Stardock

Need some help with my comp

By on July 19, 2010 1:53:50 PM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

KrdaxDrkrun

Join Date 06/2010
+359

I have a Lenovo Ultra-portable x60s Thinkpad with Windows XP SP3.

I recently had a spyware attack: the AV Security Suite malware, and I got MBAM and Avira to get rid of it, but after it was completely gone, I still had a problem with my computer.

I cannot upload any kind of file to any kind of file sharing or hosting site.

I also get random redirects when using google to search for things.

I tried a computer search two days ago, but found nothing.

Tech forums have not been very helpful, so if anyone could assist me, I would be grateful.

 

-Syneptus

I am using Firefox, and I try to use chrome and IE but with the same effects. I reinstalled Firefox also to see if it would fix it, but it didn't.

55 Replies +1
Search this post
Subscription Options


Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 3:17:54 AM from WinCustomize Forums WinCustomize Forums

to find again

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 3:18:58 AM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

My main problem are resources. Yeah, that would be great to have a dvd drive or a flash drive or even an external HD to back my stuff up on. I don't have them is the main problem. I do not think I have the original Windows CD, because I borrowed it from my father.

That is the reason behind all of this slow picking at my system.

My comp has no cd drive, being an ultra-portable.

I have 90GB of HD space, and about 37 of it is used currently.

Hopefully this is useful info for other helpers.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 4:54:08 AM from GalCiv II Forums GalCiv II Forums

So, how do you borrow a Windows CD and activate it legally?

It sounds like you're hosed.

Buy a large flash drive or USB hard drive to store your most important files. Then buy a copy of Win7 and format/install a legit version.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 7:22:09 AM from WinCustomize Forums WinCustomize Forums

I'm reluctant to reformat...

So you might be... but if you have a trojan that situates itself in such a way as to remain undetected/missed by malware removals, you may have no other choice.  If you have such a thing, ALL your personal date IS compromised.... and identity thieves WILL have free rein with ALL your account details.  (if they haven't done so already).

As you seem to have been thwarted at every turn so far, it might be time to bite the bullet... and reformat.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 11:27:20 AM from WinCustomize Forums WinCustomize Forums

So, how do you borrow a Windows CD and activate it legally?

Well, not, with XP. That would work with Win 7, probably Vista too. But each XP CD was/is key specific. I could be wrong, but I don't think so. But that may have changed since the onset of WGA.

With 7 and Vista, any legal key will work with any legal disc of the same edition. Meaning any legit Home Premium key will work with any legit Home Premium disc as long as that key isn't in use elsewhere.

Sounds like you have a problem.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 11:41:22 AM from WinCustomize Forums WinCustomize Forums

Before everyone jumps into this kid's shit.....

Syneptus: It came with Windows XP Professional.....what happened to it??

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 11:45:42 AM from WinCustomize Forums WinCustomize Forums

But each XP CD was/is key specific. I could be wrong,

Yep, you are....

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 11:50:05 AM from WinCustomize Forums WinCustomize Forums

Quoting Jafo,

But each XP CD was/is key specific. I could be wrong,


Yep, you are....

I was afraid I might be, but didn't that use to be the case, before WGA? Seems I remember it that way, but then, i was drinking back then.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 12:07:30 PM from Elemental Forums Elemental Forums

I can attest to the issues associated with this AV crap.

Where I work several of my coworkers independently got hit with this AV thing, and so did several of our computers. So what I had to do to solve the problem myself was do the safeboot and restore to an earlier day or week before the malware hit.

Sad thing is.. I was surfing the web here at home, a few weeks ago, and was doing the usual Digg check pages for interesting information and send it to another tab to read in a timely manner.

Well I went to one, and suddenly java started downloading something. And I knew I was in for a headache, and sure enough it started running that damn AV scan. Luckily the system was able to restore to an earlier day. But talk about wanting to cause true violence on another human being.

When this type of thing happens, it's a violation that is completely unexpected. But if I ever meet the person who puts out that AV stuff. I would seriously have to be restrained to avoid causing severe physical pain. It makes me wonder sometimes why 4chan doesn't go out and hunt these guys down. Seeing as they are all cyber vigilantes.

