![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Entry tags:
computer update
I've been running Spybot almost non-stop (alternating between Safe Mode and a regular boot), and I've removed almost all of the malware. A couple of the things seem to keep coming back, even though a run of Spybot will claim to have removed/"fixed" all of them. I'll even boot to Safe Mode, run Spybot and have it give my computer a clean bill of health, but then the next time I restart the computer, the shit is already back on there.
What keeps showing up is PWS.LDPinchIE, Smitfraud-C.gp, and Win32.Qhost.abh. I've already googled them all, and they look like really horrible terrible things that are going to be a real pain in my arse to remove and it kind of makes me want to cry a little bit. In all honesty I'm thinking of just saying screw it and going for the total reformat... although I'm afraid that they'd fucking stay in my registry.
That's the problem -- they seem to be in my registry files. And there's one thing in the Smitfraud virus that Spybot can't seem to remove, at all. There's a Smitfraud removal program available for free on the internet but forgive me if I'm a little nervous right now about just Googling and downloading shit without knowing whether it's kosher.
Here are the other indicators I've got going on:
- The computer takes an extremely abnormal time to log in after I put in my password. (Both in Safe Mode and regular boot)
- Sometimes when I restart the computer (normal mode) I have no desktop icons or anything. I have to go in to Task Manager, terminate Explorer, and then re-run Explorer to get my desktop to load. After I do this, though, my desktop [icons, toolbar, etc] loads normally.
- I continually get the Windows prompt telling me "No connection to the Internet is currently available [work offline] [try again]" -- without me doing anything connected to the internet. So something is still running in the background and attempting to connect to the Internet.
- IE does not run. I try to open it and a window pops up, but the program immediately closes.
- The computer isn't connecting to the Internet. I gave in and plugged it back in, hoping that I could install AdAware (and some of the other virus/spyware links I had) and then disconnect it -- but the computer couldn't get onto the internet at all. IE closes instantly after I open it, and Firefox cannot connect. (The modem seems to be fine because the laptop can find the wireless - hence this entry - although I've been disabling the wireless every time I try to plug in the other computer. Anyway, I don't think it's the cable.)
- All the problems the damn thing has been finding are in the registry. I think this is why they keep reinstalling.
Anyway. Things are much better... but the computer's still pretty unuseable. Without Internet I cannot even install AdAware. Tomorrow I'm going to move on to some other free spyware/virus software in the hopes that (a) it will agree to run off of a CD and (b) it might be better. I've got a set of links saved in my browser on this computer that I'm hoping will help. Next step is to purchase a Norton Badass AntiStuff Kit and kick the computer's ass with that. After that I might just throw myself out the window.
What keeps showing up is PWS.LDPinchIE, Smitfraud-C.gp, and Win32.Qhost.abh. I've already googled them all, and they look like really horrible terrible things that are going to be a real pain in my arse to remove and it kind of makes me want to cry a little bit. In all honesty I'm thinking of just saying screw it and going for the total reformat... although I'm afraid that they'd fucking stay in my registry.
That's the problem -- they seem to be in my registry files. And there's one thing in the Smitfraud virus that Spybot can't seem to remove, at all. There's a Smitfraud removal program available for free on the internet but forgive me if I'm a little nervous right now about just Googling and downloading shit without knowing whether it's kosher.
Here are the other indicators I've got going on:
- The computer takes an extremely abnormal time to log in after I put in my password. (Both in Safe Mode and regular boot)
- Sometimes when I restart the computer (normal mode) I have no desktop icons or anything. I have to go in to Task Manager, terminate Explorer, and then re-run Explorer to get my desktop to load. After I do this, though, my desktop [icons, toolbar, etc] loads normally.
- I continually get the Windows prompt telling me "No connection to the Internet is currently available [work offline] [try again]" -- without me doing anything connected to the internet. So something is still running in the background and attempting to connect to the Internet.
- IE does not run. I try to open it and a window pops up, but the program immediately closes.
- The computer isn't connecting to the Internet. I gave in and plugged it back in, hoping that I could install AdAware (and some of the other virus/spyware links I had) and then disconnect it -- but the computer couldn't get onto the internet at all. IE closes instantly after I open it, and Firefox cannot connect. (The modem seems to be fine because the laptop can find the wireless - hence this entry - although I've been disabling the wireless every time I try to plug in the other computer. Anyway, I don't think it's the cable.)
- All the problems the damn thing has been finding are in the registry. I think this is why they keep reinstalling.
