Mega Virus/Malware/Adware/Spyware Issue! - Tilted Forum Project Discussion Community

Redjake · 01-13-2009, 06:52 PM

Hey guys,

Normally I can fix stuff like this very easily. But this one beats anything I've seen.

It's a coworker's personal computer. It's infected with spyware, adware, and viruses - all of this confirmed.

The issue is, the PC won't let me run anything! Whenever I double click on anything, it doesn't come up. It's in Task Manager, but won't show up. I've tried "ending process" and restarting the applications, but no go.

I need to run AVG, Ad-Aware, Spybot etc. but I can't!

Even worse, whenever I go online (and can get through the pop-ups), the browser (FF and IE) redirects to ads whenever I go to online scanner sites like Pandasoftware and stuff.

Tried booting into Safe Mode, no dice. Programs still won't run. Won't even run HijackThis.

Booted into selective startup/diagnostic startup (where all services and startup apps are disabled) and STILL can't run any applications.

Does anyone have any suggestions besides wiping? There is about 5 GB of iTunes songs and pictures I would have to backup if I format, and I really don't want to have to trudge around the DRM-fest with iTunes.

She has had the computer for 4 years but there are mysteriously on "restore points" for System Restore - says "no restore points available."

Tried creating new user account, no dice there either - can't run any applications or .exes.

Windows XP Home w/ SP3
Dell

Thanks everyone!

EDIT - when I say "applications won't run" I mean fixer-apps, such as Ad-Aware, Spybot, AVG, Hijack This, CWShredder, Malwarebytes, etc. Browsers will load, I can go through system files "My Computer" etc. Seems like only the programs that would get rid of the issue won't load.

MontanaXVI · 01-14-2009, 11:53 AM

If you cannot boot into safe mode and run your apps I really don't see any other choice but to wipe it out.

Maybe just take the drive out and see if you can use it in another PC to copy the data off that you want to keep before you wipe it out?

shakran · 01-14-2009, 12:39 PM

Some of the commercial antivirus programs, such as Norton, come with a CD that you can use as an emergency recovery CD. You boot off the CD, it does a virus scan without running windows, and therefore without triggering the virii to stop everything from working.

Also, try installing a skeletal OS + AVG/spybot on a portable hard drive and booting off of that drive, then run the scans on your system drive from it.

Frosstbyte · 01-14-2009, 12:49 PM

Quote:

Originally Posted by shakran

Some of the commercial antivirus programs, such as Norton, come with a CD that you can use as an emergency recovery CD. You boot off the CD, it does a virus scan without running windows, and therefore without triggering the virii to stop everything from working.

Also, try installing a skeletal OS + AVG/spybot on a portable hard drive and booting off of that drive, then run the scans on your system drive from it.

That's what I was going to recommend. Hope that works!

yournamehere · 01-14-2009, 03:10 PM

If all else fails and your only recourse is to wipe the drive, here's a suggestion. Pretty much the same as MontanaXVI's but you won't have to detach, change the jumper settings, and re-install the HDD.

Get an IDE-to-USB adapter cable (and possibly a USB cable extension) - here's a suggestion where - Newegg.com - GWC AD2200/AD2210 USB2.0 Hi-Speed to IDE Adapter
This is assuming, of course, it's an IDE drive.

Then disconnect the the infected drive from its controller cable.

Using another computer, hook up your co-worker's hard drive via the adaptor into a USB port, and salvage whatever files you can before wiping it.
It's not a perfect solution, but at least you can save all the songs by copying them to another drive.

ps - now that you have the adaptor, download WinMFS and use it to put a much larger hard drive in your TiVo.

2 birds/1 stone.

Wyodiver33 · 01-14-2009, 04:27 PM

You could also boot from a Linux Live CD. That would allow you to view the hard drive and delete / move files.

Zweiblumen · 01-14-2009, 05:00 PM

Quote:

Originally Posted by yournamehere

If all else fails and your only recourse is to wipe the drive, here's a suggestion. Pretty much the same as MontanaXVI's but you won't have to detach, change the jumper settings, and re-install the HDD.

Get an IDE-to-USB adapter cable (and possibly a USB cable extension) - here's a suggestion where - Newegg.com - GWC AD2200/AD2210 USB2.0 Hi-Speed to IDE Adapter
This is assuming, of course, it's an IDE drive.

Then disconnect the the infected drive from its controller cable.

Using another computer, hook up your co-worker's hard drive via the adaptor into a USB port, and salvage whatever files you can before wiping it.
It's not a perfect solution, but at least you can save all the songs by copying them to another drive.

ps - now that you have the adaptor, download WinMFS and use it to put a much larger hard drive in your TiVo.

2 birds/1 stone.

