Jump to content

Virus/Malware Help?

CleaveTheGreat

By CleaveTheGreat
in Dumpster

 Share

Recommended Posts

CleaveTheGreat Veteran

CleaveTheGreat

Posted
Posted

I think I have a virus or some sort of malware on my desktop. I wasn't running any antivirus because I'm lazy and never reinstalled it when I reinstalled XP on my desktop a few weeks ago and now whenever I'm turn it on, it gives me a logon screen (I only have 1 account on this computer and it isn't passworded) and I'm getting all kinds of error messages when XP starts. Also, when I open Firefox or IE it will only load certain websites, other ones (such as microsoft.com or anywhere that I could download some sort of antivirus to fix the problem) will not load. I'm not computer retarded but I've never had something that only restricts certain websites. I tried installing AVG antivirus but it won't run the setup because it says I don't have an active internet connection (which I obviously do since I'm on OR). Any advice/ideas would be appreciated.

Link to comment
Share on other sites
RVTPilot Grand Master

RVTPilot

Posted
Posted

Boot up your machine in Safe Mode with Netowrking and see if you can get to the internet and go to Malwarebytes.org. If you can get there, download the free tool, install and run the full scan. Upon reboot re-enter Windows normally. From there see where you can get on the 'net and go get AVG or something free and run its scan. Let me know what you find.

Link to comment
Share on other sites
CleaveTheGreat Veteran

CleaveTheGreat

Posted
  • Author
Posted
Boot up your machine in Safe Mode with Netowrking and see if you can get to the internet and go to Malwarebytes.org. If you can get there, download the free tool, install and run the full scan. Upon reboot re-enter Windows normally. From there see where you can get on the 'net and go get AVG or something free and run its scan. Let me know what you find.

I'm on my way to class, I'll do that when I get back and let you know how it works out. Thanks.

Link to comment
Share on other sites
jbot Grand Master

jbot

Posted
Posted

now, don't take this the wrong way, but the i've found that the non-"mainstream" pr0n seem to leave a smaller virus footprint on my computer.

bukkake all the way, son! virus free since dos 3.1

Link to comment
Share on other sites
ReconRat Grand Master

ReconRat

Posted
Posted
Boot up your machine in Safe Mode with Netowrking and see if you can get to the internet and go to Malwarebytes.org. If you can get there, download the free tool, install and run the full scan. Upon reboot re-enter Windows normally. From there see where you can get on the 'net and go get AVG or something free and run its scan. Let me know what you find.

What RVT said... Safe mode with networking, and install with the options for immediate update AND run. I have seen two of the "Security Tool" infections in the last week, and the Malwarebytes was the only thing that initially worked. Not the same virus you've got, I think, but still a fight. They can also stop an install, block an update, or otherwise mess around. But yes, annoying when websites are blocked. Download the scanners installs onto a thumb drive from another computer, in order to install them.

Superantispyware

Spybot

Malwarebytes (quick scan mode is ok, run first if needed)

Combofix (do not stop this one till it's done, risk of op sys damage)

Oh, and check both your hosts file and your "blocked site" and "trusted site" list in your browsers. See if they were modified.

I ran fourteen+ scans over two days to get rid of the last one. Both safe mode and normal mode scans. It didn't quite go away on the first try.

Link to comment
Share on other sites
Tonik Grand Master

Tonik

Posted
Posted

I ran fourteen+ scans over two days to get rid of the last one. Both safe mode and normal mode scans. It didn't quite go away on the first try.

There is a point where I think you need to say f' it and format the drive and do a clean install. I understand why some folks clean them but I rarely clean a machine, once it is compromised I just don't trust it anymore.

Link to comment
Share on other sites
ReconRat Grand Master

ReconRat

Posted
Posted
There is a point where I think you need to say f' it and format the drive and do a clean install. I understand why some folks clean them but I rarely clean a machine, once it is compromised I just don't trust it anymore.

That's what I tell everyone else, and would do on any other machine. But this one machine is for checking out viruses to see how they work. That's about all it does for me. And it doesn't take long to get infected (when you're trying), even with an anti-virus, and several other safeguards. And nope, don't ever put a credit card number or other info in a badly infected computer. Not even if it was cleaned up.

Link to comment
Share on other sites
CleaveTheGreat Veteran

CleaveTheGreat

Posted
  • Author
Posted

Thanks for the advice everyone. Finally making some progress. Ran scans with malwarebytes, Spybot and SuperAntiSpyware and I've ran 2 or 3 scans with MS Security Essentials. Still have a few error messages here and there and I had to turn off DEP for Windows Explorer so I may still wipe the drive but at least it's functioning now. And ReconRat, my hosts file wasn't modified and neither was my trusted/blocked sites list so not sure exactly what the deal was there.

Link to comment
Share on other sites
RVTPilot Grand Master

RVTPilot

Posted
Posted
That's what I tell everyone else, and would do on any other machine. But this one machine is for checking out viruses to see how they work. That's about all it does for me. And it doesn't take long to get infected (when you're trying), even with an anti-virus, and several other safeguards. And nope, don't ever put a credit card number or other info in a badly infected computer. Not even if it was cleaned up.

True to you and Tonik. Even if you get 90% if the shit has hacked the registry, until you fdisk it, it will keep popping up.

Cleave...stop with the midget goatse stuff. Just look at titties and be done.

Link to comment
Share on other sites
RVTPilot Grand Master

RVTPilot

Posted
Posted
Apparently my installation disc for XP has disappeared. Anyone have a copy of XP Pro they'd like to let me borrow? University of Akron only has a software license for Vista and I don't wanna pay $95 for it :(

I has a copy. PM me a shipping addy and I will drop it in the mail tomorrow.

Link to comment
Share on other sites
ReconRat Grand Master

ReconRat

Posted
Posted

I had seen the hosts file and trusted/blocked sites modified by some of these infections.

What you were describing sounded a bit like one of those. Doesn't hurt to check.

Viruses/Trojans make some really strange changes sometimes.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...