Upvote Upvoted 1 Downvote Downvoted
Virus/Trojan/Worm Help
posted in Hardware
1
#1
0 Frags +

Ok, so over the course of the past three years my sister has had her laptop she has never ran any checks/scans. She recently started complaining to me about her computer running slow and error messages constantly popping up on her screen. I then ran a check and discovered this:
http://imageshack.us/photo/my-images/152/036zt.jpg/

I am utterly lost on what to do and I have had to disconnect the laptop from the internet because of key tracking viruses. McAfee is also not able to be opened because of a virus stopping the application.

Please help...

Ok, so over the course of the past three years my sister has had her laptop she has never ran any checks/scans. She recently started complaining to me about her computer running slow and error messages constantly popping up on her screen. I then ran a check and discovered this:
http://imageshack.us/photo/my-images/152/036zt.jpg/

I am utterly lost on what to do and I have had to disconnect the laptop from the internet because of key tracking viruses. McAfee is also not able to be opened because of a virus stopping the application.

Please help...
2
#2
5 Frags +

if you can reconnect to the internet, get malwarebytes and it should clear everything up: http://www.malwarebytes.org/

if you can reconnect to the internet, get malwarebytes and it should clear everything up: http://www.malwarebytes.org/
3
#3
0 Frags +

1. boot into safe mode (f8 on startup)
2. put AVG (http://free.avg.com/us-en/homepage) or truktruk's one on a flash drive to speed up the process
3. install that on her computer
4. run the scan and delete any virus that you see.

also, shouldn't you be able to simply press remove in mcafee after you scanned?

1. boot into safe mode (f8 on startup)
2. put AVG (http://free.avg.com/us-en/homepage) or truktruk's one on a flash drive to speed up the process
3. install that on her computer
4. run the scan and delete any virus that you see.

also, shouldn't you be able to simply press remove in mcafee after you scanned?
4
#4
0 Frags +

I don't think antivirus software will work, if McAfee is not able to be run.

Might as well try it though.

I don't think antivirus software will work, if McAfee is not able to be run.

Might as well try it though.
5
#5
7 Frags +

Mistake 1:

McAfee :/

Mistake 1:

McAfee :/
6
#6
9 Frags +

Don't bother with AVG.

Since the picture was cut I couldn't tell for sure but I'm pretty certain that that is very likely to be one of the fake antiviruses. Usually they aren't too bad to clean up. I used to have to deal with a lot of those at work back when I worked in IT.

a) boot into safe mode with networking (when your computer starts one of the boot screens may tell you to press certain F# button, try one of those. If not, what I do is just try buttons from esc->F12 just a few at a time)

b) unless the computer is infected with something really serious, you should be able to browse the web in safe mode. Download malwarebytes http://www.malwarebytes.org/ and superantispyware http://www.superantispyware.com/. Run both of those in safe mode (be sure to update). What you can also do is download the installers for those programs in a different computer and copy them over to the laptop with a flash drive.

c) Combination of those two will typically get most non-severe things -- Give that a try. Also, write down the exact name of that malware program and google this: the name of that program, bleepingcomputers. Bleeping computers will likely have a tutorial for that malware unless it's REALLY new. It will be another guide you can follow since I can't write too much on this.

Don't bother with AVG.

Since the picture was cut I couldn't tell for sure but I'm pretty certain that that is very likely to be one of the fake antiviruses. Usually they aren't [i]too bad[/i] to clean up. I used to have to deal with a lot of those at work back when I worked in IT.

a) boot into safe mode [i]with networking[/i] (when your computer starts one of the boot screens may tell you to press certain F# button, try one of those. If not, what I do is just try buttons from esc->F12 just a few at a time)

b) unless the computer is infected with something really serious, you should be able to browse the web in safe mode. Download malwarebytes http://www.malwarebytes.org/ and superantispyware http://www.superantispyware.com/. Run both of those in safe mode (be sure to update). What you can also do is download the installers for those programs in a different computer and copy them over to the laptop with a flash drive.

c) Combination of those two will typically get most non-severe things -- Give that a try. Also, write down the exact name of that malware program and google this: the name of that program, bleepingcomputers. Bleeping computers will likely have a tutorial for that malware unless it's REALLY new. It will be another guide you can follow since I can't write too much on this.
7
#7
-2 Frags +

