Jump to content

Computer help needed!!! !! MALWARE !!!


BLHTAZ
 Share

Recommended Posts

OK...the short story is, I did something stupid by clicking on something that I was not sure of and didn't feel good about, and now I have something in my computer that is being a real PITA.

 

It's evidently some kind of Malware that blocks all software that can remove it. Norton runs, but it only checks a small portion of the system and reports that the C:\ drive in "unavailable". I have run the McAfee Stinger to no avail, SpyBot Search & Destroy will not open, Malware Bytes will not open, and at least three others that i have tried to download and run will not open/install/run.

 

I am able to do normal functions like Internet, email, run other software, etc. with limited disruption, but I never know when the system is going to lock-up and I have to just push the power button and shut it down...then take 3-4 tries to get it to restart.

 

Anyone dealt with one of these bugs? How did you eradicate it?

Link to comment
Share on other sites

Spybot is also my tool of choice here, you might try a "system checkpoint restore" to a time before your system was infected then run spybot again. This should work for XP or Vista, if the Malware has not attacked your restore points also keep in mind that if you restore the system as it was a week ago and have installed software in that week it will need to be installed again.

Link to comment
Share on other sites

I would try a restore point but not a huge percentage that it will work. Some anti-viruses actually use the restore points to hide in. Have you tried rebooting into safe mode and then running Spybot and Malware Bytes? Have you identified which viruses are in your computer? Has it had a rootkit installed? If you are not too up on PC cleaning it may be time to nuke and pave. :wall:

Link to comment
Share on other sites

If you can somehow identify the malware then you will probably be able to find manual removal instructions online somewhere. Did you click on anything that advertised a product of some sort such as online virus scan or some sort of task bar tool? Have any unexpected popups shown up and if so what info did they display?

Link to comment
Share on other sites

I will look in to the Avira. Right now, I am on my laptop as my PC has decided to lock up again and I am tired of messing with it.

 

The system restore will not work. I have tried running it 3 times now, and I select a restore point, but when I go to the screen where you click "next" to confirm and begin the restore, it just sits there and does nothing. I left it for nearly an hour to no avail, so what ever is in there is blocking that too. :shake:

 

I have run in Safe Mode, but the results are the same, nothing will work :dunno: .

 

OK...the slightly longer story (if it will help) is; I downloaded a DVD movie file using Vuse as usual (I burn a lot of DVD's), and once downloaded, I clicked on the file and a little pop-up opened telling me that I needed to update the codec for the file, so I clicked on it to do so. I did not feel right about doing it, but for some stupid reason I clicked...and now I am here... :mad:

 

 

NWPhotog - If by "nuke and pave", you mean reformat, I have been considering that, but I have only ever done that one time many years ago. I was concerned that I would go through that huge pain and still not get rid of the problem. I would be happy to go through it if I knew it would definitely get me out of this.

 

No pop-ups, and I have not figured out how to identify it yet.

Link to comment
Share on other sites

Well, I was able to get Avira downloaded by changing the .exe file name to "smileforme.exe" prior to saving it :rotf: . I tried the same trick with others, but had no luck. Anyway...it is installed and running now, so we'll see it if finds anything.

 

My Norton appears to operate normally, but when the scan completes, it shows the c:\ drive as unavailable :huh???: :shake:

Link to comment
Share on other sites

This is what I do.

 

Restart and boot into safe mode.

Run your system restore to a date before when you clicked on the thing.

When that's done, do a search for *.exe created on that day.

 

Delete the .exes

 

I've found that most anti-virus software doesn't do a damn thing, that's why I don't run any. Most of anything I get I can remove myself.

 

If you end up needing to reinstall windows, partition windows off into it's own thing so you won't have to loose your stuff in case you have to do it again.

 

l_f5ca95d2ecad42a4b10800ca43e1b89a.jpg

Link to comment
Share on other sites

norton and mcaffee are bloated piles of poo. ditch them. Run a program called malwarebytes (it's free). That seems to be the best download I have found for stuff like this. For antivirus I run the free version of avast!.

Link to comment
Share on other sites

No tool can prevent all infections and no tool can repair all damage. No matter what the claims are, you can never be absolutely sure you have removed and/or repaired everything. Copy all you can to a thumb drive and wipe and reload.

Link to comment
Share on other sites

norton and mcaffee are bloated piles of poo. ditch them. Run a program called malwarebytes (it's free). That seems to be the best download I have found for stuff like this. For antivirus I run the free version of avast!.

I have managed to uninstall Norton, as I know it is not worth much.

 

I ran Avira and found one bug called 'DR/FakePic'. After removing that, my system seems a little more stable, but there are still issues.

 

I uninstalled Spybot, downloaded a newer version and it still won't run. I also unintalled Malwarebytes and installed a new version, but the same results...it won't open.

 

System restore will not work yet either.

