A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » The Basics
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

malware crisis



 
 
Thread Tools Display Modes
  #1  
Old June 6th 10, 02:08 AM posted to microsoft.public.windowsxp.basics
timOleary
external usenet poster
 
Posts: 147
Default malware crisis

my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.

I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped

Ads
  #2  
Old June 6th 10, 02:42 AM posted to microsoft.public.windowsxp.basics
Bruce Hagen[_2_]
external usenet poster
 
Posts: 985
Default malware crisis



"timOleary" wrote in message
...
my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.

I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped



Since you can access the Internet on your machine, download and Save the
free version of this tool.

Malwarebytes Anti-Malware
http://malwarebytes.org/

Copy it to CD and install it on your daughter's machine. Run a Full Scan.
It may take about 2 hours, but this is one good free Malware removal tool.
--
Bruce Hagen
MS-MVP [Mail]
Imperial Beach, CA

  #3  
Old June 6th 10, 02:42 AM posted to microsoft.public.windowsxp.basics
Bruce Hagen[_2_]
external usenet poster
 
Posts: 985
Default malware crisis




"timOleary" wrote in message
...
my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.

I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped



Since you can access the Internet on your machine, download and Save the
free version of this tool.

Malwarebytes Anti-Malware
http://malwarebytes.org/

Copy it to CD and install it on your daughter's machine. Run a Full Scan.
It may take about 2 hours, but this is one good free Malware removal tool.
--
Bruce Hagen
MS-MVP [Mail]
Imperial Beach, CA

  #4  
Old June 6th 10, 03:32 AM posted to microsoft.public.windowsxp.basics
Elmo[_2_]
external usenet poster
 
Posts: 1,260
Default malware crisis

timOleary wrote:
My daughter's Dell Optiplex gx620 XP Pro
Malware attack has rendered her PC unusable. IE keeps trying to
connect to the ISP but can't. Three popups frozen on the screen.
Security warnings..
She has Norton av but ran it and it did nothing but see two threats.
No can fix.
I was able to transfer her most valued data over to an external hdd,
but now short of reformatting and reinstalling Windows, I am at a
loss.
Maybe there is a bootable solution? On my pc, I got Verizon internet
security suite and I bought Superantispyware, and have yet to
experience a hit.

I know this email will elicit a bunch of crackpots spoofing legit
advice, but I need to get some help for her.
That she can no longer connect to the i-net has me stumped.


Download this Avira Antivir Rescue System program which will burn a CD
image to a blank CD. It's updated a few times per day. Insert the CD
into the damaged machine and let it do a scan of your system. Before
starting the scan, select "Configuration" and set to repair or rename
the infected files. Sometimes your machine won't restart after such a
repair process, so you might want to save needed files to another system
before using this. If you can't, then you can move the hard drive to
another machine to copy needed files. You can do that before, or after
this scan.

http://www.free-av.com/en/tools/12/a...ue_system.html

Then run these:

Malwarebytes© Corporation
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

SuperAntispyware
http://www.superantispyware.com/supe...freevspro.html

AVG now has a Rescue CD that's free. They also have a free USB download
that should work on newer systems that can boot from a USB device. Get
them he

http://www.avg.com/us-en/avg-rescue-cd

You can try some of the CD's mentioned at the following site.
BitDefender was my favorite, but if the infected machine can't connect
to the internet to get updates, Avira comes with current virus
definitions. Also, some of these just won't run on some systems,
perhaps because there's no drivers available for some system devices,
motherboard, graphics card, etc. So try a few of these till you find
one that works:

Burn BitDefender, or another program listed at the link below, to a CD
(using a working machine) and test the infected machine with it.
BitDefender also has a Rootkit checker on the Linux Desktop; run it if
you think that's the problem:

http://www.techmixer.com/free-bootab...download-list/

Download the executable rather than the .iso image, if one is available,
(though no .exe is available for BitDefender).

