Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




1937 posts

Uber Geek
+1 received by user: 53
Inactive user


Topic # 25959 7-Sep-2008 21:36
Send private message

I think I have serious XP computer problems.

First I lost some files on a memory card so installed a recovery program. When I used this to run a scan on the card, Avast threw up warnings about 2 trojan horses and I wondered if this might be a false alarm due to the way the program worked.

Anyway now I'm unable to connect to the internet properly.

www.google.com loads, but not any searches that I do in google (it just times out)

trademe.co.nz doesn't load at all

But some other pages do load.

I've done a full scan with Avast which didn't come up with anything else.

I ran Spyware Terminator with no result.

I eventually ran System restore and that restored my Firefox browsing capabilities...until a popup took me to some dodgy website (popped up in a new window), and refused to close without respawning. Then my internet went down again (in the same way as above).

System restore again worked - but again only momentarily.

Any things I can do before I trash my c: and reinstall windows for the nth time?

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
2483 posts

Uber Geek
+1 received by user: 4

Trusted

  Reply # 162937 7-Sep-2008 21:41
Send private message

1. Probably wipe your system
2. Use reputable, safe and reliable programs in the future

That's it.

Keeping yourself out of danger in the first place is always best, and unfortunately this needs to be kept in mind everyday - there are plenty of "tools" out there.




Find me on Twitter!

I posted 1, 2 x 10^3 times!



1937 posts

Uber Geek
+1 received by user: 53
Inactive user


  Reply # 162957 7-Sep-2008 23:10
Send private message

So is there no feasible way to avoid a system reinstall?

 
 
 
 


6303 posts

Uber Geek
+1 received by user: 378

Moderator
Trusted
Lifetime subscriber

  Reply # 162962 8-Sep-2008 00:03
Send private message

I was in the same situation not long ago, and it happened just after a reinstall which made it very frustrating.  Here's what I did:
  1. Download and run AVG and Ad-Aware
  2. Download Security Task Manager - I can't remember how I found this program, but it identified three running processes which were viruses.  The great thing is you can shut the process down, and remove them from your system at the same time.

xpd

The Overrated Raccoons
8525 posts

Uber Geek
+1 received by user: 1182

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 162977 8-Sep-2008 08:03
Send private message

SmitFraudFix can be handy as well, has saved me from reinstalling so many machines it isnt funny.

But if still no luck after doing a big cleanup/scan, then backup, reinstall.




XPD / Gavin / DemiseNZ

 

For Free Games, Geekiness and Reviews, visit :

 

Home Of The Overrated Raccoons

 

Battlenet : XPD#11535    Origin/Steam/Epic/Uplay : xpdnz

 

 




1937 posts

Uber Geek
+1 received by user: 53
Inactive user


  Reply # 162983 8-Sep-2008 08:27
Send private message

I think I will reinstall.



Silly question but why can't "basic" software like AV and anti-malware get RID of such infections? What is the point of this software if it can't deal with the problems?



And when I reinstall, what can/should I use to prevent this happening again? Free solutions are essential.

One final question: I have a 20Gb HDD where the OS is, and a larger HDD "D:" where all my files are. Is reinstalling a clean OS onto C: going to solve my problems or is there some chance D: has also been infected/affected??

xpd

The Overrated Raccoons
8525 posts

Uber Geek
+1 received by user: 1182

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 162986 8-Sep-2008 08:47
Send private message

The infection may be on your D drive... who knows really. 
Scan D and if it appears clean then you might be ok to just sort out the C drive.

To prevent it happening again.... there is no silver bullet unfortunately apart from turn off the computer and leave it off.

I use AVG Free and thats it for Windows protection. In FF, I just have AdBlockPlus running to prevent popups etc. Along with a dose of common sense, and it works well for me Smile




XPD / Gavin / DemiseNZ

 

For Free Games, Geekiness and Reviews, visit :

 

Home Of The Overrated Raccoons

 

Battlenet : XPD#11535    Origin/Steam/Epic/Uplay : xpdnz

 

 


1539 posts

Uber Geek
+1 received by user: 235

Subscriber

  Reply # 163026 8-Sep-2008 11:05
Send private message

xpd: The infection may be on your D drive... who knows really. 
Scan D and if it appears clean then you might be ok to just sort out the C drive.