 

It is doing some really weird stuff when I do Google searches too; no matter what I search for, when I click on a result, the page it opens it nothing even close to what I clicked on. I searched for "Steelers", and when I clicked on the result for steelers.com, it took me to some YouTube video of Howie Mandel ... :doh: :fs1:

 

I guess it's time to give in and wipe it out, or buy a new hard drive. Maybe I'll just buy a new HD so I can upgrade to a larger capacity :idea: .

Link to comment
Share on other sites

I feel your pain on this one. I'm just finished working on a friends computer that was totally hosed from clicking on those things you shouldn't. I would have just reloaded it and be done with it but the recovery disk are lost and the partition on the hard drive with the recovery disk was infected. Soooo, long story short, I followed these instructions on this website

 

http://www.techspot.com/vb/topic58138.html

 

It takes awhile but will get the job done. I followed it through several times until all the bugs were gone. All in all, roughly around 800 infected files or registry issues were found. The great thing about this solution is that if the bug hides from certain programs, the other ones find it.

 

Oh and that computer had Norton as well. I really like the Avira and Comodo combination and will probably dump my norton when its subscription is up for them.

 

Also, I didn't do the whole post to the forum thingy that the instructions called for. Once all the programs ran clean, I knew I had them all.

 

:cheers:

Link to comment
Share on other sites

I feel your pain on this one. I'm just finished working on a friends computer that was totally hosed from clicking on those things you shouldn't. I would have just reloaded it and be done with it but the recovery disk are lost and the partition on the hard drive with the recovery disk was infected. Soooo, long story short, I followed these instructions on this website

 

http://www.techspot.com/vb/topic58138.html

 

It takes awhile but will get the job done. I followed it through several times until all the bugs were gone. All in all, roughly around 800 infected files or registry issues were found. The great thing about this solution is that if the bug hides from certain programs, the other ones find it.

 

Oh and that computer had Norton as well. I really like the Avira and Comodo combination and will probably dump my norton when its subscription is up for them.

 

Also, I didn't do the whole post to the forum thingy that the instructions called for. Once all the programs ran clean, I knew I had them all.

 

:cheers:

OK...I am going to give this a shot.
Link to comment
Share on other sites

I feel your pain on this one. I'm just finished working on a friends computer that was totally hosed from clicking on those things you shouldn't. I would have just reloaded it and be done with it but the recovery disk are lost and the partition on the hard drive with the recovery disk was infected. Soooo, long story short, I followed these instructions on this website

 

http://www.techspot.com/vb/topic58138.html

 

It takes awhile but will get the job done. I followed it through several times until all the bugs were gone. All in all, roughly around 800 infected files or registry issues were found. The great thing about this solution is that if the bug hides from certain programs, the other ones find it.

 

Oh and that computer had Norton as well. I really like the Avira and Comodo combination and will probably dump my norton when its subscription is up for them.

 

Also, I didn't do the whole post to the forum thingy that the instructions called for. Once all the programs ran clean, I knew I had them all.

 

:cheers:

OK...I am going to give this a shot.

 

Well...no luck there either. Guess I am screwed. None of the programs will open or run, so I can not do anything with it.

Link to comment
Share on other sites

That sucks.

 

I thought I was going to get hosed because I could not get the owner account to open. It would just say loading setting and do nothing. I was able to log in with the other user account and run Avira the first time which killed off whatever was stopping the owner account to lock up. Then it just took time to run the rest. However I just found out that even though the owner account ran clean, for the heck of it I ran the 8 steps in the other account and it found a few more bugs. :nuts: I would think it should have got them under the main account.

 

I guess your down to reloading. I hope you are at least able to get anything of importance off of it.

 

Good luck

:cheers:

 

EDIT: I forgot one thing that also helped out. I went here: http://www.kaspersky.com/virusscanner and did the online scan. It won't fix anything but it will tell you what you have. I was able to delete some files and registery issues that it pointed out was causing problems. This made the system more stable to continue with the 8 steps.

Link to comment
Share on other sites

norton and mcaffee are bloated piles of poo. ditch them. Run a program called malwarebytes (it's free). That seems to be the best download I have found for stuff like this. For antivirus I run the free version of avast!.

Ain't that the truth!

Link to comment
Share on other sites

I will look in to the Avira. Right now, I am on my laptop as my PC has decided to lock up again and I am tired of messing with it.

 

The system restore will not work. I have tried running it 3 times now, and I select a restore point, but when I go to the screen where you click "next" to confirm and begin the restore, it just sits there and does nothing. I left it for nearly an hour to no avail, so what ever is in there is blocking that too. :shake:

 

I have run in Safe Mode, but the results are the same, nothing will work :dunno: .

