Page 1 of 1
H P and V W
Posted: Mon Apr 14, 2008 12:35 am
by rovingcowboy
my little sister has an Hp and she clicked on some link looking for cars that was about Vw's,
then all h.... broke loose now she can't use her av. cause it killed that. it changed the desktop, it stopped all her scaning programs and wont' let her use the system so how can i get her to fix it.
she is closer to red's location then mine, but still would be done over the phone so does anyone know what is going on with that website attack?
Archived topic from Iceteks, old topic ID:5032, old post ID:38766
H P and V W
Posted: Mon Apr 14, 2008 8:43 pm
by Red Squirrel
Sounds like she was using IE and got hijacked. Best to get a tech get her PC fixed, its probably filled with spyware and viruses by now.
Archived topic from Iceteks, old topic ID:5032, old post ID:38770
H P and V W
Posted: Mon Apr 14, 2008 11:20 pm
by travis
Red Squirrel wrote: Sounds like she was using IE and got hijacked. Best to get a tech get her PC fixed, its probably filled with spyware and viruses by now.
Yeah, that is exactly what it sounds like. Download and install spybot and run it in safe mode and then run her AV in safe mode as well. Go into Add/Remove programs and remove any programs that look sketchy. Also, go to start>run>msconfig>startup tab and uncheck everything she doesn't need to run at start up. This is a lot more than an average computer user could do themselves. So maybe Red is right about it being best to hire a tech.
Archived topic from Iceteks, old topic ID:5032, old post ID:38771
H P and V W
Posted: Tue Apr 15, 2008 12:40 am
by rovingcowboy
thanks for the ideas but getting hijacked and changing the desktop are not the same thing. the trojan has changed the desk top complete with all the icons and wallpaper being changed,
it has killed her av program, it won't let spybot s&d run in safe mode.
it has let the adaware run in safe mode but it can't keep it cleaned out.
the trojan is filling her ram as fast as the computer goe's even in safemode.
and that won't let her run any programs that take ram. the ram cleaner can't keep up with it.
what ever it is, it is more then just getting the homepage hijacked,
and she uses Ffox anyway. so this is a nasty thing that was able to kill all that stuff.
she got rid of spyware with ad aware but it kept coming back after the reboot.
so i got her to turn off system restore so the restore files would be removed on the next boot and the trojan can't hid in them anymore.
she can't get online to do any online virus scan's and she can't install any new program for av. because of the trojan eating up the ram, or stopping all av installs.
its HP so i told her she might have to do the F7 button again and reset to factory specs.. which will of course wipe her college work. such as term papers, and the likes.
but i think the computer is in major need of cleaning the system with a boot cd. which she can't find it i sent to her last year? so maybe the dog ate it?
Archived topic from Iceteks, old topic ID:5032, old post ID:38773
H P and V W
Posted: Wed Apr 16, 2008 12:47 am
by rovingcowboy
the program installed the Super Master Antispyware program? or is it the super master antivirus program? one of them is the name of the trojan, that gets in and does all kinds of nasty things. mostly trying to get you to buy their tool to remove their trojan.
and it adds in other spyware and malware links and trys to make you think your system is invected with lots of stuff when it is not. only this one nasty trojan.
she got a cleaner for it to run in safe mode but i have not heard if it worked yet.
Archived topic from Iceteks, old topic ID:5032, old post ID:38778
H P and V W
Posted: Fri Apr 18, 2008 9:39 pm
by Wren
Seems that nasty has corrupted some needed files. Sometimes it just can't be cleaned up. She may have to wipe it all to get rid of anything that bad. Any of the school work may be infected too.
Archived topic from Iceteks, old topic ID:5032, old post ID:38786
H P and V W
Posted: Fri Apr 18, 2008 9:53 pm
by MikeDB
Hey its Wren!
Archived topic from Iceteks, old topic ID:5032, old post ID:38788
H P and V W
Posted: Sat Apr 19, 2008 1:36 am
by rovingcowboy
yep surpised me too mikedb . long time wren.
but yep it was a bad thing. she called her av program's company
and told them she paid them to keep her system safe they better get it fixed and told them what is going on.
they said we'll call back. never did when they said they would so she called them again on their nickel. and said i can't use the system now. what is going on, they said they found the varriant of the worm that it started as, that this new one is. but they can't find its exact id yet give them until saturday and they might have the name and stuff on how to clean the system.
so maybe they will get it cleaned out.
if not i got a few things i can get her to try yet, but did not want to explain them over the phone to her as it would be a hour to get her to understand what to do with the stuff, then she would start to do it and take anothter 3 hours or so.? but if i have to thats what will happen.