Sorry your going through this Syneptus. And sorry your oldest restore was from 6 months ago.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 12:22:16 PM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

Heh

I fix laptop HARDWARE as a hobby

I acquired this laptop for free because the previous owner fell down the stairs upon it.

I fixed it up and its only problem is its battery's tendency to fall out randomly.

I have a LEGAL copy of Windows XP professional. My dad's work upgraded, so they had a lot of XP CDs.

Something interesting, XP CDs(and maybe other CDs as well) can only be installed three times before the CD corrupts. i have noticed this with Purchased CDs and burned CDs.

It only came with an adapter and the laptop. No HD, no CD drive. I borrowed an external DVD drive, but do not have it any longer.

Thanks for everyone's help.

I still have no uploading capabilities. For example, I cannot upload a new avatar to the forums at all.

 

Sorry about this question, but how does one boot windows in safe mode?

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 12:30:19 PM from WinCustomize Forums WinCustomize Forums

When seeking help for a computer problem it is always good to give as much information as that which is available.  It helps those folks willing to take the time and offer assistance provide a correct response.

Hope you are able to solve your problem.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 12:35:20 PM from GalCiv II Forums GalCiv II Forums

Something interesting, XP CDs(and maybe other CDs as well) can only be installed three times before the CD corrupts.

Now that's a new one. I have installed off my XP CD probably 15 times over the years without issue.

I had a similar issue last year with the Winantivrus 2009 malware virus thing. Would think I got it just for it to pop back up in couple of days. A new install was the only thing to stamp it out permanently. Not sure about XP since i've always had the disc, but for Win7 you don't need a CD drive. I installed mine off of a USB Flashdrive. Just make sure USB is supported/active in your BIOS.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 12:36:14 PM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

USB is supported.

Windows 7 is NOT supported.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 1:38:39 PM from Demigod Forums Demigod Forums

Alright, I see many bad-not helpful replies in here, and many good ones. For obvious reasons, I am not gonna bother pointing out which are wrong and focusing on the good ones.

Quoting Syneptus,
USB is supported.

Windows 7 is NOT supported.

How can Windows 7 be not supported? Every computer supports Windows 7 and Vista, except the ones that are below minimum requirements.

If so, (if your laptop is below min.), then yes, your system cant handle windows 7.

But still, cheap laptops dont need Windows 7 anyway. Win XP is perfect for them.

What? Dont tell me you wanna play games with DX11 on your laptop who doesnt even have a decent GPU to support it?

Forget what people told you, Win XP is just fine.

 

Now, it is very simple. Do this:

Quoting RedneckDude,
Find a friend who has a flash drive. Use their PC to download Malwarebytes, SpyBot S&D, and free Avast A/V.

Install these to your PC, starting with Malwarebytes. Do a full scan. Kill everything it finds. Reboot. Install/run SpyBot S&D, full scan, kill it all. Reboot. Install/run Avast, set it to run a boot time scan. Kill all it finds.

If you need to, do these things in safe mode. BTW, Have you tried booting into safe mode with networking to see if IE will work that way?

Then, when all is done. Open a command prompt in admin mode and type in sfc /scannow to see if any system files were damaged.

Once everything is normal, BACKUP your mods, turn off system restore, reboot, then turn system restore back on (this clears the restore points) .

Don't delete the restore points in disc cleanup, this gets rid of all but the most recent one. The most recent one may be full of malware/viruses. Using this restore point would do what? Restore the malware/viruses.

Doing it by turning system restore off, rebooting, then back on gets rid of ALL restore points.

It is very important that you do it from another computer, and do it on Safe mode.

RedneckDude is correct, except that Avast A/V is not very good. If I were you, I would try NOD32 instead of Avast.

And trust me, Spybot S&D and Spyware Doctor are equally awesome. As a matter of fact, I just used Spyware Doctor, "just to be safe", because I was concerned about my PC due to your story, and guess what, It did find a serious infection on system.

I dont know what it was, but when SD detected it, NOD32 also displayed a message that a serious threat was deleted. It was that exact file.

