Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

My virus, trojan, malware experience..and resolution
03/29/2011 | Professional

Posted on 03/29/2011 11:26:05 AM PDT by Professional

Last week I got hit with a nasty set of viruses, malware, and trojans.

One of the first things I did, was to check out Freerepublic to get some free advice. Unfortunately, it didn't help much, so I've decided to try and add some value here for folks that have something similar happen to them.

My problems began, by using Google searches for information pertaining to the Japan Earthquake. Now, I suspect that part of these internet virus scams, is to embed the trouble in searches that are very popular at any given time.

I took the advice of this forum, and downloaded malwarebytes. Sure enough, it helped identify a bunch of the stuff, some that my avira virus scan could not detect. So, after identifying the problems, they were removed. I also did a system restore going back a few days in time, beyond the origination of the trouble.

Trouble is, that each time I restarted the computer, I got more viruses, etc. I also could no longer contact microsoft updates, it was being blocked. My browser was being hijacked, and I was getting all sorts of websites redirected, mostly about a survey and a free walmart gift card. While the computer ran, eventually I got a message reporting problems to WIN32 being shut down. This turned out to be a huge problem, because that would shut down the msft security center!

I did some searches about viruses, and that only brought me to MORE plague filled pages. This is a huge RISK, DO NOT DO SEARCHES about viruses!! Many fake leads using key words, then you wind up with more trouble than you started with.

I downloaded Microsoft Security essentials on another computer and put it on a thumb drive. I ran the program on the infected computer, but it could not solve the win32 problem, and I still could not use the internet to contact microsoft.

Ok, now I'm into this like 3 days, and I'm really, really getting ticked off. Nothing is working, and I'm about to call a guy and pay him to fix the computer. My concern there, is that they almost always just wipe out your computer, and give you a few of your old files back.... In my case, that means an enormous amount of work that I'd rather avoid.

Finally, I use the other computer to browse microsoft website about viruses. There was a toll free number available, so I gave it a shot, figuring that would be a long, long hold.... No, it rang straight through to Bombay. Raj does a remote takeover of my computer, and runs into one obstacle after the next. Finally he finds a way to get through, and do a virus scan. After 1/2 an hour or more....my computer is supposedly "clean". I get disconnected, and I go home and go to bed. But, Microsoft doesn't give up that easy. By Monday morning, I've gotten 2-3 emails at yahoo, and two voice mails at my office. Next thing you know, Bombay is calling me again.

Now, I've got one of their experts. He takes the computer over again, and this time he fixes the busted windows registry stuff. That was the heart of the problem. Once that was completed, I ran a few more virus checks, and did a msft update and got the system fully up and running again.

I'm very pleased with how microsoft helped me. I should have gone straight to them, and in the future that is what I'm going to do!

Right now, I have a paid computer expert in my office, and he's analyzing our operation. We have service through comcast, and he informs me... that norton antivirus is FREE, full version, due to our business with comcast. We were not aware of this.

I hope my description above is helpful for all freepers.


TOPICS: Computers/Internet
KEYWORDS: computerhelp; computers; computersvirus; exploits; malware; microsoft; trojans; virus
Navigation: use the links below to view more comments.
first previous 1-5051-100101-115 last
To: Eaker

Yes but it has to be burned as an iso image you cant just burn the files to disc. What ever burner you use just look in tools and you should see burn disc image or burn image. Ok go here this explains how to burn an image to disc.
By the way puppy is a great distro very easy but I would stay away from it till you get to know some of the in’s and out’s of linux puppy boots into root and you can delete or damage files on your computer it is great tho if you need to recover files off a damaged system or one that is locked down. Like games check out the Linux Gamers.

http://www.puppylinux.com/cd-puppy.htm

http://distrowatch.com/table.php?distribution=linuxgamers


101 posted on 03/30/2011 7:46:25 AM PDT by Lees Swrd ("Arms discourage and keep the invader and plunderer in awe and preserve order in the world as well")
[ Post Reply | Private Reply | To 99 | View Replies]

To: Lees Swrd; Eaker; Professional; All

My 2 cents...