Good advice there, but I would recomend something like this Newegg.com - Nippon Labs USB-SATA USB to IDE/SATA Adapter w/ power - Adapters & Gender Changers as it has SATA and IDE (2.5" and 3.5"). The link is just the first I found. I have a Vantec version of the same thing, it has already paid for itself.

Yours
Zweiblumen

Redjake · 01-15-2009, 10:08 AM

thanks for the suggestions everyone! I ended up formatting & reinstalling windows. this was the worst case of this shit I've ever seen. I used an ext usb hd to backup files. computer is so much faster now!!!

01-13-2009, 06:52 PM	#1 (permalink)
Redjake I'm a family man - I run a family business. Location: Wilson, NC	Mega Virus/Malware/Adware/Spyware Issue! Hey guys, Normally I can fix stuff like this very easily. But this one beats anything I've seen. It's a coworker's personal computer. It's infected with spyware, adware, and viruses - all of this confirmed. The issue is, the PC won't let me run anything! Whenever I double click on anything, it doesn't come up. It's in Task Manager, but won't show up. I've tried "ending process" and restarting the applications, but no go. I need to run AVG, Ad-Aware, Spybot etc. but I can't! Even worse, whenever I go online (and can get through the pop-ups), the browser (FF and IE) redirects to ads whenever I go to online scanner sites like Pandasoftware and stuff. Tried booting into Safe Mode, no dice. Programs still won't run. Won't even run HijackThis. Booted into selective startup/diagnostic startup (where all services and startup apps are disabled) and STILL can't run any applications. Does anyone have any suggestions besides wiping? There is about 5 GB of iTunes songs and pictures I would have to backup if I format, and I really don't want to have to trudge around the DRM-fest with iTunes. She has had the computer for 4 years but there are mysteriously on "restore points" for System Restore - says "no restore points available." Tried creating new user account, no dice there either - can't run any applications or .exes. Windows XP Home w/ SP3 Dell Thanks everyone! EDIT - when I say "applications won't run" I mean fixer-apps, such as Ad-Aware, Spybot, AVG, Hijack This, CWShredder, Malwarebytes, etc. Browsers will load, I can go through system files "My Computer" etc. Seems like only the programs that would get rid of the issue won't load. __________________ Off the record, on the q.t., and very hush-hush. Last edited by Redjake; 01-13-2009 at 06:54 PM..

01-14-2009, 11:53 AM	#2 (permalink)
MontanaXVI Junkie Location: Go A's!!!!	If you cannot boot into safe mode and run your apps I really don't see any other choice but to wipe it out. Maybe just take the drive out and see if you can use it in another PC to copy the data off that you want to keep before you wipe it out? __________________ Spank you very much

01-14-2009, 03:10 PM	#5 (permalink)
yournamehere Invisible Location: tentative, at best	If all else fails and your only recourse is to wipe the drive, here's a suggestion. Pretty much the same as MontanaXVI's but you won't have to detach, change the jumper settings, and re-install the HDD. Get an IDE-to-USB adapter cable (and possibly a USB cable extension) - here's a suggestion where - Newegg.com - GWC AD2200/AD2210 USB2.0 Hi-Speed to IDE Adapter This is assuming, of course, it's an IDE drive. Then disconnect the the infected drive from its controller cable. Using another computer, hook up your co-worker's hard drive via the adaptor into a USB port, and salvage whatever files you can before wiping it. It's not a perfect solution, but at least you can save all the songs by copying them to another drive. ps - now that you have the adaptor, download WinMFS and use it to put a much larger hard drive in your TiVo. 2 birds/1 stone. __________________ If you want to avoid 95% of internet spelling errors: "If your ridiculous pants are too loose, you're definitely going to lose them. Tell your two loser friends over there that they're going to lose theirs, too." It won't hurt your fashion sense, either.

01-14-2009, 04:27 PM	#6 (permalink)
Wyodiver33 Just here for the beer. Location: Ft. Lauderdale, Floriduh	You could also boot from a Linux Live CD. That would allow you to view the hard drive and delete / move files. __________________ I like stuff.

01-14-2009, 12:39 PM	#3 (permalink)
shakran Tone.	Some of the commercial antivirus programs, such as Norton, come with a CD that you can use as an emergency recovery CD. You boot off the CD, it does a virus scan without running windows, and therefore without triggering the virii to stop everything from working. Also, try installing a skeletal OS + AVG/spybot on a portable hard drive and booting off of that drive, then run the scans on your system drive from it.

01-15-2009, 10:08 AM	#8 (permalink)
Redjake I'm a family man - I run a family business. Location: Wilson, NC	thanks for the suggestions everyone! I ended up formatting & reinstalling windows. this was the worst case of this shit I've ever seen. I used an ext usb hd to backup files. computer is so much faster now!!!