Matrix Games Forums

Forums  Register  Login  Photo Gallery  Member List  Search  Calendars  FAQ 

My Profile  Inbox  Address Book  My Subscription  My Forums  Log Out

Veldor need your advice

 
View related threads: (in this forum | in all forums)

Logged in as: Guest
Users viewing this topic: none
  Printable Version
All Forums >> [General] >> General Discussion >> Veldor need your advice Page: [1]
Login
Message << Older Topic   Newer Topic >>
Veldor need your advice - 8/13/2008 1:42:21 AM   
Gem35


Posts: 3420
Joined: 9/12/2004
From: Dallas, Texas
Status: offline
I have a friend's laptop, a toshiba satellite 1.1 ghz celly with 256 MB ram. Windows Xp Professional SP 2

The thing is virtually infested with spyware/viruses and I am trying to save it without having to wipe the hard drive and start over.
I did manage to remove a ton of spyware with adaware 2008 and now have the problem of getting rid of the viruses which total over 55 last time I checked.

I tried to use system restore but cannot get it to run very well with all of the virus pop-ups and numerous other programs running in the background.
What would you try next?
Can I run in safe mode and use avast anti-virus to try and remove the viruses?
Besides tossing it out the window do you have any tips for me?

_____________________________

It doesn't make any sense, Admiral. Were we better than the Japanese or just luckier?


Banner By Feurer Krieg
Post #: 1
RE: Veldor need your advice - 8/13/2008 2:11:28 AM   
Veldor


Posts: 1531
Joined: 12/29/2002
From: King's Landing
Status: offline

quote:

ORIGINAL: Gem35

I have a friend's laptop, a toshiba satellite 1.1 ghz celly with 256 MB ram. Windows Xp Professional SP 2

The thing is virtually infested with spyware/viruses and I am trying to save it without having to wipe the hard drive and start over.
I did manage to remove a ton of spyware with adaware 2008 and now have the problem of getting rid of the viruses which total over 55 last time I checked.

I tried to use system restore but cannot get it to run very well with all of the virus pop-ups and numerous other programs running in the background.
What would you try next?
Can I run in safe mode and use avast anti-virus to try and remove the viruses?
Besides tossing it out the window do you have any tips for me?


Yeah I once fixed a system really far gone like that more just to prove that it can be done. The basic issue is good viruses and spyware have cyclical monitoring from multiple components... So if you kill one, or even 2, the 3rd one restarts the first 2 and so forth.

There are of course a million possibilities but assuming you've already covered all the basics with the latest anti-spyware and anti-virus.. the basic tool I use is this one:

http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

Microsoft Acquire the whole company, SysInternals, the tool is Process Explorer.

Its been ages, cuz im not a desktop guy by profession, but I did use it on an XP system for the purpose described. If I remember correctly you boot into safe mode, run the util, and then whats key about it is that instead of just allowing you to STOP processes it lets you PAUSE them. Anyway by pausing them it fools the process... you can pull some doco on what to pause..

And then after that cleanup is easy since nothing is in memory...

Anyway best and only real idea I have... (Do try running AV in safe mode first though)

_____________________________


(in reply to Gem35)
Post #: 2
RE: Veldor need your advice - 8/13/2008 2:17:24 AM   
Gem35


Posts: 3420
Joined: 9/12/2004
From: Dallas, Texas
Status: offline
Thanks for your help, so far I have removed about 20 viruses in safe mode, this is assuming they don't replicate themselves.
My friend has told me that if nothing else, wipe the system and she will deal with losing some vital files.
I won't do that until I have exhausted all other avenues.
I'll keep you posted and also look into that tool you linked.
Thanks for your concern.

_____________________________

It doesn't make any sense, Admiral. Were we better than the Japanese or just luckier?


Banner By Feurer Krieg

(in reply to Veldor)
Post #: 3
RE: Veldor need your advice - 8/13/2008 2:21:55 AM   
Veldor


Posts: 1531
Joined: 12/29/2002
From: King's Landing
Status: offline

quote:

ORIGINAL: Gem35

Thanks for your help, so far I have removed about 20 viruses in safe mode, this is assuming they don't replicate themselves.
My friend has told me that if nothing else, wipe the system and she will deal with losing some vital files.
I won't do that until I have exhausted all other avenues.
I'll keep you posted and also look into that tool you linked.
Thanks for your concern.


Found a decent description of how to use the tool/process here:

http://miniminded.wordpress.com/2008/07/09/howto-manually-remove-a-virus-from-computer/

I've not had any virus nasty enough to recognize the tool, but it even goes into how to get around that. Im guessing the tool alone would get whatever your AV in safe mode cannot.

Anyway Process Explorer, RegMon, FileMon, alot of the former SysInternals tools are all great things to have around in these type of situations. I remember having to get my company to pay thousands of dollars for them back in the day... Current versions appear to be free downloads by Microsoft now.

Good Luck!

_____________________________


(in reply to Gem35)
Post #: 4
RE: Veldor need your advice - 8/13/2008 2:38:43 AM   
Gem35


Posts: 3420
Joined: 9/12/2004
From: Dallas, Texas
Status: offline
before I use your tool here is a sceenie of what I am up against.
This is running AV at start-up to scan the MBR.
As you can see there are numerous infections, more than 50 at last approximation.
Gosh, I don't think I have ever seen a PC this corrupted before ever, ha!
It appears the AV is deleting them, perhaps I cannot get all of them but it is a start and also appears to be a long night for me.






Attachment (1)

_____________________________

It doesn't make any sense, Admiral. Were we better than the Japanese or just luckier?