 

OK...the slightly longer story (if it will help) is; I downloaded a DVD movie file using Vuse as usual (I burn a lot of DVD's), and once downloaded, I clicked on the file and a little pop-up opened telling me that I needed to update the codec for the file, so I clicked on it to do so. I did not feel right about doing it, but for some stupid reason I clicked...and now I am here... :mad:

 

 

NWPhotog - If by "nuke and pave", you mean reformat, I have been considering that, but I have only evif a rootkit er done that one time many years ago. I was concerned that I would go through that huge pain and still not get rid of the problem. I would be happy to go through it if I knew it would definitely get me out of this.if a

 

No pop-ups, and I have not figured out how to identify it yet.

 

 

Brent

 

There are a lot of steps to properly cleaning a virus. Generally you start by turning off restore points, installing/updating the programs you are going to run, then booting into safe mode before you run them. If a rootkit has been installed it will be very tough to get 100% clean. A format/reinstall will get 100% clean but you will be starting from ground zero. Anything you save and reload could reinfect the clean machine. Anything I can help with just ask.

Link to comment
Share on other sites

OK...thanks guys :cheers:

 

I guess I am going to reformat. I have been faithful about doing back-ups of my system to and external hard drive, so I will not really lose much other than anything that I may have saved in about the last week, which isn't much. I did my last back-up a few days before this started :thumbsup: .

 

OH...and I tried running the updated software in safe mode to with the same results...will not open or run.

Link to comment
Share on other sites

With a good back up, reformatting is the way to go. After you do a reinstall and have it set up the way you want make an image of it so if you ever have issues again you can painlessly restore it. Use Ghost or Acronis True Image to make the image. Any questions let us know so we can help. :wavey:

Link to comment
Share on other sites

OK...thanks guys :cheers:

 

I guess I am going to reformat. I have been faithful about doing back-ups of my system to and external hard drive, so I will not really lose much other than anything that I may have saved in about the last week, which isn't much. I did my last back-up a few days before this started :thumbsup: .

 

OH...and I tried running the updated software in safe mode to with the same results...will not open or run.

 

In my humble opinion, don't get too hung up on which tool is best. That being said, Symantec/Norton tilts to the worthless side of the scale IMO. Trend is more commercial grade. Some people run into problems and they spend days trying to fix it. Then us IT folks look at their computers only to find 2 virus scanners and 15 freeware spyware apps. Then they hint that their computer "may be running a little slow". No kidding? Remember nothing catches everything but wipe and reload fixes everything so plan for that.

 

If your computer came with actual restore cd's (some Dell's park the restore image in a partitiion), store that in a safe place. If you buy a computer, make sure it comes with restore cd's. Wipe and reload is the best fix there is as long as you have your backups. If you have the restore cd's it is pretty much automatic. Who knows, it may happen again in 30 days.

 

By the way, if you don't have restore CD's and your image is stored on a drive partition, there should be a tool to make the cd's. You will want a copy of that in case your drive crashes.

 

But on the other hand, you probably can't read any of this because your computer is hosed, right? :yes:

Link to comment
Share on other sites

This is bit off-topic, but when Taz reformats and reinstalls he'll have to make the choice too. :D Right now I have two hard drives, one for the OS (XP Pro) and the other for applications. Both are using the FAT32 file system. I'm debating whether or not to convert the drives to NTFS, and realize if I do there's no going back. What do you gurus recommend? I've never used the NTFS file system. I'm mainly interested and better stability and saving hard drive space. And I do run some old DOS based games like DooM - will those be affected if I convert to NTFS? Thanks :cheers:

Link to comment
Share on other sites

My computer is a Gateway. I am back on it now...reformatted and running good :thumbsup:

 

I started the process at about 5:30 PM, and it's now 10:00 PM. I have all the basics done, but I have not been able to reload my files from the external hard drive yet, as I used Nero BackItUp 4 (download verison) to save them, and now I can not get a download of that program to replace it. I have sent a request to Nero to get an active download link so I can recover all of my stuff.

 

Don...my recovery automatically went to NTFS, which I had switched to manually a log time ago anyway. I am done for tonight now; I have a lot of software to install again, but my eyes are tired and so is my mind.

 

Thanks again for all of the help. I will soon be back in the saddle with all my toys working. :yes:

Link to comment
Share on other sites

Sucks that you had to reformat.

 

I've gotten 3 virus's over the last 2 years (different machines), and I'm far from a pro (sometimes blindly just trying to work through it), this is what worked for me:

 

Try to figure out 'when' I picked it up, and do a time based search of files/programs on my computer.

 

Find, and delete anything brand new that was installed during that time, especially prefetch files & exe's.

 

I internet search the file names of anything I'm unsure of, and also search the names of the files I know make up the virus.

I delete what I can, based on the time of instal, and anything that won't delete, I go get in safe mode.

 

A few times, the deleted file kept popping back up (esp after a restart), but that just tells me I didn't find the root yet.

 

 

Some have taken longer to completely eliminate than others, but I'm 3 for 3 using this method.

Maybe it's just dumb luck, but 'lucky' beats 'good' everytime anyway. :dunno:

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...