![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Entry tags:
(no subject)
So the desktop downstairs has apparently been infected with some sort of spyware, and may be completely ruined. I have a bad feeling it's completely trashed. Whatever it is changed the background of the computer to a "Your computer has been infected with spyware! Please run the latest antivirus software to remove" thing, it has completely blocked me from both Control Panel and the Task Manager (Ctrl-Alt-Del), and has apparently already removed the copy of Norton that was on there to begin with.
The strangest part is that it keeps continually giving me popups - both regular ones and from the lower-right-hand-corner system tray - saying "Click here to download Windows' latest virus software" or something like that, and I know it's not a Windows message. It keeps trying to run/install something, and I keep telling it no, but the pop-ups continue to show up.
It just happened in the middle of a basic search for tabs. As soon as we realized what was happening, I unplugged both my external hard drive and the internet. Once disconnected from the internet, whatever was trying to run kept prompting me to reconnect, so I'm wondering whether it was an information-fishing type of virus. I'm hoping I saved the hard drive soon enough that it's not ruined -- I'm afraid to plug it in to any of my other computers, and I'll probably be taking it to one of those Geek Stores to have someone who knows what they're doing take a look at it.
Once it was disconnected from the actual Internet I could get to my desktop, and could possibly run things, although I didn't really try to - I was too busy trying to find my Norton and to get the virus popups to go away. I'm afraid to try to pull anything off of it, though - I don't want to ruin a USB drive and/or another computer when I try to connect it. >.>
The part I just don't understand is where it came from. We hadn't downloaded or installed anything new, we weren't looking at strange websites (it was a guitar tab website when it happened, by the way, that we've gone to tons of times), and so I have no idea how this thing got on my computer in the first place. Any ideas? Anyone know more about this kind of thing than I do?
Basically, what I'm planning on doing is phoning the local Professional Computer Nerd place (I actually think that's what they're called, there's one down in the Valley) and seeing what they recommend. I'm wondering if I bought a new version of Norton/other anti-spyware software whether I would be able to install it and wipe the computer clean. I'm hoping the computer place can advise me on what to do, or if maybe I can just take the computer in to them and have them get the spyware off for me.
I don't really care about the desktop - it needed a reformat anyway, although I'd obviously rather be able to collect things off of it before reformatting. If it's going to cost like $200-$300 to fix the computer, I'll probably just say 'fuck it' and buy a new one (I was planning on doing it this summer; it'll just accelerate things a little). What I'm most concerned with is the external hard drive, because that's where all my music and photos are. I don't want to plug it into the laptop in case it somehow got infected too, because then both my computers are Royally Fucked.
Does anyone have any ideas/advice on how to get this really annoying spyware off of my desktop? Anyone else been hit with this kind of thing? I have no idea what to do with it (other than call a professional) so help would be most appreciated.
Fucking hell. Fucking shitfuck virus.
EDIT - I've left this unlocked in case anybody has geeky friends they'd like to send my way to help me out. If there are any questions, leave it in a comment, and I'll get back to you ASAP. Seriously, people, I am stumped!
The strangest part is that it keeps continually giving me popups - both regular ones and from the lower-right-hand-corner system tray - saying "Click here to download Windows' latest virus software" or something like that, and I know it's not a Windows message. It keeps trying to run/install something, and I keep telling it no, but the pop-ups continue to show up.
It just happened in the middle of a basic search for tabs. As soon as we realized what was happening, I unplugged both my external hard drive and the internet. Once disconnected from the internet, whatever was trying to run kept prompting me to reconnect, so I'm wondering whether it was an information-fishing type of virus. I'm hoping I saved the hard drive soon enough that it's not ruined -- I'm afraid to plug it in to any of my other computers, and I'll probably be taking it to one of those Geek Stores to have someone who knows what they're doing take a look at it.
Once it was disconnected from the actual Internet I could get to my desktop, and could possibly run things, although I didn't really try to - I was too busy trying to find my Norton and to get the virus popups to go away. I'm afraid to try to pull anything off of it, though - I don't want to ruin a USB drive and/or another computer when I try to connect it. >.>
The part I just don't understand is where it came from. We hadn't downloaded or installed anything new, we weren't looking at strange websites (it was a guitar tab website when it happened, by the way, that we've gone to tons of times), and so I have no idea how this thing got on my computer in the first place. Any ideas? Anyone know more about this kind of thing than I do?
Basically, what I'm planning on doing is phoning the local Professional Computer Nerd place (I actually think that's what they're called, there's one down in the Valley) and seeing what they recommend. I'm wondering if I bought a new version of Norton/other anti-spyware software whether I would be able to install it and wipe the computer clean. I'm hoping the computer place can advise me on what to do, or if maybe I can just take the computer in to them and have them get the spyware off for me.