To prevent it happening again.... there is no silver bullet unfortunately apart from turn off the computer and leave it off.

I use AVG Free and thats it for Windows protection. In FF, I just have AdBlockPlus running to prevent popups etc. Along with a dose of common sense, and it works well for me Smile

@OP

I also have AVG free and love it to bits.  The problem with viruses is there are so many variations (millions I mean) so antivirus developers cant install fixes into every update, its just not feasible!  

When your antivirus wants to stop you using a program because a virus is attached etc.  believe it!  Download the file somewhere else, there are far too many dodgy websites offering free downloads of programs.  The best protection is prevention and as a preventor AVG is great.  Once they are in... well a fresh install is really the best answer!




1937 posts

Uber Geek
+1 received by user: 53
Inactive user


  Reply # 163029 8-Sep-2008 11:10
Send private message

I found AVG to be bloaty, and more importantly some time in the past AVG did not support multiple users in XP.

So I have used Avast! since and haven't run into problems until now.

Avast! did alert me and correctly delete the files that it detected, but the problem was not entirely solved (obviously).

156 posts

Master Geek


  Reply # 163205 9-Sep-2008 00:32
Send private message

If you haven't reinstalled yet, there are a few more things worth trying. MalwareBytesAntiMalware is a current and extremely capable antispyware. (Google the name for opinions.)
Without knowing the name of the malware detected by Avast, it's impossible to give more than "blunt tool" advice (even with the file name, it can still be pretty blunt, trying to diagnose from afar) but I am very interested to know the name of the recovery software that gave you this, and from where (no links, please) you downloaded it.

Instructions:

Download MBAM, rename the installer from mbam-setup.exe file to mb.exe to help work around certain malware that will block it from being run. Install it, update it (Using the mirror for updating that works-I find the second choice usually the fastest, but you might just have to take what works. You'll see what I mean when you click the update tab, there is an option box below the update button.) Run a full scan. The program may ask for a restart to delete some files following scanning, click OK to any of the questions it asks concerning this, and restart promptly.

Download ATF Cleaner
 to the desktop (or any convenient folder) and open it. Under "main", select "all. Under "Firefox" select "all". If there are password you wish to keep, answer appropriately at the prompt. If there are cookies you wish to keep, untick "cookies' in each section.
Run, then close. You can keep this, or delete it once you've finished with it.

Last but not least (things should be working a lot better by now,) run a boot scan with Avast. This can take a while. Open Avast, click "menu", select "schedule boot time scan", follow the prompts. Restart. go make a cuppa. Periodically check to see if anything requires attention. "Quarantine" rather than "delete" any malware found.

How's it going, now?
If all seems good, all functions working normally, no redirects, you should turn off system restore, reboot, turn it on again. This will delete all your restore points, soi you want to make sure things are good before doing this. The restore points (at least one of 'em, anyway) are infected.



1937 posts

Uber Geek
+1 received by user: 53
Inactive user


  Reply # 163237 9-Sep-2008 09:36
Send private message

I reinstalled the system. As I have 2 HDDs it's not too big a deal and lets me start with a clean slate. All my documents were on the other HDD in the first place.

Is Avast! "ok" as a free solution?

If so, what should I add to it for spyware/malware? I used Avast alone previously - was this my downfall?

I've heard of so many anti-spywares but wasn't sure if it was required and which I should use.

1539 posts

Uber Geek
+1 received by user: 235

Subscriber

  Reply # 163256 9-Sep-2008 11:00
Send private message

Your downfall was ignoring the warnings the antivirus gave you!!  If it says virus, then it probably is and if you install it anyway you will get infected!  Make sure you do backups of your data at regular intervals!



1937 posts

Uber Geek
+1 received by user: 53
Inactive user


  Reply # 163260 9-Sep-2008 11:24
Send private message

No warnings until AFTER the installation.

140 posts

Master Geek
+1 received by user: 4


  Reply # 163261 9-Sep-2008 11:26
Send private message

Tarq57: I am very interested to know the name of the recovery software that gave you this, and from where (no links, please) you downloaded it.


