Virus? Hardware malfunction? WHO KNOWS?!?! [Archive] - Glock Talk

PDA

View Full Version : Virus? Hardware malfunction? WHO KNOWS?!?!


MyGlockRocks19
12-12-2008, 16:15
I had a nasty virus infection not long ago...browser redirect, random slowdowns, my computer even shut itself off once! Finally managed to get around it not letting me update AV programs, and think I got at least MOST of it....

Still dealing with random slowdowns, usually while using the interwebs or playing games, and my boot time is SLOW. I think I'm looking at a rootkit, and I used a 3rd party app that pointed a couple out. I deleted the registry keys that it pointed out...and waiting to see if THAT works. Any other steps I can take? Good scanning tools you'd recommend?

At the moment I'm using Zone Alarm Security Suite, Spybot S&D, and the rootkit scanner is Sophos Anti-Rootkit.

srhoades
12-12-2008, 16:22
download and run malwarebytes from malwarebytes.org
Make sure you update it first.

IndyGunFreak
12-12-2008, 16:50
So rule out software..

Backup, reinstall.

IGF

MyGlockRocks19
12-12-2008, 17:03
So rule out software..

Backup, reinstall.

IGF

Man, I wish I could...my only back up option is DVD-R, and I don't have enough to do a full backup. I've wanted to get an external to do backups, but that hasn't happened yet.

Yes, I'm running without ANY form of backup right now...:embarassed:

That Malwarebytes program picked up a BUNCH of stuff that Zone Alarm and S&D missed...maybe that'll do the trick.

IndyGunFreak
12-12-2008, 17:55
Man, I wish I could...my only back up option is DVD-R, and I don't have enough to do a full backup. I've wanted to get an external to do backups, but that hasn't happened yet.

Yes, I'm running without ANY form of backup right now...:embarassed:

That Malwarebytes program picked up a BUNCH of stuff that Zone Alarm and S&D missed...maybe that'll do the trick.

If you have an old hard drive laying around, you can get external enclosures for about 15 or so on Tigerdirect and Newegg.

IGF

d3athp3nguin
12-12-2008, 22:37
If you have an old hard drive laying around, you can get external enclosures for about 15 or so on Tigerdirect and Newegg.

IGF


Listen to the man. He talks some sense.

Backup, format, reinstall.

If you only have a DVD-R drive for backup, buy a 10 pack and start burning.

Most viri with rootkits are nearly impossible to remove without messing up some .dlls or system files; I can't count how many computers I encountered in college that were so hopelessly infected we could spend days running forensics on it and not figure out how the heck to kill the bug. Freaking vundo virus... Anyway I don't mean to sound defeatist or anything, but I've worked with Windows for too long to expect it to recover fully from a modern, sophisticated virus.

To avoid this in the future:

1. Run in a lower-priveleged user account most of the time, and save the admin account for program installs etc. That way if a trojan gets in, it doesn't start out with admin rights (at least it has to work to steal them!)

2. Lay off the pr0n :supergrin:

DoubleWide
12-13-2008, 00:40
Listen to the man. He talks some sense.

Backup, format, reinstall.

If you only have a DVD-R drive for backup, buy a 10 pack and start burning.

Most viri with rootkits are nearly impossible to remove without messing up some .dlls or system files; I can't count how many computers I encountered in college that were so hopelessly infected we could spend days running forensics on it and not figure out how the heck to kill the bug. Freaking vundo virus... Anyway I don't mean to sound defeatist or anything, but I've worked with Windows for too long to expect it to recover fully from a modern, sophisticated virus.

To avoid this in the future:

1. Run in a lower-priveleged user account most of the time, and save the admin account for program installs etc. That way if a trojan gets in, it doesn't start out with admin rights (at least it has to work to steal them!)

2. Lay off the pr0n :supergrin:

Agreed. Viruses can be super nasty nowadays. Wipe and start fresh.

Put 100 Taiyo Yuden CDRs and 100 Taiyo Yuden DVDRs on your Christmas list. An external hard drive still can crash so your best bet is to have multiple copies anyways.

Best deal recently for 1TB external $110 for WD http://www.newegg.com/Product/Product.aspx?Item=N82E16822136321&nm_mc=AFC-C8Junction&cm_mmc=AFC-C8Junction-_-Hard+Drives+-+External-_-Western+Digital-_-22136321

I've got a 1TB Maxtor One Touch 4 (USB2/Firewire) that I reformatted Fat32 to be compatible with the PS3. Very happy. I don't notice the big light bar anymore.

Bronson7
12-13-2008, 08:02
Make sure to scan your back-ups prior to upload.
Bronson7

Sgt. Schultz
12-13-2008, 11:14
Man, I wish I could...my only back up option is DVD-R, and I don't have enough to do a full backup.You only need to backup the data, especially if your system is infected.

The Pontificator
12-13-2008, 11:51
Get a Mac. Or dump Windohs and install a Linux distro.

havensal
12-13-2008, 20:22
Combofix may take care of whatever malwarebytes can't. :wavey:

I use the two for most infections.

Most times it's faster and easier to format and start over. :faint:

MyGlockRocks19
12-13-2008, 23:49
Format and re-install is what it took...:steamed:

I wish I had 5 minutes alone with the punk that wrote that virus. Can any of you Linux gurus tell me how to re-install the Grub bootloader into my MBR without having to re-install Linux?

MyGlockRocks19
12-14-2008, 16:48
Oh, just to give a thumbs up to that Avast program...when I re-installed, I got re-infected. Had to go thru the process all over again. Avast caught the virus hanging out on one of my secondary HDs and got rid of it...now I'm good. Its got a nifty feature that'll scan before Windows boots (kinda like CHKDSK), that I REALLY like.