Was using an AV program recommended to me by a Navy LCDR with a masters in computer tech. He said Clam Win was great so downloaded it as freeware. Never a problem and it caught stuff every so often, and I was always able to get rid of the nasties.

Reading the posts above, no one even mentioned Clam Win so I figured maybe I’d better upgrade to Kaspersky and pay for some “real” protection.

Scanned my entire system with the Kaspersky AV and it found nothing as well. No worries. But it does have better options and will use it until license expires in a year.

Spybot runs on my system as well.


102 posted on 03/30/2011 8:45:40 AM PDT by tongue-tied
[ Post Reply | Private Reply | To 101 | View Replies]

To: AbolishCSEU
Sometimes you have to rename the .exe to .com to trick it into running in safe mode with networking.

I had to use hijackthis to find the crap and killbox to get it before it re-spawned. I had one called Aurora a couple of years ago. It would just rename its files on restart. Vaguely remember using about five different programs to get everything.

103 posted on 03/30/2011 9:02:08 AM PDT by Stentor ( "All cults of personality begin as high drama and end as low comedy.")
[ Post Reply | Private Reply | To 60 | View Replies]

To: tongue-tied

I didnt know Clam AV had a Windows version of course it might not be the same as I am thinking of, if it is it would be a good choice. The Clam I am thinking of is used on Unix systems wonder if it is the same.


104 posted on 03/30/2011 9:07:01 AM PDT by Lees Swrd ("Arms discourage and keep the invader and plunderer in awe and preserve order in the world as well")
[ Post Reply | Private Reply | To 102 | View Replies]

To: Lees Swrd

Not sure, he just recommended searching for ClamWin.

http://www.clamwin.com/

Found it using Google. I wonder if it is someway tied together?


105 posted on 03/30/2011 9:11:06 AM PDT by tongue-tied
[ Post Reply | Private Reply | To 104 | View Replies]

To: Lees Swrd

ClamWin Free Antivirus is based on ClamAV engine and uses GNU General Public License by the Free Software Foundation, and is free (as in freedom) software.

Yep it is. From the site I linked.


106 posted on 03/30/2011 9:12:43 AM PDT by tongue-tied
[ Post Reply | Private Reply | To 104 | View Replies]

To: Stentor

been there and done that. especially if it’s a rootkit


107 posted on 03/30/2011 9:16:19 AM PDT by AbolishCSEU (Percentage of Income in CS is inversely proportionate to Mother's parenting of children)
[ Post Reply | Private Reply | To 103 | View Replies]

To: tongue-tied

I did the same yep same Clam I never used it but I am sure it is good as most Unix, Linux systems use it . Here is one I recommend to most people as you boot it up without starting your system that way it can find and delete files also has many other uses such as reset Win passwords and yes it does work lol.

http://trinityhome.org/Home/index.php?content=TRINITY_RESCUE_KIT____CPR_FOR_YOUR_COMPUTER&front_id=12&lang=en&locale=en/

Short list of some things Trinity does.

-easily reset windows passwords with the improved winpass tool
-simple and easy menu interface
-5 different virusscan products integrated in a single uniform commandline with online update capability
-full ntfs write support thanks to ntfs-3g
-winclean, a utility that cleans up all sorts of unnecessary temporary files on your computer.
-clone computers over the network via multicast.
-wide range of hardware support (kernel 2.6.35 )
-contributed backup utility called “pi”, to automate local machine backups
-easy script to find and mount all local filesystems
-self update capability to include and update all virusscanners + local changes you made to TRK.
-full proxyserver support.
-run a samba fileserver (windows like filesharing)
-run a ssh server
-recovery and undeletion of files with utilities and procedures
-recovery of lost partitions
-evacuation of dying disks
-full read/write and rpm support
-UTF-8 international character support (select keyboard language from the scrollable textmenu at startup)
-2 rootkit detection uitilities
-most software updated to recent versions
-literally thousands of changes and bugfixes since version 3.3
-elaborated documentation, including manpages for all commands (also TRK ‘s own)


