Author Topic: Viruses are killing me slowly.  (Read 10476 times)

Offline Quemaqua

  • 古い塩
  • Administrator
  • Forum god
  • *
  • Posts: 16,498
  • パンダは触るな。
    • Bookruptcy
Viruses are killing me slowly.
« on: Monday, August 30, 2010, 09:32:02 AM »
I have no idea where these fuckers are coming from, but I came down with a batch of them the other day, including some I'd already had (like that Anti-malware Doctor scam and such).  The worst of them were a couple EXEs that loaded at startup and stopped me from loading any programs.  They'd give me an error saying that any EXE I tried to run was infected and I should run their virus scanner.  I managed to kill those off manually with the help of HiJackThis, but unfortunately my PC won't connect to the internet and I can't for the life of me figure out what to do about it.  Malwarebyte's program, Spybot, and AVG have all run thorough scans and cleaned everything there seems to be to clean, I got rid of everything that seemed shady with HiJackThis, and I used CCCleaner to dump a bunch of stuff... but every time I load Firefox or IE, no pages will load, and no programs are able to update or anything.  But I can connect to the internet via my wireless router with my laptop no problem, so I have no idea what's going on and there doesn't appear to be anything I can do.

I'm so unbelievably frustrated.  I thought I'd gotten rid of all this shit weeks ago.  I still can't do a system restore, either.  No matter what day I choose to restore to, they all fail.

Any help is appreciated.  I've been doing internet searches but haven't come up with shit.

天才的な閃きと平均以下のテクニックやな。 課長有野

Offline idolminds

  • ZOMG!
  • Administrator
  • Forum god
  • *
  • Posts: 11,930
Re: Viruses are killing me slowly.
« Reply #1 on: Monday, August 30, 2010, 10:27:58 AM »
Maybe check your hosts file? Its at C:\WINDOWS\system32\drivers\etc\hosts and thats to the actual file, it has no extension. Just open it in notepad. The top part should have a bunch of lines like a readme with a # in front of them, then below that could be IPs and such. If there are a ton of entries, delete all the IPs except the line:

127.0.0.1       localhost

If its not the hosts file it might be the only one there. Some viruses will put stuff in there to redirect you around and maybe one is blocking everything? Worth a look, anyway.

Offline scottws

  • Gold Member
  • *
  • Posts: 6,602
    • Facebook Me
Re: Viruses are killing me slowly.
« Reply #2 on: Monday, August 30, 2010, 05:35:26 PM »
If possible, put your hdd in an external enclosure and attach it to another PC and scan it with a bunch of stuff.  Rootkits are pretty much the norm these days.  If you let viruses take hold (as it sounds like you did from the other thread where you thought it was something just with Firefox), eventually you are going to get to a point where no amount of "online" scanning is going to do it because various rootkits are obfuscating the malware and viruses.  You have to be able to scan it without the rootkits loading and the only way to do that is from a boot-time scanner or booting into another environment and loading the disk there and scanning it.

Honestly though, it sounds like at this point you should just reformat.

Offline Quemaqua

  • 古い塩
  • Administrator
  • Forum god
  • *
  • Posts: 16,498
  • パンダは触るな。
    • Bookruptcy
Re: Viruses are killing me slowly.
« Reply #3 on: Monday, August 30, 2010, 09:29:59 PM »
Yeah, the Doc thing I had before that was fucking with FF was actually a rootkit, but I did remove it.  Once I figured out what it was I found a program specifically for removing it and manually deleted all the registry entries.  I have no idea where this new batch of shit came from, but this is completely different from before.

I know I should reformat, but that seems to be much less of a big deal to everyone else than it is to me.  It's a huge pain in my ass, I have an absolute shit-ton of stuff to back up, and I have very little motivation to deal with any of this crap at this point in my life.

Thanks for the help, though.  I'll check that out, idol, see if it gets me anywhere.

天才的な閃きと平均以下のテクニックやな。 課長有野

Offline scottws

  • Gold Member
  • *
  • Posts: 6,602
    • Facebook Me
Re: Viruses are killing me slowly.
« Reply #4 on: Monday, August 30, 2010, 09:36:46 PM »
Welcome to the world of modern viruses.  One opens the door to many.  Those fake anti-virus programs ("scareware") are just gateways and you invariably will get more stuff if you don't remove it immediately.  At work we instruct people to shut down as soon as they report any sort of virus infection and we disconnect it from the network as we work on cleaning it, but of course we have more resources and resorting to reimaging is always a quick (and guaranteed) solution.

If you don't kill the stuff in one fell swoop you are going to continue to get infections and it is inevitable that some personal account of yours will get compromised.  Reformatting is a pain, but is it more of a pain than having your bank account emptied or your e-mail account hijacked?  Trust me, I've seen it happen.

I don't want to scare you or offend you, but I honestly believe that you aren't taking it as seriously as you should.  It sounds like you are annoyed and consider it a nuisance rather than the real danger it could really turn out to be.  At the very least cease entering logins into... well... anything.  Malware and viruses aren't just practical jokes anymore.  They are big business and millions get stolen.

Offline angrykeebler

  • Veteran
  • ****
  • Posts: 1,717
Re: Viruses are killing me slowly.
« Reply #5 on: Monday, August 30, 2010, 10:34:38 PM »
Hey Que, the exact same thing happened to my dads computer. I managed to get rid of them but i cant seem to get it to connect to the internet either. If you get things sorted, please let me know how you did it
Suck it, Pugnate.