Banner By Feurer Krieg

(in reply to Veldor)
Post #: 5
RE: Veldor need your advice - 8/13/2008 7:43:19 AM   
NefariousKoel


Posts: 2928
Joined: 7/23/2002
From: Murderous Missouri Scum
Status: offline
If you want to narrow the numbers down and save some time, I'd suggest using a trial version of Prevx. 

It has nuked a lot of the viruses that other AVs can find but won't get rid of for me.  I've put it on a few customer's PCs that were pretty bad.

Only thing is.. your internet needs to be working to set it up.  At least, the last time I used it you needed one but that was about a year ago.

http://info.prevx.com/downloadprevx2.asp


_____________________________


(in reply to Gem35)
Post #: 6
RE: Veldor need your advice - 8/13/2008 12:04:33 PM   
Grell

 

Posts: 1064
Joined: 4/1/2004
From: Canada
Status: offline
About a week and a half ago I got a supposed email from UPS about a shipment. I had a few games on order and thought it was legit so I clicked on the exe. My comp was hit by a very bad virus. On last Sunday I had to reformat, I am quite mad with myself.

Regards,

Greg

_____________________________


(in reply to NefariousKoel)
Post #: 7
RE: Veldor need your advice - 8/21/2008 1:00:48 AM   
Gem35


Posts: 3420
Joined: 9/12/2004
From: Dallas, Texas
Status: offline
After a long and tough battle the Laptop succumbed to the bad guys...
Re-installed windows.

_____________________________

It doesn't make any sense, Admiral. Were we better than the Japanese or just luckier?


Banner By Feurer Krieg

(in reply to Grell)
Post #: 8
RE: Veldor need your advice - 8/21/2008 6:33:10 PM   
andym


Posts: 1117
Joined: 7/12/2006
From: Kings Lynn UK
Status: offline
i have a question,i have a laptop that refuses to turn itself off.It shuts down as all is normal,then 5 to 10 secs later it boots back up!I have to remove the battery to shut down.Any ideas.

_____________________________

Press to Test...............Release to Detonate!

(in reply to Gem35)
Post #: 9
Problem - 8/21/2008 6:39:52 PM   
hermanhum


Posts: 2209
Joined: 9/21/2005
Status: offline
Just ignore it until it says,

"Dr Bowman, what are you doing?...."


_____________________________


(in reply to andym)
Post #: 10
RE: Problem - 8/21/2008 6:45:37 PM   
andym


Posts: 1117
Joined: 7/12/2006
From: Kings Lynn UK
Status: offline
Very funny but sadly unhelpful!

_____________________________

Press to Test...............Release to Detonate!

(in reply to hermanhum)
Post #: 11
RE: Problem - 8/21/2008 7:38:05 PM   
noxious


Posts: 177
Joined: 6/13/2008
From: Montreal, Qc, Canuckistan
Status: offline
Can be many things : The Google Search on the topic

Over 10,000,000 hits, so you should find relevant info in the first half dozen or so ;)



_____________________________

Be Kind. Everyone is fighting a hard battle.

(in reply to andym)
Post #: 12
RE: Veldor need your advice - 8/21/2008 9:19:27 PM   
USSAmerica


Posts: 18254
Joined: 10/28/2002
From: Chapel Hill, NC, USA
Status: offline

quote:

ORIGINAL: Gem35

Thanks for your help, so far I have removed about 20 viruses in safe mode, this is assuming they don't replicate themselves.
My friend has told me that if nothing else, wipe the system and she will deal with losing some vital files.
I won't do that until I have exhausted all other avenues.
I'll keep you posted and also look into that tool you linked.
Thanks for your concern.



OK, now I understand all this effort.

_____________________________

Mike

"Good times will set you free" - Jimmy Buffett

"They need more rum punch" - Me


Artwork by The Amazing Dixie

(in reply to Gem35)
Post #: 13
RE: Veldor need your advice - 8/22/2008 12:17:49 AM   
Gem35


Posts: 3420
Joined: 9/12/2004
From: Dallas, Texas
Status: offline
quote:

ORIGINAL: USS America


quote:

ORIGINAL: Gem35

Thanks for your help, so far I have removed about 20 viruses in safe mode, this is assuming they don't replicate themselves.
My friend has told me that if nothing else, wipe the system and she will deal with losing some vital files.
I won't do that until I have exhausted all other avenues.
I'll keep you posted and also look into that tool you linked.
Thanks for your concern.



OK, now I understand all this effort.

SHE is happily married and is a good friend of mine Mike.

_____________________________

It doesn't make any sense, Admiral. Were we better than the Japanese or just luckier?


Banner By Feurer Krieg

(in reply to USSAmerica)
Post #: 14
RE: Veldor need your advice - 8/22/2008 12:21:55 AM   
Veldor


Posts: 1531
Joined: 12/29/2002
From: King's Landing
Status: offline

quote:

ORIGINAL: andym

i have a question,i have a laptop that refuses to turn itself off.It shuts down as all is normal,then 5 to 10 secs later it boots back up!I have to remove the battery to shut down.Any ideas.


Call an exorcist, Buy a new laptop, or reinstall windows.

A really long shot would be to check your laptops BIOS settings for power etc. Its almost as if your machine is hanging on shutdown (See that google search for 10,000+ reasons why) and then your BIOS is kicking in and "recovering" your laptop by rebooting it.

_____________________________


(in reply to andym)
Post #: 15
Page:   [1]
All Forums >> [General] >> General Discussion >> Veldor need your advice Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI

0.164