I don't really care about the desktop - it needed a reformat anyway, although I'd obviously rather be able to collect things off of it before reformatting. If it's going to cost like $200-$300 to fix the computer, I'll probably just say 'fuck it' and buy a new one (I was planning on doing it this summer; it'll just accelerate things a little). What I'm most concerned with is the external hard drive, because that's where all my music and photos are. I don't want to plug it into the laptop in case it somehow got infected too, because then both my computers are Royally Fucked.
Does anyone have any ideas/advice on how to get this really annoying spyware off of my desktop? Anyone else been hit with this kind of thing? I have no idea what to do with it (other than call a professional) so help would be most appreciated.
Fucking hell. Fucking shitfuck virus.
EDIT - I've left this unlocked in case anybody has geeky friends they'd like to send my way to help me out. If there are any questions, leave it in a comment, and I'll get back to you ASAP. Seriously, people, I am stumped!
no subject
I used a geek forum like this to fix it. It took me a couple days and some annoying time spent in the campus computer lab (as I have a laptop, so I'd be reading this off the internet and working on my laptop and transferring stuff with a flash drive, since the campus computers have wicked crazy awesome anti-virus).
So, it's not completely fucked, but it's annoying as hell. Especially for me, as I only technically had the one computer, which was my only link to the outside world at the time. XD
As for your external drive... well, considering the nature of the virus, I'm not sure what it would do to one of those. But, you will need to be careful. I suggest beefing up the security on your laptop, disconnecting from the internet and checking to see if you can access that drive. If not, don't spend too much time trying to get it to connect, just disconnect. This thing needs something from the internet, so the best way is to check while offline.
Um, and if you decide to take the plunge and connect your external drive while offline, get extra shit (like, ewido and other things) boot up in safe mode and do scans while in that.
That's basically all I know on the subject. XD
~Cendri
no subject
The first thing to do if you know you have a virus is disconnect your computer from the internet and disconnect the infected computer from any network you might have. Quarantine it, just like you'd do if it was a real viral outbreak. :-)
When you go in to repair it, don't connect to the internet for *anything* - use a 'clean' computer to do any downloading you might need, get the stuff you need to install on your computer to clean it out on a disc of some sort, and like someone else said, safe booting is your friend.
no subject
Ew, Norton? Fucking seriously? I'm actually not trying to focus on "omfg get a better anti-virus system" because you're probably sick of hearing that. BUT I'd recommend Avast! (http://www.avast.com/eng/download-avast-home.html)for this situation, because it has the option to do a bootup scan- useful for adware and viruses that can't be dealt with when you're running Windows. Switch to Avast! for awhile; you could always switch back.
Uh. I'll look into some alternatives in case uninstalling Norton isn't an option. XD
Tonikaku, be sure to Turn off System Restore before you run any anti-virus scans; System Restore can make copies of viruses and adware in the _restore folder. You can scan in that folder, but the computer won't let you do anything about it ("write protected" or some shit GRR).
Also, obtain Spybot! Search and Destroy (http://www.safer-networking.org/en/index.html) and have it scan. Teatimer also comes with it (you do have the option to install or not), which keeps track of major system changes (i.e.: it'll notify when your wallpaper has changed, or something is added to the Startup Menu). You can, in theory, halt hijacks with TeaTimer.
As for not getting into Task Manager etc., look into XP Emergency Utility ( http://www.dougknox.com/xp/utils/xp_emerutils.htm ) and Process Explorer ( http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx ), a replacement of the devault Task Manager.
In the event that you need to delete disruptive files that are "in use," Unlocker is a nifty program that'll solve that issue.
http://ccollomb.free.fr/unlocker/
Uh... that's all I can think of. Good Luck.
no subject
Thanks for the links, though. I'm not sure whether this is worth me struggling through, or if I should just hand it over to a tech guy. :P
no subject
no subject
no subject
It's possible that someone hijacked an ad from the site or hijacked the site itself to do datamining. It happens all the damn time.
no subject
Norton 360 was basically as useful as a hammer made of shit. It did nothing for my plight. *tears*
no subject
We also use Lavasoft's Adaware, and when we're not using Norton, Avira antivirus.
no subject
If that doesn't work, as well as all the other good suggestions the other commenters left (especially the ones that have had this happen before), let one of your geeky friends (*cough*) look at it before you pay anyone.
no subject
And do you want to come over some time this week and help me? I have beer.
no subject
Tonight is the most free I'm going to be, so if you're free lets just get it over with (hopefully). It'll give the 3 of us discussion time for another subject as well...
no subject
I actually don't think we're free tonight, we may be playing with one of the guys from work... any other night would work, though, for computer fixing and Certain Person Discussion.
no subject
no subject
Are any other nights OK for you?
no subject
I guess wednesday would be ok.
no subject
Cool. If I haven't figured it out (or totally ruined it) by then, that is.
no subject
Yeah, just burn a cd with those programs on it and try to run them. Hopefully if it's just stupid malware of some form they'll fix it.
no subject
no subject
no subject