Home Forums Classifieds Blogs Today's Posts Search Social Groups



  
SIGN-UP
Notices

Glock Talk
Welcome To The Glock Talk Forums.

 
  
Reply
 
Thread Tools Display Modes
Old 12-12-2008, 17:15   #1
MyGlockRocks19
Thread Killer
 
MyGlockRocks19's Avatar
 
Join Date: Mar 2007
Location: Lenoir, North Carolina
Posts: 2,287
Virus? Hardware malfunction? WHO KNOWS?!?!

I had a nasty virus infection not long ago...browser redirect, random slowdowns, my computer even shut itself off once! Finally managed to get around it not letting me update AV programs, and think I got at least MOST of it....

Still dealing with random slowdowns, usually while using the interwebs or playing games, and my boot time is SLOW. I think I'm looking at a rootkit, and I used a 3rd party app that pointed a couple out. I deleted the registry keys that it pointed out...and waiting to see if THAT works. Any other steps I can take? Good scanning tools you'd recommend?

At the moment I'm using Zone Alarm Security Suite, Spybot S&D, and the rootkit scanner is Sophos Anti-Rootkit.
__________________
Glock 21, Sig 556 Classic, Hi Point 995, Stevens 350 12 Gauge.
Quote:
After range trips, my AR had to be cleaned like a new baby, but with my AK I just spit on it and called it a whore.
MyGlockRocks19 is offline   Reply With Quote
Old 12-12-2008, 17:22   #2
srhoades
Senior Member
 
srhoades's Avatar
 
Join Date: Jul 2000
Posts: 4,593
download and run malwarebytes from malwarebytes.org
Make sure you update it first.
srhoades is offline   Reply With Quote
Old 12-12-2008, 17:50   #3
IndyGunFreak
KO Windows
 
IndyGunFreak's Avatar
 
Join Date: Jan 2001
Location: Indiana
Posts: 30,328
Send a message via ICQ to IndyGunFreak Send a message via AIM to IndyGunFreak Send a message via MSN to IndyGunFreak Send a message via Yahoo to IndyGunFreak Send a message via Skype™ to IndyGunFreak


So rule out software..

Backup, reinstall.

IGF
__________________
Quote:
Ronald Reagan
"If we ever forget that we are One Nation Under God, then we will be a nation gone under."
"Man is not free unless Government is limited"
IndyGunFreak is offline   Reply With Quote
Old 12-12-2008, 18:03   #4
MyGlockRocks19
Thread Killer
 
MyGlockRocks19's Avatar
 
Join Date: Mar 2007
Location: Lenoir, North Carolina
Posts: 2,287
Quote:
Originally Posted by IndyGunFreak View Post
So rule out software..

Backup, reinstall.

IGF
Man, I wish I could...my only back up option is DVD-R, and I don't have enough to do a full backup. I've wanted to get an external to do backups, but that hasn't happened yet.

Yes, I'm running without ANY form of backup right now...

That Malwarebytes program picked up a BUNCH of stuff that Zone Alarm and S&D missed...maybe that'll do the trick.
__________________
Glock 21, Sig 556 Classic, Hi Point 995, Stevens 350 12 Gauge.
Quote:
After range trips, my AR had to be cleaned like a new baby, but with my AK I just spit on it and called it a whore.
MyGlockRocks19 is offline   Reply With Quote
Old 12-12-2008, 18:55   #5
IndyGunFreak
KO Windows
 
IndyGunFreak's Avatar
 
Join Date: Jan 2001
Location: Indiana
Posts: 30,328
Send a message via ICQ to IndyGunFreak Send a message via AIM to IndyGunFreak Send a message via MSN to IndyGunFreak Send a message via Yahoo to IndyGunFreak Send a message via Skype™ to IndyGunFreak


Quote:
Originally Posted by MyGlockRocks19 View Post
Man, I wish I could...my only back up option is DVD-R, and I don't have enough to do a full backup. I've wanted to get an external to do backups, but that hasn't happened yet.

Yes, I'm running without ANY form of backup right now...

That Malwarebytes program picked up a BUNCH of stuff that Zone Alarm and S&D missed...maybe that'll do the trick.
If you have an old hard drive laying around, you can get external enclosures for about 15 or so on Tigerdirect and Newegg.

IGF
__________________
Quote:
Ronald Reagan
"If we ever forget that we are One Nation Under God, then we will be a nation gone under."
"Man is not free unless Government is limited"
IndyGunFreak is offline   Reply With Quote
Old 12-12-2008, 23:37   #6
d3athp3nguin
Senior Member
 
d3athp3nguin's Avatar
 
Join Date: Aug 2007
Posts: 819
Quote:
Originally Posted by IndyGunFreak View Post
If you have an old hard drive laying around, you can get external enclosures for about 15 or so on Tigerdirect and Newegg.

IGF

Listen to the man. He talks some sense.

Backup, format, reinstall.

If you only have a DVD-R drive for backup, buy a 10 pack and start burning.

Most viri with rootkits are nearly impossible to remove without messing up some .dlls or system files; I can't count how many computers I encountered in college that were so hopelessly infected we could spend days running forensics on it and not figure out how the heck to kill the bug. Freaking vundo virus... Anyway I don't mean to sound defeatist or anything, but I've worked with Windows for too long to expect it to recover fully from a modern, sophisticated virus.

