• Welcome to The Truck Stop! We see you haven't REGISTERED yet.

    Your truck knowledge is missing!
    • Registration is FREE , all we need is your birthday and email. (We don't share ANY data with ANYONE)
    • We have tons of knowledge here for your diesel truck!
    • Post your own topics and reply to existing threads to help others out!
    • NO ADS! The site is fully functional and ad free!
    CLICK HERE TO REGISTER!

    Problems registering? Click here to contact us!

    Already registered, but need a PASSWORD RESET? CLICK HERE TO RESET YOUR PASSWORD!

bad virus what to do???

DEERE3594 said:
how do i do this?
Click to expand...

basically this means installing windows new and scrapping everything you had by either wiping first or at least slow formatting.
all your data that was in contact with this computer (USB flash drives, external hard drives, DVDs you burned from it) is compromised.
it needs to be thoroughly searched and the good data copied and all the hard drives need to be wiped.

otherwise you will face the same situation 3 months down the road.
 
Franko914 said:
Hello Justin,

Just sent you a PM.

When you boot/reboot your PC, the BIOS information comes up first which starts the copy of the Basic Input Output System into your PC's memory. This, in turn, starts to load your OS (e.g., Windows, Linux, etc.). Just before/as the Windows logo pops up, press [F8] -- that should bring up a list of options on how to boot up. Select "Safe Mode" or "Safe Mode with Networking".

If you can connect to the Internet, update your virus signature files and run your antivirus program. Download MBAM (Malware Bytes Anti Malware), update its signature files and run it.

Franko
Click to expand...

everybody here will tell you different things, but i can tell you one thing that paying for any software is a WASTE of money since there are plenty good open source / freeware programs out there.
 
Why don't we just try to focus on helping Justin with his immediate issue for now, if that's alright with you guys.
 
I agree with Franko, guys - don't overwhelm Justin with tech stuff.

The first, most obvious task is to kill the hijack.

If he has picked up what I think he has, it's a BHO-based trojan and won't propagate through his files - we have a little time here.

=====

Justin: last time we worked on your PC, you downloaded SuperAntiSpyware, correct? You say SAS is picking up this infection, but is unable to clean it... did you update the SuperAntiSpyware before you scanned?
 
He's on his way to work, won't be in front of his PC until late tomorrow morning.

JiFaire, do you know what OS he's running?

Regards,
Franko
 
He has XP, Franko. Probably hasn't been updated and (Nick - VW LupoTD) is right, it likely needs to be scrubbed. This isn't the first time we've tried to rescue Justin's PC.

Justin has a bad habit of just clicking on things that pop up - in the past, he got himself infected with AV2009, QDRPack, and a couple other minor exploits, despite the warnings.

My suggestions here are:

a] SuperAntiSpyware (he has it installed already) - update first, then scan.

b] MalwareBytes (from MalwareBytes,org) - install, update, full scan

c] Trend Micro Housecall (http://housecall.trendmicro.com) - full online scan

Once he has the hijack disabled, he should be able to run ccleaner (also already installed) to wipe his temp files and cache. I would suggest a run of HijackThis! to give us a registry-level peek at what he picked up, but I suspect that's too technical a task.

He might be able to ditch this with a systemrestore, but I don't have time to walk him through it right now, and I have my doubts that it can be fixed that way.

Guys - work together, go slow, be very clear. Too many divergent directions will just mess things up. He may well need to do a complete wipe and build, but I doubt he can do it from our directions, and once he stats, he's cut off from help.

Nick - great idea on the newly-built box with remoteassist... that sounds like the ideal solution - but remember he will have a pile of pictures/files he'll need to keep.
 
JiFaire said:
He has XP, Franko. Probably hasn't been updated and (Nick - VW LupoTD) is right, it likely needs to be scrubbed. This isn't the first time we've tried to rescue Justin's PC.

Guys - work together, go slow, be very clear. Too many divergent directions will just mess things up. He may well need to do a complete wipe and build, but I doubt he can do it from our directions, and once he stats, he's cut off from help.

Nick - great idea on the newly-built box with remoteassist... that sounds like the ideal solution - but remember he will have a pile of pictures/files he'll need to keep.
Click to expand...

give a man a fish and he will eat for a day,
make him drive down here and watch me fix everything and educate him
and he will never have to ask for fishing instructions again.

(isn't that what it said in the great book ? ;-))

i can fix everything here or even come up there, i already sent him a PM.
luckily he is not that far away.

but another 2 cents - you can never fix any of this, it is a user failure if what has been said is true (virus history and tendency to just click on things) and has nothing to do with how good his antivir was or which firewall he used.
we need to fix this problem at the root and NOT on a software / hardware level in order not to be doing this over and over.
you guys know i like to do stuff right the first time ):h

you can only fix a PC by online instructions if you have a second one next to you, but even then, only a matter of time until that has something again too.

and seriously - once something is on it -> FORMAT.
you never know what the heck is all messed up, waste of time in my eyes.
 
not to hyjack this tread,but i got issues with my McaFee anti virus protection,something has turned it off and i cant turn it back on,it shows red alert(files are at risk),Restore did,nt work,Macfee cant help or fix it.And i know dickall about this electronic shit to start with.
Firewall is on.Internet and network are protected.

Whats up with that.?
 
bison said:
not to hyjack this tread,but i got issues with my McaFee anti virus protection,something has turned it off and i cant turn it back on,it shows red alert(files are at risk),Restore did,nt work,Macfee cant help or fix it.And i know dickall about this electronic shit to start with.
Firewall is on.Internet and network are protected.

Whats up with that.?
Click to expand...

bison, let us try and do a remote assist as a trial run in your case.
do you have any type of instant messaging software ?
skype, icq, AOL IM, Yahoo IM or best Trillian ?
if so send me a PM.
also what Operating System are you running ?

Let us see if we cannot get me to move you mouse from half way across the globe ;-)

http://adacosta.spaces.live.com/blog/cns!E8E5CC039D51E3DB!24153.entry
 
VW_Lupo_TD said:
bison, let us try and do a remote assist as a trial run in your case.
do you have any type of instant messaging software ?
skype, icq, AOL IM, Yahoo IM or best Trillian ?
if so send me a PM.
also what Operating System are you running ?

Let us see if we cannot get me to move you mouse from half way across the globe ;-)

http://adacosta.spaces.live.com/blog/cns!E8E5CC039D51E3DB!24153.entry
Click to expand...
Only thing i know is i run windows XP,for the rest you may as well speak spanish,i have'nt a clue what it all means:nonod:
Oh i think i get it,i got windows messenger,I never used it but it says i'm signed in.):h

I'm also on dial up,that means only one line,Phone or internet(bout as fast as a tectonic plate) ,not both.

What you'r proposing,is that not what hackers do without permission:smile5:
 
had a buddy work it out, think its all good now. all started over
thank you guys for everything though!
 
One question though. google chrome and IE wont work and i cant update superantispywear. any idea whats wrong?
 
I get this message on chrome for EVERY website:

This webpage is not available.

The webpage at http://thetruckstop.us/ might be temporarily down or it may have moved permanently to a new web address.

More information on this error
Below is the original error message

Error 102 (net::ERR_CONNECTION_REFUSED): Unknown error.
 
You must log in or register to reply here.
Back
Top