108 posted on 03/30/2011 9:40:55 AM PDT by Lees Swrd ("Arms discourage and keep the invader and plunderer in awe and preserve order in the world as well")
[ Post Reply | Private Reply | To 106 | View Replies]

To: roamer_1
Thanks for your advice.

Active X controls in IE can be turned off from Internet Options > Security > Custom Level...

109 posted on 03/30/2011 1:55:11 PM PDT by The Truth Will Make You Free
[ Post Reply | Private Reply | To 66 | View Replies]

To: Professional

I still don’t believe you can catch a virus from visiting a page (or I would have caught them long ago), not with Avast warning system.

Anyway, update: I said goodbye to Zone Alarm firewall which I installed yesterday, when I discovered that it apparently prevented Avast from daily updating its database.


110 posted on 03/30/2011 2:05:51 PM PDT by Revolting cat! (Let us prey!)
[ Post Reply | Private Reply | To 39 | View Replies]

To: davetex; Squantos

>>Get Carbonite, you’ll never lose anything.<<

When I first read that I thought it said, “Get Cordite, you’ll never lose anything. LOL


111 posted on 03/30/2011 4:27:18 PM PDT by B4Ranch (Allowing Islam into America is akin to injecting yourself with AIDS to prove how tolerant you are .)
[ Post Reply | Private Reply | To 10 | View Replies]

To: B4Ranch

I’ve heard through certain “friends” that works too.


112 posted on 03/30/2011 4:55:58 PM PDT by davetex (All my weapons got melted by a meteor!! No Sh*t)
[ Post Reply | Private Reply | To 111 | View Replies]

To: Professional

I suspect when the time comes - I’ll have the motivation... just like you did. Thanks for checking.


113 posted on 03/30/2011 7:14:53 PM PDT by GOPJ (http://hisz.rsoe.hu/alertmap/index2.php - It's only uncivil when someone on the right does it.- Laz)
[ Post Reply | Private Reply | To 87 | View Replies]

To: Professional

Ok, so now it is a few days later.

After stumbling upon the ability to “update” windows xp on my computer, WITHOUT having to wipe out other programs and files, I have done that to the other two computers in my office/network.

The only problem, was that it installed IE Explorer 6 onto the computer, wiping out IE 7. So, I simply had it re installed. Warning, in one case, there was no internet connection at all, so I needed to do a thumb drive install from one computer to the next. There’s a benefit in having two puters in one place for sure...

Reinstalling the operating system did require me to go to Windows update, and it wound up with over 80 updates, so that takes a bit of time. About 45 minutes I’d say.

The big benefit for me, was these three computers which had always been really slow and awful, all of a sudden have really good speed/performance. So, I’ve concluded that the independant guy I bought them from, did something wrong on the install, and even though I paid/begged him to figure out what was wrong, he never did figure it out, and showed little interest in satisfying us as a customer. Lesson learned! Always test the computer BEFORE you buy it.


114 posted on 03/31/2011 12:14:46 PM PDT by Professional
[ Post Reply | Private Reply | To 1 | View Replies]

To: tongue-tied

Here is something new I just found AVIRA Anti Virus. I am downloading now it comes as an ISO or a Windows EXE file.
Thought it might interest you.

http://www.avira.com/en/support-download-avira-antivir-rescue-system


115 posted on 04/01/2011 1:49:17 PM PDT by Lees Swrd ("Arms discourage and keep the invader and plunderer in awe and preserve order in the world as well")
[ Post Reply | Private Reply | To 106 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-5051-100101-115 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson