[Closed] laptop infected with malware?????

Spybot search and destroy and SuperAnti spyware.

Done!

tried that 🙁

What's it doing any messages?

I used this lot on a USB stick (i.e. downloaded on a clean PC) to clean a colleague's laptop recently. Seemed to do the trick:

http://www.betanews.com/article/Tip-Use-CD-or-USB-stick-to-clean-up-malwareinfected-PCs/1300465661

do i just click the link and it starts?
is there no way of a system restore even though it says no restore points?????? arrrrrrrrrrgghhh

keeps saying hard drive failure and another says ram is ****ed or something

Click here, click download then install

http://www.downloadcrew.com/article/20864-superantispyware_portable_scanner

Seatools will test you HD http://www.seagate.com/www/en-us/support/downloads/seatools

There's a one on crucial site for testing RAM.

tony, bear in mind that all of those warnings you are getting are fake; there's nothing wrong with your laptop other than that it's infected with the "windows recovery" rogue. your desktop and folders etc are all still there; the infection just hides them but you can recover them all!
system restore will be unusable though; you need to use malwarebytes (and superantispyware, to be safe!).
read this carefully, follow it and you'll be sorted.

http://www.bleepingcomputer.com/virus-removal/remove-windows-recovery

That's what I suspected Xherbivorex but he's said nothing about the messages 'windows recovery' virus normal comes out with.

Edit: Oh seems I'm out of touch with errors it reports.

Good call Xher.

this happened yesterday to mine.
on another computer, simply download some malware software onto a usb. Then plug it into your laptop and run a full scan.

Rkill, MBAM. Herby's link explains this in detail.

And, for god's sake people, update your machines.

Windows update, Java, anything made by Adobe. You can even automate most of that with [url= http://secunia.com/vulnerability_scanning/personal/ ]Secunia[/url]

Thank you for the explanation, Xherivorex, my wife's laptop did the same last week with the addition that it refused to connect to the Net saying a new IP was needed. I guessed it was malware so disinstalled Norton, and installed AVG and Spybot which brought the system restore back to life. That allowed a restore to before all the nonsense stazted (which solved the IP problem). Nice to have confirmation of what the problem was. A warning then, Norton does not stop it.

[i]And, for god's sake people, update your machines.[/i]

I remember you saying this before Cougar, I've set mine to update automatically now!!

Been fine for ages, Ta

And, for god's sake people, update your machines.

Windows update, Java, anything made by Adobe. You can even automate most of that with Secunia

Amen brother!

If you don't change your computing behaviour and properly protect your machine ( good anti-virus/firewall/Secunia ) then cleaning up your PC this time is just pissing in the wind.

Oh, and there is a good chance that your PC is now sending out the sort of spam that everyone finds so annoying.

It's really frustrating. It won't help with zero-day stuff, but a large number of infections take hold through exploits that have been patched for months. For example, the Slammer epidemic that levelled half of the Internet a few years back, that had been isolated and patched for [i]six months[/i] before the worm was written. The patch which would've prevented Code Red had been out for a month, and if you still need convincing then just look at Conficker:

http://en.wikipedia.org/wiki/Conficker

Conficker broke in November 08. "Conficker has since spread rapidly ... with more than seven million government, business and home computers in over 200 countries now under its control." The vulnerability it exploits was patched in... anyone...? Bueller? October 2008.

Patch your damn computers, or switch them off. (-:

mate, you and i both know we're pissing in the wind trying to convince the vast majority of people to keep up to date with patches and so on!

My wife's machine was no doubt typical of a company/public service computer in that it had all the usual M$ software and Norton. She was actively discouraged from messing with it or adding things. Only when it wouldn't do anything at all did she give me carte blanche to install whatever would make it go again. The tax payer will no doubt go on paying for Norton for as long as she has the machine despite the fact I've removed it.

And then they go "well, I was only downloading some porn off bittorrent, and I haven't updated my computer since dinosaurs roamed the Earth, and [i]I don't understand how this happened. [/i]Microsoft is crap, isn't it."

Get in the sack.

it had all the usual M$ software and Norton.

I appreciate that this is an unpopular standpoint, but there's nothing wrong with either of those companies' products that setting up correctly wouldn't fix.

Yes I know I'll get severely flamed for suggesting this, can't all be the same in this mortal realm though. Where choice exists [and doesn't cost a penny] why not explore it?