Anyway. Things are much better... but the computer's still pretty unuseable. Without Internet I cannot even install AdAware. Tomorrow I'm going to move on to some other free spyware/virus software in the hopes that (a) it will agree to run off of a CD and (b) it might be better. I've got a set of links saved in my browser on this computer that I'm hoping will help. Next step is to purchase a Norton Badass AntiStuff Kit and kick the computer's ass with that. After that I might just throw myself out the window.
no subject
Risks you run: if the nasties are deeply entrenched, it may rip holes in your operating system. This hasn't been a problem for me, but someone else complained of it. Personally, I'd go for it at this point, but me and my dad were confident of our ability to build my system back up and recover files.
no subject
no subject
no subject
no subject
Then I bought a Mac and I have never had a virus.
Um. If you can't solve the problem, buy a mac? >.> I mean, at least consider it before throwing yourself out a window. >.>
no subject
I gave him the Firefox talk last night. "Look, honey, I know you don't really care, but all these websites say that Firefox is way more secure than IE, so maybe in the future, you could try to use that?"
guess who was browsing the computer when IT happened. hint: wasn't me.
no subject
no subject
no subject
You can do it. Don't give up hope. It can be beaten. Though this appears to be a mutated version of what I dealt with. Egads.
And some free software:
Spybot Search & Destroy
no subject
no subject
It's also extremely dangerous just because of how easy it makes it to delete anything set to start when Windows does, so be careful with it.
no subject
no subject
no subject
no subject
piratedcopy on another computer, I have it. Srsly, computer retard here. So how do I know if they're important? Or can I just delete them?no subject
Basically, use that website to test the filename you want to delete. If it says "Oh hey this is a crucial file to running your operating system" that means whatever malware you had corrupted an important registry key, and you're SOL. Your best hope is either to hope Norton can repair registry files and/or reformat (bleh).
If that website spits out a "what the hell is this?" or "hey, that's malware" then hit that delete button on your registry cleaning program without even thinking twice about it.*
*edit the 1: this might actually result in you having to reinstall various SOFTWARE on your computer, if, say, it's a registry key needed by photoshop, or mozilla, or trillian, or whatever. But re-installing software is relatively painless compared to reinstalling your OS, so hey. As long as it's not a core file? Baaaaleeetion, baby.
no subject
(1) if the virus is "in" the registry file, and I try to copy various files over to my external hard drive (in safe mode), do I risk transferring the virus? If I copy the files over and then promptly scan the shit out of the external drive? Or are ALL my files SOL if I can't get rid of the virus?
(2) If I reformat, will that DEFINITELY get rid of the little bitch?
Answers, and a bit of a scolding because you ain't listenin', girl!
The second thing - about your external HD - if you want to save your files and then reformat your computer, that is pretty much the only way you can do it. Viruses need your computer to run, they can't run off of your hard drive alone. So ... you might copy the infected file onto your external HD, but as long as you don't plug that external HD back into your computer before you've put Norton Big Wall of Security on it, then you should be okay. If you plug your theoretically virus-carrying HD back into your fully-protected computer, Norton will kill the virus before it hits your computer's OS. Just remember - make sure Norton is scanning your HD as soon as you plug it into your healed computer.
Save your files to your external HD, format your computer, reinstall the system completely, get all the latest state-of-the-art firewall/virus protection shit + Windows service packs / patches / etc (same goes for your browsers), and THEN plug your external HD back into your computer. The most important thing is that you do the reformatting / reinstallation of your computer COMPLETELY OFFLINE, install Norton COMPLETELY OFFLINE, then get the service packs / Norton virus updates ONLINE (*while* your firewall is up), go OFFLINE AGAIN, install everything completely, and THEN plug in your HD and scan it. WHILE YOU'RE OFFLINE!
I can't stress this enough: 90% of what you do should be offline. Period. The only point in time you should be going online with your computer in this process is to get the security pack and viral updates. Other than that, make sure you are completely disconnected from the internet until your computer is 100% working again.
Reformatting, even repartitioning your HD, will "cure" your computer for 100% sure. A virus can't physically change your hardware and all what reformatting is is wiping your hardware completely clean. If it doesn't work for some reason, either
A) you connected to the internet before it was done, you bad girl
B) you didn't install Norton / didn't get the latest updates before you connected to the internet, you bad girl
C) it's a virus the rest of the world has never seen the likes of before yet and we should all panic
Okay, one last recap:
#1 Priority: Norton Internet Security 2008 on a disc. Like, yesterday.
#2 Priority: Work OFFLINE. OFF. LINE. No free stuff downloads to 'hope' you can cure your computer. Bite that bullet, work OFFLINE!
Re: Answers, and a bit of a scolding because you ain't listenin', girl!
And it never really reconnected to the Internet anyway. Which was pretty sucky overall.
Re: Answers, and a bit of a scolding because you ain't listenin', girl!
2009 you might have options, when your Norton license expires, as long as you shopped for good freeware before then. Right now, though, I'm afraid you gotta spend the money on a commercial product.
Or make your friend spend the money on a commercial product for you, since he gave you jacky crap advice. ;P
Re: Answers, and a bit of a scolding because you ain't listenin', girl!