After the scan is run, if you elect to quarantine files, they're
quarantined to RAM and lost after you reboot. You'll need to copy any
quarantined files to the hard drive, a thumb drive or elsewhere before
exiting.

Afterwards, open Internet Options, Connections tab, click "Lan Settings"
button, deselect all.

--

Joe =o)
  #5  
Old June 6th 10, 03:32 AM posted to microsoft.public.windowsxp.basics
Elmo[_2_]
external usenet poster
 
Posts: 1,260
Default malware crisis

timOleary wrote:
My daughter's Dell Optiplex gx620 XP Pro
Malware attack has rendered her PC unusable. IE keeps trying to
connect to the ISP but can't. Three popups frozen on the screen.
Security warnings..
She has Norton av but ran it and it did nothing but see two threats.
No can fix.
I was able to transfer her most valued data over to an external hdd,
but now short of reformatting and reinstalling Windows, I am at a
loss.
Maybe there is a bootable solution? On my pc, I got Verizon internet
security suite and I bought Superantispyware, and have yet to
experience a hit.

I know this email will elicit a bunch of crackpots spoofing legit
advice, but I need to get some help for her.
That she can no longer connect to the i-net has me stumped.


Download this Avira Antivir Rescue System program which will burn a CD
image to a blank CD. It's updated a few times per day. Insert the CD
into the damaged machine and let it do a scan of your system. Before
starting the scan, select "Configuration" and set to repair or rename
the infected files. Sometimes your machine won't restart after such a
repair process, so you might want to save needed files to another system
before using this. If you can't, then you can move the hard drive to
another machine to copy needed files. You can do that before, or after
this scan.

http://www.free-av.com/en/tools/12/a...ue_system.html

Then run these:

Malwarebytes© Corporation
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

SuperAntispyware
http://www.superantispyware.com/supe...freevspro.html

AVG now has a Rescue CD that's free. They also have a free USB download
that should work on newer systems that can boot from a USB device. Get
them he

http://www.avg.com/us-en/avg-rescue-cd

You can try some of the CD's mentioned at the following site.
BitDefender was my favorite, but if the infected machine can't connect
to the internet to get updates, Avira comes with current virus
definitions. Also, some of these just won't run on some systems,
perhaps because there's no drivers available for some system devices,
motherboard, graphics card, etc. So try a few of these till you find
one that works:

Burn BitDefender, or another program listed at the link below, to a CD
(using a working machine) and test the infected machine with it.
BitDefender also has a Rootkit checker on the Linux Desktop; run it if
you think that's the problem:

http://www.techmixer.com/free-bootab...download-list/

Download the executable rather than the .iso image, if one is available,
(though no .exe is available for BitDefender).

After the scan is run, if you elect to quarantine files, they're
quarantined to RAM and lost after you reboot. You'll need to copy any
quarantined files to the hard drive, a thumb drive or elsewhere before
exiting.

Afterwards, open Internet Options, Connections tab, click "Lan Settings"
button, deselect all.

--

Joe =o)
  #6  
Old June 6th 10, 04:29 AM posted to microsoft.public.windowsxp.basics
Peter Foldes[_8_]
external usenet poster
 
Posts: 181
Default malware crisis

Tim

Do exactly as Bruce posted but also use SAS after Malwarebytes just to make sure we
get everything

Bruce already gave you this
MalwareBytes
http://www.malwarebytes.com/

After the above use this one also
SuperAntiSpyware
http://www.superantispyware.com/

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.
http://www.microsoft.com/protect

"timOleary" wrote in message
...
my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.

I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped


  #7  
Old June 6th 10, 04:29 AM posted to microsoft.public.windowsxp.basics
Peter Foldes[_8_]
external usenet poster
 
Posts: 181
Default malware crisis

Tim

Do exactly as Bruce posted but also use SAS after Malwarebytes just to make sure we
get everything

Bruce already gave you this
MalwareBytes
http://www.malwarebytes.com/

After the above use this one also
SuperAntiSpyware
http://www.superantispyware.com/

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.
http://www.microsoft.com/protect

"timOleary" wrote in message
...
my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.