To avoid this in the future:

1. Run in a lower-priveleged user account most of the time, and save the admin account for program installs etc. That way if a trojan gets in, it doesn't start out with admin rights (at least it has to work to steal them!)

2. Lay off the pr0n
__________________
"The foolishness of that comment is so deep, I can only ascribe it to higher education. You HAVE to have gone to college to say something that stupid."
~Radio talk show host

Last edited by d3athp3nguin; 12-12-2008 at 23:44..
d3athp3nguin is offline   Reply With Quote
Old 12-13-2008, 01:40   #7
DoubleWide
Senior Member
 
Join Date: Sep 2008
Posts: 3,315
Quote:
Originally Posted by d3athp3nguin View Post
Listen to the man. He talks some sense.

Backup, format, reinstall.

If you only have a DVD-R drive for backup, buy a 10 pack and start burning.

Most viri with rootkits are nearly impossible to remove without messing up some .dlls or system files; I can't count how many computers I encountered in college that were so hopelessly infected we could spend days running forensics on it and not figure out how the heck to kill the bug. Freaking vundo virus... Anyway I don't mean to sound defeatist or anything, but I've worked with Windows for too long to expect it to recover fully from a modern, sophisticated virus.

To avoid this in the future:

1. Run in a lower-priveleged user account most of the time, and save the admin account for program installs etc. That way if a trojan gets in, it doesn't start out with admin rights (at least it has to work to steal them!)

2. Lay off the pr0n
Agreed. Viruses can be super nasty nowadays. Wipe and start fresh.

Put 100 Taiyo Yuden CDRs and 100 Taiyo Yuden DVDRs on your Christmas list. An external hard drive still can crash so your best bet is to have multiple copies anyways.

Best deal recently for 1TB external $110 for WD http://www.newegg.com/Product/Produc...tal-_-22136321

I've got a 1TB Maxtor One Touch 4 (USB2/Firewire) that I reformatted Fat32 to be compatible with the PS3. Very happy. I don't notice the big light bar anymore.
DoubleWide is offline   Reply With Quote
Old 12-13-2008, 09:02   #8
Bronson7
Senior Member
 
Join Date: May 2002
Location: Murray,Kentucky
Posts: 1,205
Make sure to scan your back-ups prior to upload.
Bronson7
Bronson7 is offline   Reply With Quote
Old 12-13-2008, 12:14   #9
Sgt. Schultz
Annoying Member
 
Sgt. Schultz's Avatar
 
Join Date: May 2004
Location: West Columbia, South Carolina
Posts: 2,809
Quote:
Originally Posted by MyGlockRocks19 View Post
Man, I wish I could...my only back up option is DVD-R, and I don't have enough to do a full backup.
You only need to backup the data, especially if your system is infected.
__________________
Sgt. Schultz

"I have come here to chew bubble gum and kick ass ... and I'm all out of bubble gum"
Sgt. Schultz is offline   Reply With Quote
Old 12-13-2008, 12:51   #10
The Pontificator
Angry Samoan
 
The Pontificator's Avatar
 
Join Date: Sep 2000
Location: Grumpyville
Posts: 24,465


Get a Mac. Or dump Windohs and install a Linux distro.
The Pontificator is offline   Reply With Quote
Old 12-13-2008, 21:22   #11
havensal
CLM Number 216
Nozzle Jockey
 
havensal's Avatar
 
Join Date: Aug 2003
Location: Western, NY
Posts: 4,468
Combofix may take care of whatever malwarebytes can't.

I use the two for most infections.

Most times it's faster and easier to format and start over.
havensal is online now   Reply With Quote
Old 12-14-2008, 00:49   #12
MyGlockRocks19
Thread Killer
 
MyGlockRocks19's Avatar
 
Join Date: Mar 2007
Location: Lenoir, North Carolina
Posts: 2,287
Format and re-install is what it took...

I wish I had 5 minutes alone with the punk that wrote that virus. Can any of you Linux gurus tell me how to re-install the Grub bootloader into my MBR without having to re-install Linux?
__________________
Glock 21, Sig 556 Classic, Hi Point 995, Stevens 350 12 Gauge.
Quote:
After range trips, my AR had to be cleaned like a new baby, but with my AK I just spit on it and called it a whore.
MyGlockRocks19 is offline   Reply With Quote
Old 12-14-2008, 17:48   #13
MyGlockRocks19
Thread Killer
 
MyGlockRocks19's Avatar
 
Join Date: Mar 2007
Location: Lenoir, North Carolina
Posts: 2,287
Oh, just to give a thumbs up to that Avast program...when I re-installed, I got re-infected. Had to go thru the process all over again. Avast caught the virus hanging out on one of my secondary HDs and got rid of it...now I'm good. Its got a nifty feature that'll scan before Windows boots (kinda like CHKDSK), that I REALLY like.
__________________
Glock 21, Sig 556 Classic, Hi Point 995, Stevens 350 12 Gauge.
Quote:
After range trips, my AR had to be cleaned like a new baby, but with my AK I just spit on it and called it a whore.
MyGlockRocks19 is offline   Reply With Quote

 
  
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT -6. The time now is 22:58.




Homepage
FAQ
Forums
Calendar
Advertise
Gallery
GT Wiki
GT Blogs
Social Groups
Classifieds


Users Currently Online: 964
233 Members
731 Guests

Most users ever online: 2,672
Aug 11, 2014 at 2:31