computer update
Apr. 13th, 2008 09:16 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
seventheI've been running Spybot almost non-stop (alternating between Safe Mode and a regular boot), and I've removed almost all of the malware. A couple of the things seem to keep coming back, even though a run of Spybot will claim to have removed/"fixed" all of them. I'll even boot to Safe Mode, run Spybot and have it give my computer a clean bill of health, but then the next time I restart the computer, the shit is already back on there.
What keeps showing up is PWS.LDPinchIE, Smitfraud-C.gp, and Win32.Qhost.abh. I've already googled them all, and they look like really horrible terrible things that are going to be a real pain in my arse to remove and it kind of makes me want to cry a little bit. In all honesty I'm thinking of just saying screw it and going for the total reformat... although I'm afraid that they'd fucking stay in my registry.
That's the problem -- they seem to be in my registry files. And there's one thing in the Smitfraud virus that Spybot can't seem to remove, at all. There's a Smitfraud removal program available for free on the internet but forgive me if I'm a little nervous right now about just Googling and downloading shit without knowing whether it's kosher.
Here are the other indicators I've got going on:
- The computer takes an extremely abnormal time to log in after I put in my password. (Both in Safe Mode and regular boot)
- Sometimes when I restart the computer (normal mode) I have no desktop icons or anything. I have to go in to Task Manager, terminate Explorer, and then re-run Explorer to get my desktop to load. After I do this, though, my desktop [icons, toolbar, etc] loads normally.
- I continually get the Windows prompt telling me "No connection to the Internet is currently available [work offline] [try again]" -- without me doing anything connected to the internet. So something is still running in the background and attempting to connect to the Internet.
- IE does not run. I try to open it and a window pops up, but the program immediately closes.
- The computer isn't connecting to the Internet. I gave in and plugged it back in, hoping that I could install AdAware (and some of the other virus/spyware links I had) and then disconnect it -- but the computer couldn't get onto the internet at all. IE closes instantly after I open it, and Firefox cannot connect. (The modem seems to be fine because the laptop can find the wireless - hence this entry - although I've been disabling the wireless every time I try to plug in the other computer. Anyway, I don't think it's the cable.)
- All the problems the damn thing has been finding are in the registry. I think this is why they keep reinstalling.
Anyway. Things are much better... but the computer's still pretty unuseable. Without Internet I cannot even install AdAware. Tomorrow I'm going to move on to some other free spyware/virus software in the hopes that (a) it will agree to run off of a CD and (b) it might be better. I've got a set of links saved in my browser on this computer that I'm hoping will help. Next step is to purchase a Norton Badass AntiStuff Kit and kick the computer's ass with that. After that I might just throw myself out the window.
What keeps showing up is PWS.LDPinchIE, Smitfraud-C.gp, and Win32.Qhost.abh. I've already googled them all, and they look like really horrible terrible things that are going to be a real pain in my arse to remove and it kind of makes me want to cry a little bit. In all honesty I'm thinking of just saying screw it and going for the total reformat... although I'm afraid that they'd fucking stay in my registry.
That's the problem -- they seem to be in my registry files. And there's one thing in the Smitfraud virus that Spybot can't seem to remove, at all. There's a Smitfraud removal program available for free on the internet but forgive me if I'm a little nervous right now about just Googling and downloading shit without knowing whether it's kosher.
Here are the other indicators I've got going on:
- The computer takes an extremely abnormal time to log in after I put in my password. (Both in Safe Mode and regular boot)
- Sometimes when I restart the computer (normal mode) I have no desktop icons or anything. I have to go in to Task Manager, terminate Explorer, and then re-run Explorer to get my desktop to load. After I do this, though, my desktop [icons, toolbar, etc] loads normally.
- I continually get the Windows prompt telling me "No connection to the Internet is currently available [work offline] [try again]" -- without me doing anything connected to the internet. So something is still running in the background and attempting to connect to the Internet.
- IE does not run. I try to open it and a window pops up, but the program immediately closes.
