Tilted Forum Project Discussion Community  

Go Back   Tilted Forum Project Discussion Community > Interests > Tilted Technology


 
 
LinkBack Thread Tools
Old 05-02-2005, 05:03 AM   #1 (permalink)
Who You Crappin?
 
Derwood's Avatar
 
Location: Everywhere and Nowhere
Potential Virus/Trojan/Worm problem

Here's the story:

My Dad just bought a brand new Dell desktop. He was complaining to me that it was running slow, so I went over to take a look. I got rid of a bunch of stuff from his Startup routines (via msconfig) but it was only marginally faster. It would still take the Control Panel 15 seconds to open up, etc. (on a 2.33 GHz, 256 MBRAM machine). Something wasnt' right.

I ran spyware and adware programs and turned up little. So I went into the Ctl+Alt+Del screen to see what was running.

There were something like 47 processes running. Many involved AOL and his printer and digital camera. But several were gibberish and were listed under SYSTEM instead of his username. I went to iamnotageek.com to check them out and about 6 came up as really bad files (most were .exe files that the site said were introduced by a trojan or a worm).

I immediately ran a virus scan but it turned up nothing. So the question is, how do I get rid of these files? Is the computer already screwed? And where would he have gotten these from? He has a virus scanner and a firewall running all the time, and isn't online most of the time (he's still on dialup).

Sorry for the long post, but I want to help him clear up the problem.
__________________
"You can't shoot a country until it becomes a democracy." - Willravel
Derwood is offline  
Old 05-02-2005, 08:26 AM   #2 (permalink)
Go Cardinals
 
soccerchamp76's Avatar
 
Location: St. Louis/Cincinnati
Well there is a link above that covers most of it. Find a thread that I started, i tihnk the title is "Cure-All for Spyware/Viruses."

It mainly involves using all the spyware and antivirus programs, and running them in SAFE MODE. Press F8 when rebooting and enter safe mode, then run all your scans and see what turns up.
__________________
Brian Griffin: Ah, if my memory serves me, this is the physics department.
Chris Griffin: That would explain all the gravity.
soccerchamp76 is offline  
Old 05-02-2005, 11:12 AM   #3 (permalink)
Who You Crappin?
 
Derwood's Avatar
 
Location: Everywhere and Nowhere
Quote:
Originally Posted by soccerchamp76
Well there is a link above that covers most of it. Find a thread that I started, i tihnk the title is "Cure-All for Spyware/Viruses."

It mainly involves using all the spyware and antivirus programs, and running them in SAFE MODE. Press F8 when rebooting and enter safe mode, then run all your scans and see what turns up.
Ok, I'll look that up. Thanks.
__________________
"You can't shoot a country until it becomes a democracy." - Willravel
Derwood is offline  
Old 05-04-2005, 07:44 AM   #4 (permalink)
I flopped the nutz...
 
mikec's Avatar
 
Location: Stratford, CT
disable system restore, install AVG anti-virus (norton doesn't do the trick), boot into safe mode and run a full scan.

also grab M$ antispyware and run that in safe mode too. catches a lot of stuff adaware and spybot leaves behind.
__________________
Until the 20th century, reality was everything humans could touch, smell, see, and hear. Since the initial publication of the charted electromagnetic spectrum, humans have learned that what they can touch, smell, see, and hear is less than one millionth of reality
mikec is offline  
Old 05-04-2005, 03:15 PM   #5 (permalink)
Upright
 
Location: right here
ive found a cure all- http://housecall.trendmicro.com/ try the 6.0 beta that cleans viruses and spywares. Use housecall with IE.
eeef2 is offline  
Old 05-05-2005, 06:15 AM   #6 (permalink)
"Officer, I was in fear for my life"
 
hrdwareguy's Avatar
 
Location: Oklahoma City
Another thing, not helping with the files but will help system performance, get him another 256 of Memory. XP is a memory hog and 256 will run slow.
__________________
Gun Control is hitting what you aim at

Aim for the TFP, Donate Today
hrdwareguy is offline  
Old 05-05-2005, 06:43 PM   #7 (permalink)
Insane
 
hrandani's Avatar
 
The housecall stuff is not a cure all, it assumes your computer works well enough to go to websites and allow that sort of thing. : p