He he, as soon as Spyware Doctor found it, NOD32 deleted it. Now thats teamwork!

Here's my piece:

1. Download from a different CLEAN PC the programs you need.

2. Boot in Safe mode. You can do this by continuously hitting F8 on your keyboard as soon as your comp is turned on. A screen will appear with some choices. Choose "Safe Mode". It will take some time to boot the windows, dont worry thats normal.

3. Install Malwarebytes, Spyware Doctor and NOD32.

4. Run a FULL system scan on all these programs. The order in which you do this doesnt matter. Although, considering that Spyware Doctor is the most effective one, I would start with that.

5. Spyware Doctor or Spybot? Both are equally awesome. None of them has failed me all these years I use them, although I slightly favor Spyware Doctor. Choose whichever you want.

6. Once each scan is complete, make sure ALL threats are selected, and remove all these infestations.

7. Boot windows normally, and delete all the restore points, as RedneckDude very well said.

8. VERY important: DO NOT have all 3 or even 2 of these programs running at the same time. After each program finishes with its scan, uninstall it. I have found out that some (not all), but at least a few of these A/V or Antispyware programs often "collide" with one another, and it is best to use each one separately. At least dont let them all running at the same time. Spyware Doctor and NOD32 work fine together, but I am not so sure about other similar programs.

9. Once you are done with everything, do the necessary checks to see if the infestation(s) were removed. Report here.

One last thing: If you are worried about NOD32 not being free and all, you dont have to purchase it. Just download a trial version of it. You only need it for a full scan and then uninstall, after all.

That would be all.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 1:40:48 PM from Demigod Forums Demigod Forums

Quoting Murteas,
Sounds like you still have malware on your computer.   Try to load up the computer in safe mode and disable all non-essential start up tasks.  Then run anti-virus scan and spyware scan.   Once that is done, boot up in normal mode and leave the internet disconnected (to prevent virus from downloading or uploading any information).  At that point run hijack this to see what is running on your computer.   The log that it produces should help experts see what is going on.   You can typically post that log somewhere and people will be able to help you figure out what else needs to be "scraped" off the computer.

QFT

Quoting Heigar,
Ya it doesn't look good...

 

Here is what I would do:

restart pc ( boot to safe mode)

run antivirus scan

run Malwarebytes scan

run Spybot S&D scan

run Ccleaner and run the registry scan

start menu > run  in dialog box type msconfig > in the start up tab uncheck everything except the antivirus

reboot

QFT

That would be all.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 2:22:55 PM from Stardock Forums Stardock Forums

 

morpheas,

I still think he should attempt to do what I suggested on page 1. 

One thing I always try to do (if possible) is to remove the infected HD from the machine and connect it externally to a "clean" machine and run the scans from there.  Sometimes *running* malware is able to interfere with the scanners you're using to try to clean it and when you connect the HD externally to another machine the malware may not be able to run allowing for a more thorough cleaning of the infection.

the Monk

He has indicated that he is comfortable around the HARDWARE and that the notebook didn't even come with an HD in the first place.  So then he should have no issues removing the HD and performing all scans with the drive removed and connected to another "clean" machine.

just my 2 cents....

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 2:45:39 PM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

ya correct

I have a USB HD cartridge thingy. You just have to put the hard drive in.

 

My specs are

Core 2 low-voltage 1.66Ghz 32bit

1Gb RAM (odd, I can boost it, but things run fine)

256Mb Intel Family Graphics Chipset(Even weirder, I can run sins on highest, as well as many other games)

 

Spybot was running, but Avira deleted it as a threat...

I think my AV is infected...

 

I shall probably have to do the HD removal scan.

Thanks everyone.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 2:50:47 PM from WinCustomize Forums WinCustomize Forums

Quoting Syneptus,
Heh


 how does one boot windows in safe mode?

 

Safe mode accessed on start up by tapping or holding down F1 or F8 usually,either way it's one of the f keys,you sometimes see it on the boot screen at the bottom in white writing,well my pc's show it

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 2:53:00 PM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

Thanks

Something weird, my start bar and my desktop are non-functional currently. I can use Firefox though.