Archived topic from Iceteks, old topic ID:5032, old post ID:38789
H P and V W
Posted: Sat Apr 19, 2008 3:00 pm
by Wren
I'm still kicking...just not as high!
Sounds like a weird answer from an AV company. How can they help if she is "dead in the water?"
It's just a bad thing for someone to have to deal with that's never had a virus take a system down.
Archived topic from Iceteks, old topic ID:5032, old post ID:38794
H P and V W
Posted: Sat Apr 19, 2008 3:21 pm
by Red Squirrel
Hey long time no see glad to see you back!
Archived topic from Iceteks, old topic ID:5032, old post ID:38796
H P and V W
Posted: Sun Apr 20, 2008 5:43 am
by rovingcowboy
Wren wrote: I'm still kicking...just not as high!
Sounds like a weird answer from an AV company. How can they help if she is "dead in the water?"
It's just a bad thing for someone to have to deal with that's never had a virus take a system down.
well you were suspost to use your hand for that slam dunk stuff in basket ball not your foot.
well i admit it does sound strange for the av company to say that. there is away for them to help with it when she can't get in windows to fix it.
its in dos. yep i think xp still has that for use if need be just not going to beable to get in it with out a boot disk
or it has to be loaded from the bootdisk then it can run on xp. one of the two ?
so they could send her a boot disk that she would use to clean it out if they have to go that route, but the way things go in that house? dogs cats? teenage boy that turns off the av program and firewall so he can play online games..
even though he's been told not too. teenage girl getting online music if she can both kids talking back to their mom. no dad he split long ago when boy was 6 months. so its mess in that place if they send the boot disk it might end up with the one i sent? lost in house more scaryier then lost in space. film at 11,
Archived topic from Iceteks, old topic ID:5032, old post ID:38797
H P and V W
Posted: Sun Apr 20, 2008 10:43 pm
by rovingcowboy
well she did not get a call from them or a boot disk.
but its fixed now. she did the format deal. was able to do the non destructive format so that was good she got the windows folder replaced and that took care of it.
she did the online scan at the AV site and found something like 500 or more infected files she was saying numbers like 100 to 5000 so its in there some place.
but thats a lot of files.
she got it cleaned out and then started with the updates from ms again took here 5 hours and she got them, its a good thing shes on high speed cable. cause this wireless card modem or the dial up would still be doing the downloads?
but she is now finally conviced to get another AV program since this headache.
she don't care if they got it fixed and posted the fix online or not they did not help her and they treated her like crap. so she is going to AVG. its about time i told her to last year. but she said she had all this protection in one program so why go to three or four programs when one does it all.
now she knows.
but its working again. what av program was it. pan a 2008 their site scann seems to have cleaned it out though so they might have it fixed now. but it hit her system and destroyed the av program on the computer totaly removed it.
Archived topic from Iceteks, old topic ID:5032, old post ID:38799
H P and V W
Posted: Tue Apr 22, 2008 9:10 pm
by Wren
Did you mean Panda AV? That's what I use but I've never had to call for help.
Maybe she needs to password protect the pc. Panda can't catch stuff if it's turned off while games and such are going on. There probably was already a lot of junk on her pc and when she hit that VW site it was kinda like the straw that broke the camel's back.
Glad she got it going again but what is a non-destructive format?
Archived topic from Iceteks, old topic ID:5032, old post ID:38804
H P and V W
Posted: Wed Apr 23, 2008 12:05 am
by rovingcowboy
yes that is the program i was trying not to say it and give them a break incase they really had a hard time getting it figured out.
she was using the 2007 and updated last year to their new 2008 and she said it has been nothing but trouble trying to get it to even update.
as for the non destructive format. windows xp allows you to just replace the windows folder if you get hit by a bad item like that. since they know most the items target the windows folder and files in there.
that way you can just replace the os and not lose any other the files.
for your programs or school. unless they are stored in the windows folder.
doing that can make you end up with 2 bootable partitions when starting up xp. one will be the toasted one you might have to go in to the bio's and tell it to open the new one which ever that one is. but it is possible to keep running that way, i have on this dell for the last 2 years, i just told it to auto boot in to the new partition.
Archived topic from Iceteks, old topic ID:5032, old post ID:38805
H P and V W
Posted: Wed Apr 23, 2008 2:18 pm
by Wren
That sounds like a good deal for some. I never keep anything on here that I'm worried about losing. If there are pics, receipts and such that need to be stored, I just send them to my gmail account.
Archived topic from Iceteks, old topic ID:5032, old post ID:38807