Give Ubuntu a try sometime, you don't have to get rid of windows and I'm not saying you should

Whilst viruses exist for Linux, there are less of them and Unix-like systems tend to be harder to compromise

Many people are afraid to try because windows is so heavily ingrained and dismiss an alternative despite having ever tried it. To those who say its too difficult. Its not difficult, its like anything it requires some patience and learning, how many things can you do in this life and put 0 effort into?

Yes [I fully expect] various people will now try to pick holes in what I've said. This talk always opens a big fat can of worms.

Nearly two dozen posts! You're late.

So if Norton is so great why did a computer with fully paid up Norton, all scanner running and automatic updates each time the thing was connected to the Net have something over 200 nasties that Spybot found and another 50 or so that AVG signalled, one of which it can't remove because it's so embedded in the operating system? I Googled the viruses and they were classics that have been around for ages.

TBF, it's not bad advice. You can try Linux from a USB stick without installing anything (which has to be its killer feature). If you like it, great.

I just get a bit bored of the same drum being beaten, is all. There'll be an Apple evangelist along in a bit too, no doubt. Is there anyone, anywhere, who when given this recommendation goes "Linux? Wow, I'd never heard of that..."

If you have precious folders it might be prudent to get the Hdd out so you can recover later? then look to chuck new hdd in. If you get up and running at least you can use data recovery to get files back (disk drill or similar) I had the same thing with a couple of mates pcs, booted into safe, avg got rid of them. All done. A couple of extra options anyway.

Its not difficult, its like anything it requires some patience and learning

You're trying to punt the linux learning curve at people who haven't even learned to enable Automatic Updates? Good luck.

So if Norton is so great why did a computer etc blah blah

You want me to speculate on a computer I've never seen, based on vague anecdotal information and a complete lack of details other than the name of a company who have made hundreds of products over the years?

Ok then.

Perhaps it was an old version of Norton. This is more common than it should be in corporate environments as major upgrades are horsework.

It was probably badly configured. It's rare to find it optimally configured anyway, and the fact that you're (stupidly) running a home solution in a corporate environment (otherwise it'd be Symantec AV, not Norton) would further imply that there's no central configuration being done by IT, in which case all bets are off.

Norton is an anti-virus product, not an anti-spyware product (or at least, Norton AV is, which is what I'm discussing; the new versions pertain to be anti-spyware products, but they're not mature yet). Therefore comparing it to Spybot, a dedicated anti-malware product, is disingenuous.

An infection could have specifically targeted Norton and nobbled it. This gets more common as you look at bigger products; the smaller companies are less likely to be directly attacked by a virus author because there's fewer copies installed.

AVG found things which Norton didn't, because you ran it after Norton. This doesn't mean that it found more infections than Norton, just different ones. Had you been running AVG first and then removed it and installed Norton, you'd likely have had similar results. Malware specialists recommend a variety of disinfection tools for this very reason.

You reinstalled an AV solution. Had you uninstalled Norton and then reinstalled Norton, you might have had similar results.

No AV is 100%. Whether you found fifty infections or fifty thousand doesn't have any bearing on the effectiveness of a given AV product; it only takes one to slip through the cracks, and once the system is compromised then it's game over. Perhaps it was something Norton didn't recognise; perhaps it did recognise it and the user overrode Norton's suggestions because they really wanted to play Elf Bowling and her mate had emailed it to her and he's a copper so it's bound to be safe. Once an infection takes hold it can take out your protection and then sit there happily downloading dozens of other nasties which in turn can then do the same thing and they multiply like bacteria.

That's off the top of my head, I could probably come up with more theories if pressed but I CBA.

I never said Norton was "great," incidentally. I just think it gets a bad press which is largely undeserved. Personally it wouldn't be my first choice of solution, but it's alright so long as it's configured with a bit of care, which 99 times out of 100 it's not.

Oh, and,

My experience of public service computers are that it was probably several years old and hadn't seen a Windows Update since it was built. That's like leaving all your doors and windows open and then when your bikes get nicked complaining that your burglar alarm didn't work.

... which was my original point. (-:

over 200 nasties that Spybot found

Thinking about it, doesn't Spybot flag up advertisers' cookies as malware? That's your 200 'nasties' right there, they're called false positives.

#notes not to take a blind bit of notice of anything Cougar ever writes about computers#

I use adaware, spybot, pc tools spyware doctor, and avg anti virus software all free to down load, and they do their stuff.

Strangely clicking on cheshire west and chester website , i get an aol popup saying the site is infected and best wishes if i want to connect

#notes not to take a blind bit of notice of anything Cougar ever writes about computers#

More fool you then. It was a bit of an extended rant but a quality rant at that and correct afaik.