I think that I should restart...

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 3:23:04 PM from WinCustomize Forums WinCustomize Forums

Some nasty viruses end up breaking parts of windows regardless if you clean up the OS is never the same,time to bite the bullet  it suck's most have been there done that..lol..

 

useful freebie software you need to make use of,macrium a better replacement for "system no restore"

macrium reflect free imaging tool

http://www.macrium.com/reflectfree.asp

partition manager free

http://download.cnet.com/Partition-Wizard-Home-Edition/3000-2094_4-10962200.html?part=rb-watchlist&tag=postdlmail_b_dwnld-bttn´╗┐

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 5:42:49 PM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

Spybot found a whole bunch of things, after I got it to work...

-later-

UPLOAD IS WORKING!!!!

THANKS, KARMA TO EACH OF THE PEOPLE WHO POSTED HERE!!

thanks.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 6:02:14 PM from WinCustomize Forums WinCustomize Forums

Something interesting, XP CDs(and maybe other CDs as well) can only be installed three times before the CD corrupts. i have noticed this with Purchased CDs and burned CDs.

That sounds more like how roughly you handle the media. CDs aren't going to know how many times they have been read.

They are not psychic....

Or sentient.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 6:10:50 PM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

It is more experience rather than what happens to everyone.

For some reason a newly burned CD dies after three installs.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 7:06:32 PM from Demigod Forums Demigod Forums

Quoting the_Monk,
 

morpheas,

I still think he should attempt to do what I suggested on page 1. 



One thing I always try to do (if possible) is to remove the infected HD from the machine and connect it externally to a "clean" machine and run the scans from there.  Sometimes *running* malware is able to interfere with the scanners you're using to try to clean it and when you connect the HD externally to another machine the malware may not be able to run allowing for a more thorough cleaning of the infection.

the Monk



He has indicated that he is comfortable around the HARDWARE and that the notebook didn't even come with an HD in the first place.  So then he should have no issues removing the HD and performing all scans with the drive removed and connected to another "clean" machine.

just my 2 cents....

Yes, he should do that. The only disadvantage with this, is that that way the scanners wont be able to scan the currently running processes, because his OS on his own hard drive wont be running at the time of the scan.

So what he really should do, is run the scans first on another clean system like you said, and then run them again on his own comp.

You're right about what you said though

Quoting Syneptus,

Spybot was running, but Avira deleted it as a threat...

I think my AV is infected...

WOW, FAIL Anti-Virus FTW

Just remove this piece of crap and install a normal antivirus please

Quoting scorpNZ,

Safe mode accessed on start up by tapping or holding down F1 or F8 usually,either way it's one of the f keys,you sometimes see it on the boot screen at the bottom in white writing,well my pc's show it

Its F8....and I already told him that

Quoting Syneptus,
Thanks

Something weird, my start bar and my desktop are non-functional currently. I can use Firefox though.

I think that I should restart...

Seriously dude, If I had all these problems you currently have in your installed OS, I would format my HD ASAP

My God! You system is REALLY fucked up for real

Quoting Syneptus,
Spybot found a whole bunch of things, after I got it to work...

-later-

UPLOAD IS WORKING!!!!

THANKS, KARMA TO EACH OF THE PEOPLE WHO POSTED HERE!!

thanks.

I told you Spybot S&D is awesome, didnt I?

Now you should also run a decent Antivirus scan, and Malwarebytes.

Dont celebrate just yet. I dont think you are out of the woods completely.

That would be all.

Reason for Karma (Optional)
Successfully updated karma reason!
July 20, 2010 7:16:54 PM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

I shall continue, but Spybot actually edited the registry and found 30 things in my comp and deleted them.

My main problems are over.

I can upload and I do not get redirects.

IE is still down though.

arrrrrg

Reason for Karma (Optional)
Successfully updated karma reason!
Stardock Forums v1.0.0.0    #108432  walnut2   Server Load Time: 00:00:00.0000391   Page Render Time:
Facebook Twitter YouTube Google+