtest.net and it had the same result. some ping tests showed that times were normal.

so a ticket has been created and is to be passed on to the engineers. we'll see what comes up in a day or two.

KodiaK · 03-31-2009, 01:21 AM

nuke the site from orbit. It's the only way to be sure.

billy · 03-31-2009, 02:39 AM

next.

billy · 04-03-2009, 01:49 PM

so the problem still exists and it's starting to really stress us out. the ticket rogers created returned with an automatic response saying the problem had been fixed, but the load time problem remains.

she called rogers back last night. they had no record of my converstaion with them so they went through the same steps again. he told her that she was using windows 6 and should be at 7 or 8 (i'm not sure what that means) and to go to the microsoft site to get the updates. well she did that and it timed out in the process. i'm really not sure if that would have meant much as she had all the necessary updates before we re-installed windows and when the problem popped up.

she can't even register her new copy of windows online as it can't connect. she is online though. some sites have no problem, but she has to use the HTML version of gmail just to see anything. she has the 6mbps service (as i do at my place).

guys - i'm into all and any ideas. it's causing us stress just not about the problem, but i don't know what else to tell her and truthfully am getting tired of the whole thing but she won't figure this out on her own.

02-18-2009, 12:16 PM	#1
Caz TRIBE Member Join Date: Apr 2002 Location: Radical Blvd. Posts: 13,902	Virus/Malware on a PC So my sister's PC (win XP pro) is completely fookered with malware etc., so much that it's barely functional. Browser pop-ups 4 and 5 at a time, forms won't send, google links get sent to 3rd party sites instead of what was clicked, even her file explorer gets invaded by "anti-spyware" ads when she tries to browse local files. It's the worst I've ever seen. Ad-aware seems to find over 100 malicious items and claims to have deleted them, but it makes no difference even after a reboot. Even when you kill the process manually, it re-spawns almost immediately. I tried running ad-aware in safe mode, and it made little difference. Now her OS is full out crashing and rebooting at random. Suggestions? Reinstall XP completely and wipe the whole thing clean? Will that completely fix all problems? Other options?

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

02-18-2009, 12:24 PM	#2
Dr. Grinch TRIBE Member Join Date: Oct 2001 Location: Rollin' down Rodeo wit a shotgun Posts: 5,852	Backup her data/movies/mp3s, format, reload and DON'T let her install limewire or whatever virus download system she's been using to fuck it up.

02-18-2009, 12:32 PM	#3
Hal-9000 TRIBE Member Join Date: May 2000 Location: burn down their lie factories!!! Posts: 6,509	If you want to try to avoid a reformat, try booting in safe mode-->Run MalwareBytes. Ive had some luck avoiding reformatting with this app.

02-18-2009, 12:35 PM	#4
DJ Doublecross TRIBE Member Join Date: Jan 2000 Posts: 4,754	A lot of malware and trojans these days will respawn whenever you reboot your computer, even if you use Ad-aware or a similar program to clean them. I just had to deal with this when I managed to pick up a trojan that slipped past all my protective services. If you have a bit of time, you shouldn't have to reinstall XP. Download a program called Malwarebyte's Anti-Malware, as well as HijackThis and go to a tech support forum like Tech Support Guy. They'll ask you to run various programs and post the results and will lead you step by step in cleaning your computer. Malwarebyte's software is safe and easy to use by yourself, but HijackThis definitely needs the help of an experienced tech support, as you can really fuck up your computer if you don't follow their instructions exactly.

02-18-2009, 12:45 PM	#6
Caz TRIBE Member Join Date: Apr 2002 Location: Radical Blvd. Posts: 13,902	Hm, thanks guys. When she first got this PC, I set it up so that she is keeping the bulk of her files on an external drive. Very little is actually on the computer, I guess reinstalling might be the bestt option. doublecross - in terms of timeframe, do you think reinstalling is easier than your suggestion? In other words how time consuming are those steps. The key here is "as little of Caz's time wasted to fix her machine as possible" edit: oh snap - any chance the malware etc could have infected the external drive? It's a Lacie 250 GB or something edit edit: Sorry for my ignorance, I'm a mac guy + designer. Very little tech knowledge here!

02-18-2009, 12:47 PM	#7
deevah TRIBE Member Join Date: Jun 2001 Location: in places less obsolete Posts: 16,300	i second malware bytes w/ AVG - there's a tool that allows you to be notified when something is trying to change the registry. That pesky Spyware trojan kept coming back and the only way for me to get rid of it was to run malware + avg in combination for about a week. a clean wipe might be easier if you don't have the patience.