I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped


  #8  
Old June 6th 10, 02:12 PM posted to microsoft.public.windowsxp.basics
Daave[_8_]
external usenet poster
 
Posts: 2,461
Default malware crisis

timOleary wrote:
my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.

I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped


First off, in the event that your daughter's PC is severely compromised,
the easiest, quickest, and best solution *is* to perform a Clean
Install.

It is important to determine just how bad the malware is. It is possible
that although the Web browser cannot connect, that Internet connectivity
still exists. Bring up a command prompt and ping the following address
to check:

72.14.204.103 (one of Google's addresses)

Also, post back with exact symptoms, including the complete text of all
the popup messages you see on the screen. I like the idea posted by
others to use your PC to download MBAM and install it onto hers (it may
not work, but it's certainly worth a try). It might be necessary to boot
to Safe Mode.

Depending on the malware, there may be specific strategies for it. For
example, often MBAM needs to be renamed or otherwise altered.

This site has a wealth of information:

http://www.bleepingcomputer.com/

On the left, you'll see a box containing "Latest Malware Removal
Guides." Again, when you give us specific information with regard to
which malware she has, we can help guide you to the correct guide to
use. Just so you get an idea what one looks like, see this one:

http://www.bleepingcomputer.com/viru...security-suite


  #9  
Old June 6th 10, 02:12 PM posted to microsoft.public.windowsxp.basics
Daave[_8_]
external usenet poster
 
Posts: 2,461
Default malware crisis

timOleary wrote:
my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.

I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped


First off, in the event that your daughter's PC is severely compromised,
the easiest, quickest, and best solution *is* to perform a Clean
Install.

It is important to determine just how bad the malware is. It is possible
that although the Web browser cannot connect, that Internet connectivity
still exists. Bring up a command prompt and ping the following address
to check:

72.14.204.103 (one of Google's addresses)

Also, post back with exact symptoms, including the complete text of all
the popup messages you see on the screen. I like the idea posted by
others to use your PC to download MBAM and install it onto hers (it may
not work, but it's certainly worth a try). It might be necessary to boot
to Safe Mode.

Depending on the malware, there may be specific strategies for it. For
example, often MBAM needs to be renamed or otherwise altered.

This site has a wealth of information:

http://www.bleepingcomputer.com/

On the left, you'll see a box containing "Latest Malware Removal
Guides." Again, when you give us specific information with regard to
which malware she has, we can help guide you to the correct guide to
use. Just so you get an idea what one looks like, see this one:

http://www.bleepingcomputer.com/viru...security-suite


  #10  
Old June 7th 10, 03:39 AM posted to microsoft.public.windowsxp.basics
Gary Richtmeyer[_4_]
external usenet poster
 
Posts: 11
Default malware crisis

On 6/5/2010 9:08 PM, timOleary wrote:
my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.

I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped


Depending on which malware is involved and how long ago the PC was
infected, you might want to try using System Restore (SR) to restore the
system to before the infection occurred. Some malware prevent you from
invoking SR so you may have to do it from safe mode.

Also, some malware will remove/corrupt the restore points preventing SR
from working, but I'd give it a try before doing a reinstall.

Gary Richtmeyer
  #11  
Old June 7th 10, 03:39 AM posted to microsoft.public.windowsxp.basics
Gary Richtmeyer[_4_]
external usenet poster
 
Posts: 11
Default malware crisis

On 6/5/2010 9:08 PM, timOleary wrote:
my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.

I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped


Depending on which malware is involved and how long ago the PC was
infected, you might want to try using System Restore (SR) to restore the
system to before the infection occurred. Some malware prevent you from
invoking SR so you may have to do it from safe mode.

Also, some malware will remove/corrupt the restore points preventing SR
from working, but I'd give it a try before doing a reinstall.