Offline scottws

  • Gold Member
  • *
  • Posts: 6,602
    • Facebook Me
Re: Viruses are killing me slowly.
« Reply #6 on: Tuesday, August 31, 2010, 04:04:33 AM »
Hm, I just thought about what I said last night and realized that Que's Internet isn't working on the infected PC.  I guess he won't be using it much after all.  Still, at the point he's at I think a reformat/reinstall is the best option.  I mean scanning it offline with one or more virus scanners might pick up and clean a few things but there is a good chance some things will just be broken.

Offline beo

  • Veteran
  • ****
  • Posts: 1,480
  • ****
Re: Viruses are killing me slowly.
« Reply #7 on: Tuesday, August 31, 2010, 06:54:31 AM »
i repair home computers as a side job, so see this kind of thing all the time. you can spend hours struggling to remove everything which almost certainly will result in failure - or you can bite the bullet and format. backing up a user profile onto an external drive is far quicker, easier and infinitely more productive than battling the viruses.

Offline Quemaqua

  • 古い塩
  • Administrator
  • Forum god
  • *
  • Posts: 16,498
  • パンダは触るな。
    • Bookruptcy
Re: Viruses are killing me slowly.
« Reply #8 on: Tuesday, August 31, 2010, 09:44:53 AM »
Yeah.  Well, I guess it's time for a clean sweep.  I just want to know how the fuckers got on there in the first place.  I'm really pretty careful about this sort of thing and have absolutely zero idea how it might have happened.

I guess I'll stop by Best Buy later and pick up a copy of Windows 7.  May as well make the leap if I'm going to do this.

*sigh*

Well, thanks guys.  I appreciate all your help.  If nothing else, the kick in the ass to just get on it and reformat was probably much needed.

天才的な閃きと平均以下のテクニックやな。 課長有野

Offline scottws

  • Gold Member
  • *
  • Posts: 6,602
    • Facebook Me
Re: Viruses are killing me slowly.
« Reply #9 on: Tuesday, August 31, 2010, 01:53:59 PM »
About a year ago, scareware was being sent to users via infected ad servers.  This means you could be visiting even legitimate sites and get infected.  For instance I know at one time Fox News was being served ads from an infected ad server.  It didn't matter what browser you used, either (or at least both Firefox and IE users were affected).

I'm not sure about the delivery mechanism now, but I now see less scareware than I did a year ago.

Offline Quemaqua

  • 古い塩
  • Administrator
  • Forum god
  • *
  • Posts: 16,498
  • パンダは触るな。
    • Bookruptcy
Re: Viruses are killing me slowly.
« Reply #10 on: Tuesday, August 31, 2010, 11:28:31 PM »
Well, I bought a copy of Windows 7.  Reformat to happen sometime soon.

Fucking computers.

天才的な閃きと平均以下のテクニックやな。 課長有野

Offline Cobra951

  • Gold Member
  • *
  • Posts: 8,934
Re: Viruses are killing me slowly.
« Reply #11 on: Wednesday, September 01, 2010, 09:25:00 AM »
Sandy had an encounter recently with an infected site.  They sell yarn, something pretty innocuous.  But somehow this shit that tells you you have a gazillion viruses & trojans installed popped up on her.  So she called me and said that "Microsoft Security" came up on her PC and told her she was infected.  It took me a while to understand what was really happening, and then another while to make her understand what it really was.  I told her to just terminate the FF process, and I'd be there the next day.  Unfortunately, FF is set up to restore the previous session, so there it was again when I got there.  Got that straightened out, then I killed that POS AVG Free and installed MS Security Essentials instead.  Scanned everything, came up clean.  I installed NoScript on FF, and explained how to use it to her.  So what does she do?  She goes to that site again, sees that it doesn't work without Javascript, and fucking allows the page!  What a surprise, "Microsoft Security" tells her all about her "infections" again.   ;D

Offline idolminds

  • ZOMG!
  • Administrator
  • Forum god
  • *
  • Posts: 11,930
Re: Viruses are killing me slowly.
« Reply #12 on: Wednesday, September 01, 2010, 09:59:36 AM »
heh. I have to reformat my dads laptop sometime soon. They've got some bad stuff on it, Im sure. Takes like 5 minutes to boot and my dad tells me he gets this weird popup on his credit card site. Yes, this apparently isn't a HUGE CONCERN...I keep offering to do the reformat and he always puts it off.

I need to figure out how to train them with Noscript and stuff, but I think the outcome will be the same as Cobras. I put that Sunbelt Personal Firewall on there for them and told them how to use it. Except I think whenever a warning comes up they just click "OK" anyway.

Offline scottws

  • Gold Member
  • *
  • Posts: 6,602
    • Facebook Me
Re: Viruses are killing me slowly.
« Reply #13 on: Wednesday, September 01, 2010, 11:52:21 AM »
These days it's really about training people to understand the modern virus and social engineering methods and to clean shit up immediately.  But since that is really difficult to do, it really is best to turn on UAC and don't make people admins.  Jennie is a regular user on my PC at home and while she was initially annoyed by it, she has gotten used to it and I bet I've been saved from soooooo many viruses.

Trouble is running as a non-privileged user in Windows XP sucks.  It's a lot better in Vista and 7.

Offline angrykeebler

  • Veteran
  • ****
  • Posts: 1,717
Re: Viruses are killing me slowly.
« Reply #14 on: Sunday, September 05, 2010, 01:02:10 PM »
I ran Spybot and Windows Malicious Software removal tool and removed everything that had to do with the virus. Restarted the computer and connected to the internet just fine. Whew.
Suck it, Pugnate.

Offline Quemaqua

  • 古い塩
  • Administrator
  • Forum god
  • *
  • Posts: 16,498
  • パンダは触るな。
    • Bookruptcy
Re: Viruses are killing me slowly.
« Reply #15 on: Sunday, September 05, 2010, 02:27:02 PM »
Lucky you.

天才的な閃きと平均以下のテクニックやな。 課長有野