Most likely ahmad would have been downloaded it from a questionable source - probably a torrent or p2p - so it may not have been the fault of the recovery software itself.

156 posts

Master Geek


  Reply # 163276 9-Sep-2008 12:30
Send private message

--Is Avast! "ok" as a free solution?

Yes. Always scores well at www.av-comparatives.org The free version lacks some of the features of the pro (such as scheduled scanning) but uses the same detection and cleaning engine.
It also features "boot time scanning", which, had you used it, might possibly have cleaned the problem.


--If so, what should I add to it for spyware/malware? I used Avast alone previously - was this my downfall?

Probably not. Wthout knowing what was running/the procedure used to download/install it, it's impossible to say what the downfall was.
Some general possibilities, though: You didn't scan the installer before running it.
You downloaded the installer from a less-than-healthy source.
Some of your software is out of date, a likely and frequent conduit for malware.
You did everything correctly but it's a new malware, not yet detected by the AV companies.

-- I've heard of so many anti-spywares but wasn't sure if it was required and which I should use.

Not a bad idea at all to add an antispyware demand scanner (or two) to the security lineup. MBAM is excellent. So is Superantispyware. Both have free (demand scanning) and pay (resident) protection.

General tips:
- Keep software/Windows up to date. Updates/patches are often released to fix vulnerabilities in software. Have a look at www.secunia.org. for online scan or download-able application that can monitor your software state. (common culprits include Java. Many malware logs I've seen have out of date Java installed.)
- Use a two way firewall.
- Scan everything with an updated scanner before instaling it.
- Downloads should ideally be from the manufacturer's website, or an approved mirror site.
- Consider learnig about HIPS/behaviour blockers. You have SpywareTerminator. (Not a huge fan, myself, but its ok). If you had this running resident with the HIPS active, it should have popped multiple warnings when you tried to install this trojan-infected file.
- Your backup and recovery plan seems to have helped this time. Good.

nairda: Possible, for sure, but I don't see you can say "most likely" unless you know the user. Bit accusatory.



1937 posts

Uber Geek
+1 received by user: 53
Inactive user


  Reply # 163280 9-Sep-2008 12:44
Send private message

Tarq57 thanks for that. Sorry I can't recall the name of the program or the files - should have copied them down but I am extremely busy at the moment and just needed to get up and running again.

In my search for photo recovery software a lot of the sites seemed to feel a little "dodgy", but I wanted to see if images could be recovered. They weren't able to be fully recovered by the "free demo" version so I didn't proceed (free to view, pay to recover).

With regards 2-way firewall - any suggestions? I have only used Windows FW in the past because ZoneAlarm was far too "pestering" for my liking. And I was always afraid I would accidently (or unknowingly) "allow" something that I shouldn't have.

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

CPTPP text and National Interest Analysis released for public scrutiny
Posted 21-Feb-2018 19:43


Foodstuffs to trial digitised shopping trolleys
Posted 21-Feb-2018 18:27


2018: The year of zero-login, smart cars & the biometrics of things
Posted 21-Feb-2018 18:25


Intel reimagines data centre storage with new 3D NAND SSDs
Posted 16-Feb-2018 15:21


Ground-breaking business programme begins in Hamilton
Posted 16-Feb-2018 10:18


Government to continue search for first Chief Technology Officer
Posted 12-Feb-2018 20:30


Time to take Appleā€™s iPad Pro seriously
Posted 12-Feb-2018 16:54


New Fujifilm X-A5 brings selfie features to mirrorless camera
Posted 9-Feb-2018 09:12


D-Link ANZ expands connected smart home with new HD Wi-Fi cameras
Posted 9-Feb-2018 09:01


Dragon Professional for Mac V6: Near perfect dictation
Posted 9-Feb-2018 08:26


OPPO announces R11s with claims to be the picture perfect smartphone
Posted 2-Feb-2018 13:28


Vocus Communications wins a place on the TaaS panel
Posted 26-Jan-2018 15:16


SwipedOn raises $1 million capital
Posted 26-Jan-2018 15:15


Slingshot offers unlimited gigabit fibre for under a ton
Posted 25-Jan-2018 13:51


Spark doubles down on wireless broadband
Posted 24-Jan-2018 15:44



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.