Also I recommend getting rid of internet explorer, download firefox ( look it up on google) You can even carry over your bookmarks, which should solve any problems your dad has. I also second getting more RAM, as Dell typically gyps its customers with low RAM. It's dirt cheap and easy to install. Just make sure to get the same kind as the first one.
hrandani is offline  
Old 06-05-2005, 06:46 PM   #8 (permalink)
Upright
 
get mozilla firefox, definitely... and stop using IE. i haven't had a single spyware infestation since i switched.
i would use ad-aware, spybot, and microsoft's spyware killer, also install spyware blaster (it prevents spyware). and keep them all updated.

download "win patrol"> it's alot like your taskbar (ctrl+alt+del), but it keeps programs from staying in memory and putting themselves in startup behind your back. let it run at startup and stay in the background. it's like a personal offline\online watchdog to stop programs (malicious or not) from slowing down your PC.

what firewall you got? try sygate or zone alarm. i found that norton was a system resource hog and slowed down my machine pretty good, so i killed it, now all is well.

try anti vir or avast (with latest updates)... run in safemode.

worst case, if you have a virus you can't kill.... you got the Dell restore discs right?

Last edited by tyler durden 12; 06-05-2005 at 06:49 PM..
tyler durden 12 is offline  
Old 06-05-2005, 06:52 PM   #9 (permalink)
Mjollnir Incarnate
 
Location: Lost in thought
Honestly, I'd recommend a reformat. I know that it's new, and you probably think I'm crazy. But pre-fabs from Dell, HP, etc. come with all kinds of crap installed on there that you'll never use. The first time I reformatted instead of doing a system recovery I was astounded at how much faster my computer ran.

After doing that, get Firefox, some firewall, an AV, and a couple of spyware detectors.
Slavakion is offline  
Old 06-05-2005, 07:38 PM   #10 (permalink)
Insane
 
Location: bangor pa
download antispyware beta, download avg or another antivirus.get the updates for both. get sp2 if thats not on the cd already. unplug the internet, format install xp, install sp2 then the spyware and antivirus stuff, the updates for those you downloaded. after they are turned on and working connect tot he internet check for updates again, then use mozilla or firefox,

thats how i do it....
if you are connected to the internet you will get infected without even connecting to a site
__________________
Quote:
Originally Posted by Redlemon
...but if you only add files and you never delete, there's nothing to cause file fragmentation, so pattycakes is correct.
pattycakes is offline  
Old 06-07-2005, 08:51 AM   #11 (permalink)
I flopped the nutz...
 
mikec's Avatar
 
Location: Stratford, CT
Quote:
Originally Posted by pattycakes
if you are connected to the internet you will get infected without even connecting to a site
that's just not true. sorry.
__________________
Until the 20th century, reality was everything humans could touch, smell, see, and hear. Since the initial publication of the charted electromagnetic spectrum, humans have learned that what they can touch, smell, see, and hear is less than one millionth of reality
mikec is offline  
Old 06-07-2005, 10:01 AM   #12 (permalink)
Upright
 
Quote:
Originally Posted by mikec
that's just not true. sorry.
It's possibly true, but you have to have certain features of the operating systems enabled, etc. For example, if you have the Internet Information Services turned on in Win2000, and I think to some extent the Personal Web Server.

As long as you stay up-to-date with the Windows Updates you should okay.

A lot of bad stuff can come through instant messaging, too. Never click a link you don't expect even it is from someone you know.

I should also say that it is usually a good idea to have something between you and your internet connection. A Linksys hub or something. Something that lets you maintain a private IP address while the invulnerable network device like the switch/hub maintains the public IP address. If this is over the heads of anyone I apologize.
__________________
KingOtter
You can't push on a rope.
KingOtter67 is offline  
Old 06-07-2005, 05:22 PM   #13 (permalink)
Mjollnir Incarnate
 
Location: Lost in thought
Quote:
Originally Posted by mikec
that's just not true. sorry.
Unpatched XP? Yes it can... I always install my firewall and AV before the drivers for my wifi card.
Slavakion is offline  
Old 06-07-2005, 05:30 PM   #14 (permalink)
Talk nerdy to me
 
God of Thunder's Avatar
 
Location: Flint, MI
Quote:
Originally Posted by mikec
that's just not true. sorry.
Sorry to jump on the bandwagon, "The Screensavers", when it was a good show, hooked a Windows machine up to the internet with no firewall or antivirus. It was attacked within 4 minutes.

There is enough stuff out there that simply crawl the web looking for open holes. If you're unprotected, you will play host to a trojan rather quickly.
__________________
I reject your reality, and substitute my own

-- Adam Savage
God of Thunder is offline  
 

Tags
potential, problem, virus or trojan or worm

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -8. The time now is 05:49 AM.

Tilted Forum Project

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360