Gary Richtmeyer
  #12  
Old June 7th 10, 04:47 AM posted to microsoft.public.windowsxp.basics
timOleary
external usenet poster
 
Posts: 147
Default malware crisis

On Jun 6, 10:39*pm, Gary Richtmeyer glricht-
wrote:
On 6/5/2010 9:08 PM, timOleary wrote:





my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.


I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped


Depending on which malware is involved and how long ago the PC was
infected, you might want to try using System Restore (SR) to restore the
system to before the infection occurred. *Some malware prevent you from
invoking SR so you may have to do it from safe mode.

Also, some malware will remove/corrupt the restore points preventing SR
from working, but I'd give it a try before doing a reinstall.

Gary Richtmeyer


Thanks for all the feedback.
I tried F8 and to go back to the last known good configuration which
did not work.
Safe mode was also infected.
We will do a test ping and a screen shot and report back.
v/r
timO

  #13  
Old June 7th 10, 04:47 AM posted to microsoft.public.windowsxp.basics
timOleary
external usenet poster
 
Posts: 147
Default malware crisis

On Jun 6, 10:39*pm, Gary Richtmeyer glricht-
wrote:
On 6/5/2010 9:08 PM, timOleary wrote:





my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.


I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped


Depending on which malware is involved and how long ago the PC was
infected, you might want to try using System Restore (SR) to restore the
system to before the infection occurred. *Some malware prevent you from
invoking SR so you may have to do it from safe mode.

Also, some malware will remove/corrupt the restore points preventing SR
from working, but I'd give it a try before doing a reinstall.

Gary Richtmeyer


Thanks for all the feedback.
I tried F8 and to go back to the last known good configuration which
did not work.
Safe mode was also infected.
We will do a test ping and a screen shot and report back.
v/r
timO

  #14  
Old June 8th 10, 02:14 AM posted to microsoft.public.windowsxp.basics
timOleary
external usenet poster
 
Posts: 147
Default malware crisis

On Jun 6, 11:47*pm, timOleary wrote:
On Jun 6, 10:39*pm, Gary Richtmeyer glricht-





wrote:
On 6/5/2010 9:08 PM, timOleary wrote:


my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.


I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped


Depending on which malware is involved and how long ago the PC was
infected, you might want to try using System Restore (SR) to restore the
system to before the infection occurred. *Some malware prevent you from
invoking SR so you may have to do it from safe mode.


Also, some malware will remove/corrupt the restore points preventing SR
from working, but I'd give it a try before doing a reinstall.


Gary Richtmeyer


Thanks for all the feedback.
I tried F8 and to go back to the last known good configuration which
did not work.
Safe mode was also infected.
We will do a test ping and a screen shot and report back.
v/r
timO


She used the AVG rescue download to burn a CD, ran it, and the crap
disappeared. Now she says the PC is unable to find the router.
But she's working on it
  #15  
Old June 8th 10, 02:14 AM posted to microsoft.public.windowsxp.basics
timOleary
external usenet poster
 
Posts: 147
Default malware crisis

On Jun 6, 11:47*pm, timOleary wrote:
On Jun 6, 10:39*pm, Gary Richtmeyer glricht-





wrote:
On 6/5/2010 9:08 PM, timOleary wrote:


my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.


I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped


Depending on which malware is involved and how long ago the PC was
infected, you might want to try using System Restore (SR) to restore the
system to before the infection occurred. *Some malware prevent you from
invoking SR so you may have to do it from safe mode.


Also, some malware will remove/corrupt the restore points preventing SR
from working, but I'd give it a try before doing a reinstall.


Gary Richtmeyer


Thanks for all the feedback.
I tried F8 and to go back to the last known good configuration which
did not work.
Safe mode was also infected.
We will do a test ping and a screen shot and report back.
v/r
timO


She used the AVG rescue download to burn a CD, ran it, and the crap
disappeared. Now she says the PC is unable to find the router.
But she's working on it
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 06:04 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.