02-18-2009, 12:54 PM	#8
Caz TRIBE Member Join Date: Apr 2002 Location: Radical Blvd. Posts: 13,902	What if she has some files on the PC that she wants to save. If I back them up and load them back onto the freshly wiped new OS, will any of the malware transfer over and re-infect? Probably a stupid question but I have no idea.

02-18-2009, 12:55 PM	#9
DJ Doublecross TRIBE Member Join Date: Jan 2000 Posts: 4,754	I dunno, it depends how badly the computer is infected. I personally hate doing reinstalls. I used Malwarebytes on my computer and it worked just fine on its own. But if the infection runs deeper and you have to use HijackThis, it could take a few days of going back-and-forth with the tech support dude, depending on how quickly he gets back to you. Maybe there are better websites with more staff that respond promptly. Try running Malwarebytes first and see what happens. But if there's any anti-virus software running like AVG, Norton, etc, make sure you disable it completely before running Malwarebytes. Then re-enable it once your computer is clean.

02-18-2009, 01:02 PM	#11
Caz TRIBE Member Join Date: Apr 2002 Location: Radical Blvd. Posts: 13,902	K.

02-18-2009, 04:13 PM	#13
smack TRIBE Member Join Date: Jul 2003 Location: Digging Deeper Posts: 3,341	I have a Dell laptop and I got a virus a couple weeks ago that wouldn't go away. My browsers kept crashing every time I opened them. Dell has a really great feature that allowed me to re-install Windows XP without having to use cds. It only took 10 mins in total. Of course I backed up all my important files onto my external drive. It feels like I got a new computer, I love it!

03-27-2009, 02:35 AM	#14
billy TRIBE Member Join Date: Apr 2000 Location: ۞ Posts: 9,893	i've been trying to figure out an issue with my mom's computer, which also happens to be a Dell. whatever was/is on there is causing popular sites like gmail and hotmail to take forever to load or just not load at all. i did the usual full system scan with avast and also tried malawarebytes and spybot. the problem remained. i then discovered the option smack noted above and tried that, but i wasn't comfortable in how it took only 10 minutes. however since she had an OEM copy of XP i didn't have any other option. problem remained. so yesterday we break down and go out and buy a copy of XP. re-install, get all the drivers and such going - the problem is still there. i'm loosing my mind at this point. my question is when you re-install windows does it format at the same time or must i do this first and then install XP? will this affect the BIOS settings? can this virus still be hiding somewhere on the machine after all this? i really need some ideas because i am getting very frustrated.

03-30-2009, 09:57 PM	#19
solacevip TRIBE Member Join Date: Jul 2000 Location: Yo Mamma! Posts: 5,462	Uh oh...sounds like conficker! j/k

03-30-2009, 10:03 PM	#20
<FresHFunK> TRIBE Member Join Date: Feb 2009 Location: BoTtoM of the barrel! Posts: 585	I have the same problem as originally posted. MY COMP IS FUCKED now, and will boot up until the log in. Once it hits the log in, I got nothing, like I mean nothing. I have left it idle for 24 hours and it is still trying to accept my password? What do I do? Buy a new one? I have tried to open it in Safe mode( i believe F12) Please help.....

03-31-2009, 01:21 AM	#23
KodiaK TRIBE Member Join Date: Jul 2005 Location: whitby ontario Posts: 4,505	nuke the site from orbit. It's the only way to be sure.

03-31-2009, 02:39 AM	#24
billy TRIBE Member Join Date: Apr 2000 Location: ۞ Posts: 9,893	next.

04-03-2009, 01:49 PM	#25
billy TRIBE Member Join Date: Apr 2000 Location: ۞ Posts: 9,893	so the problem still exists and it's starting to really stress us out. the ticket rogers created returned with an automatic response saying the problem had been fixed, but the load time problem remains. she called rogers back last night. they had no record of my converstaion with them so they went through the same steps again. he told her that she was using windows 6 and should be at 7 or 8 (i'm not sure what that means) and to go to the microsoft site to get the updates. well she did that and it timed out in the process. i'm really not sure if that would have meant much as she had all the necessary updates before we re-installed windows and when the problem popped up. she can't even register her new copy of windows online as it can't connect. she is online though. some sites have no problem, but she has to use the HTML version of gmail just to see anything. she has the 6mbps service (as i do at my place). guys - i'm into all and any ideas. it's causing us stress just not about the problem, but i don't know what else to tell her and truthfully am getting tired of the whole thing but she won't figure this out on her own.