- The computer isn't connecting to the Internet. I gave in and plugged it back in, hoping that I could install AdAware (and some of the other virus/spyware links I had) and then disconnect it -- but the computer couldn't get onto the internet at all. IE closes instantly after I open it, and Firefox cannot connect. (The modem seems to be fine because the laptop can find the wireless - hence this entry - although I've been disabling the wireless every time I try to plug in the other computer. Anyway, I don't think it's the cable.)
- All the problems the damn thing has been finding are in the registry. I think this is why they keep reinstalling.
Anyway. Things are much better... but the computer's still pretty unuseable. Without Internet I cannot even install AdAware. Tomorrow I'm going to move on to some other free spyware/virus software in the hopes that (a) it will agree to run off of a CD and (b) it might be better. I've got a set of links saved in my browser on this computer that I'm hoping will help. Next step is to purchase a Norton Badass AntiStuff Kit and kick the computer's ass with that. After that I might just throw myself out the window.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2008-04-14 02:44 pm (UTC)(1) if the virus is "in" the registry file, and I try to copy various files over to my external hard drive (in safe mode), do I risk transferring the virus? If I copy the files over and then promptly scan the shit out of the external drive? Or are ALL my files SOL if I can't get rid of the virus?
(2) If I reformat, will that DEFINITELY get rid of the little bitch?
Answers, and a bit of a scolding because you ain't listenin', girl!
Date: 2008-04-14 04:30 pm (UTC)The second thing - about your external HD - if you want to save your files and then reformat your computer, that is pretty much the only way you can do it. Viruses need your computer to run, they can't run off of your hard drive alone. So ... you might copy the infected file onto your external HD, but as long as you don't plug that external HD back into your computer before you've put Norton Big Wall of Security on it, then you should be okay. If you plug your theoretically virus-carrying HD back into your fully-protected computer, Norton will kill the virus before it hits your computer's OS. Just remember - make sure Norton is scanning your HD as soon as you plug it into your healed computer.
Save your files to your external HD, format your computer, reinstall the system completely, get all the latest state-of-the-art firewall/virus protection shit + Windows service packs / patches / etc (same goes for your browsers), and THEN plug your external HD back into your computer. The most important thing is that you do the reformatting / reinstallation of your computer COMPLETELY OFFLINE, install Norton COMPLETELY OFFLINE, then get the service packs / Norton virus updates ONLINE (*while* your firewall is up), go OFFLINE AGAIN, install everything completely, and THEN plug in your HD and scan it. WHILE YOU'RE OFFLINE!
I can't stress this enough: 90% of what you do should be offline. Period. The only point in time you should be going online with your computer in this process is to get the security pack and viral updates. Other than that, make sure you are completely disconnected from the internet until your computer is 100% working again.
Reformatting, even repartitioning your HD, will "cure" your computer for 100% sure. A virus can't physically change your hardware and all what reformatting is is wiping your hardware completely clean. If it doesn't work for some reason, either
A) you connected to the internet before it was done, you bad girl
B) you didn't install Norton / didn't get the latest updates before you connected to the internet, you bad girl
C) it's a virus the rest of the world has never seen the likes of before yet and we should all panic
Okay, one last recap:
#1 Priority: Norton Internet Security 2008 on a disc. Like, yesterday.
#2 Priority: Work OFFLINE. OFF. LINE. No free stuff downloads to 'hope' you can cure your computer. Bite that bullet, work OFFLINE!
Re: Answers, and a bit of a scolding because you ain't listenin', girl!
Date: 2008-04-14 04:52 pm (UTC)And it never really reconnected to the Internet anyway. Which was pretty sucky overall.
Re: Answers, and a bit of a scolding because you ain't listenin', girl!
Date: 2008-04-14 05:54 pm (UTC)2009 you might have options, when your Norton license expires, as long as you shopped for good freeware before then. Right now, though, I'm afraid you gotta spend the money on a commercial product.
Or make your friend spend the money on a commercial product for you, since he gave you jacky crap advice. ;P
Re: Answers, and a bit of a scolding because you ain't listenin', girl!
Date: 2008-04-14 06:21 pm (UTC)