Do all 3 of these:
1. Malwarebytes as linked above.
2.CC Cleaner (Will remove browser history and cookies) http://www.piriform.com/ccleaner
3. Microsoft Security Essentials: http://windows.microsoft.com/en-us/windows/security-essentials-download

Run the full scans, they may take a couple hours but will clean that pc up really well

Do all 3 of these:
1. Malwarebytes as linked above.
2.CC Cleaner (Will remove browser history and cookies) http://www.piriform.com/ccleaner
3. Microsoft Security Essentials: http://windows.microsoft.com/en-us/windows/security-essentials-download

Run the full scans, they may take a couple hours but will clean that pc up really well
8
#8
0 Frags +

COMBOFIX

COMBOFIX
9
#9
-1 Frags +

http://www.online-solutions.ru/en/products/osam-autorun-manager.html

http://www.online-solutions.ru/en/products/osam-autorun-manager.html
10
#10
3 Frags +

lol, mse.

make sure to get updates for java/flash/webbrowsers/windows patches after you think you're done. Good luck cleaning up the mess...Most scanners/removers always left some remnant of the virus. And with latest exploits in java, who knows what else might lurk in that machine [1][2].

Heck, I'd just format the damn machine.
Find Window 7 install media here
Use RT7lite to automate the key input, OEM keys need to be installed this way.

Create a disk image after installing all the drivers and use it as "formatting disk".

lol, [url=http://goo.gl/6HtR7]mse[/url].

make sure to get updates for java/flash/webbrowsers/windows patches after you think you're done. Good luck cleaning up the mess...Most scanners/removers always left some remnant of the virus. And with latest exploits in java, who knows what else might lurk in that machine [[url=http://hitmanpro.wordpress.com/2013/02/21/nbc-com-hacked-serving-up-citadel-malware/]1[/url]][[url=http://www.theverge.com/2013/2/21/4015040/hackers-exploit-nbc-website-to-spread-malware]2[/url]].

Heck, I'd just format the damn machine.
[url=http://arstechnica.com/information-technology/2012/06/blowing-away-bloatware-a-guide-to-reinstalling-windows-on-a-new-pc/]Find Window 7 install media here[/url]
Use RT7lite to automate the key input, OEM keys need to be installed this way.

Create a disk image after installing all the drivers and use it as "formatting disk".
11
#11
2 Frags +

Format and perform a fresh install. You will likely end up having an easier time formatting than trying to clean everything up, and much greater peace of mind.

Format and perform a fresh install. You will likely end up having an easier time formatting than trying to clean everything up, and much greater peace of mind.
12
#12
4 Frags +

KILL IT WITH FIRE

But seriously if all she does is email and browse the web (like most people) just set her up with Ubuntu.

KILL IT WITH FIRE

But seriously if all she does is email and browse the web (like most people) just set her up with Ubuntu.
13
#13
0 Frags +

if all else fails just format

if all else fails just format
14
#14
3 Frags +

A fresh install would be ideal. I have a hard time trusting a machine that was ever known to be infected.

Having said that, if you insist upon trying to clean it, here's what you'll need.

1. Thumbdrive
2. YUMI multiboot creator (google YUMI)
3. Follow the instructions and throw a few live virus scanners on the USB drive.
4. Download Combofix and TDSSkiller.
5. Boot to the thumbdrive and run whatever virus scanners you installed in step 3.
6. Once you're done, boot to Windows and run TDSSkiller, then combofix.
7. Install Malwarebytes and run it.

That'll make you as clean as possible without a format/reinstall.

A fresh install would be ideal. I have a hard time trusting a machine that was ever known to be infected.

Having said that, if you insist upon trying to clean it, here's what you'll need.

1. Thumbdrive
2. YUMI multiboot creator (google YUMI)
3. Follow the instructions and throw a few live virus scanners on the USB drive.
4. Download Combofix and TDSSkiller.
5. Boot to the thumbdrive and run whatever virus scanners you installed in step 3.
6. Once you're done, boot to Windows and run TDSSkiller, then combofix.
7. Install Malwarebytes and run it.

That'll make you as clean as possible without a format/reinstall.
15
#15
1 Frags +

Burn it down and start over.

Burn it down and start over.
Please sign in through STEAM to post a comment.