But you don't know do you Leffeboy, unless you've hacked my wife's computer and found what's in the virus vaults.

Many people are afraid to try because [s]windows is so heavily ingrained and dismiss an alternative despite having ever tried it[/s] Linux is only of any use to geeks

There, FTFY 🙂

(Speaking as a geek who installed several different distros for different things and fettled them, then gave up for desktop use cos it was just pointless)

Btw, Cougar is to PCs what iDave is to exercise physiology 🙂 Although seriously, full respect to Cougar for tirelessly responding to EVERY PC problem thread with excellent and patient advice.

What a hero.

notes not to take a blind bit of notice of anything Cougar ever writes about computers

OH NOES!!

But you don't know do you Leffeboy

Given that you've not given us any information at all, that's hardly surprising.

full respect to Cougar

Bless you, thankyou. The cheque's in the post. (-:

+1 full respect to Cougar

I'll take PP gift thanks 😉

If you read my posts you'll find all the information you need, Cougar. You're not very good at interpreting what you read and see on the television though are you. Remember your perceptive comments when concerns were first expressed that that the Fukoshima atom plant was in a dangerous state after the tsunami:

[i]ZOMG NUCLEAR REACTORZ R EXPLODIGN IN JAPAN ITS CHERNOBBLE ALL OVR AGN WONT SOMEINE THINK OV TEH CHILDREN?!

I'm really, really starting to hate our media services. Bunch of scaremongering, lying bastards. [/i]

The media were being honest and subsequent events showed they were in no way scaremongering. You, however, went off on a rant without stopping to consider the information being provided, just like your post above.

Restart in safe mode and run them again,tony.Do as much as you can in safe mode with what you have already downloaded in the past.I have avg and spybot and they seem to do the job if it ever goes dodgy.

molgrips have you used Ubuntu..

did you find that to be really hard to use ? 😯

I'd say its one of the easiest OS to use - have you used synaptic for instance?

Linux-from-scratch or Gentoo are probably the "geeky" ones that come to mind

I have not used Ubuntu, no.

The issue I have with it isn't ergonomics as such, it's all the other stuff. Like having to research hardware more carefully to make sure it's supported, having to use Open Office instead of MS Office which has all sorts of foibles, having to figure out alternatives to the stuff everyone else uses and so on.

The distros I used (I forget which) had lovely UIs but they were all packed with their own geek favourite selection of tools which were all random and just not as well sorted as a mainstream alternative.

If you read my posts you'll find all the information you need, Cougar.

Would you be so kind as to point out where you told us, say, which version of Norton she was running, the OS in question, or any examples of the infections you found? Information which is critical for giving you an explanation that is more than merely speculation, as I pointed out and you ignored. I obviously must've missed this informative post that you're referencing.

When you go to the doctor, and the doctor asks what's wrong, do you reply "don't you know, I thought you were a doctor"?

The media were being honest and subsequent events showed they were in no way scaremongering.

Wow, thread derail much? Are you [i]that [/i]short for a point?

The media were making shit up and got lucky. At the time that edit was made, no-one here really knew what was going to happen. I stand by my rant.

I have not used Ubuntu, no.

The issue I have with it isn't ergonomics as such, it's all the other stuff. Like having to research hardware more carefully to make sure it's supported, having to use Open Office instead of MS Office which has all sorts of foibles, having to figure out alternatives to the stuff everyone else uses and so on.

😯

No research required, stick the live CD in or usb pen drive and see for yourself. It will probably find everything you have.

What hardware are you expecting to have an issue with?

MS office only required for business. At home what does OO not do for you?

Does windows ship with everything you need straight off the bat? Probably not. So like any OS you have to choose and install the stuff you need.

You don't have to like it. But at least try it before saying things like that.

[no offence intended]

At home what does OO not do for you?

Not be annoying and crap.

Ubuntu is just Linux isn't it? So surely the same issues apply?

I'm currently using:

Tracklogs
Photoshop Elements
Premier Elements
Cubase

And trying out lots of video conversion software and noise editing software like DXO, neatimage etc. Most if not all of this stuff is Windows/Mac only, is it not?

Windows is just windows isn't it? So surely the same issues apply?

I'm currently using:

an operating system that isn't plagued by viruses and spyware
a journalled file-system that doesn't fragment badly
lots of free software void of adverts of licence warnings asking for money
an OS that boots faster than windows on this machine (yes I have both on this machine)
a community that helps improve the software every day
a relatively stable environment and no BSODs!
open office because I don't need to spend money for an office suite
an msn protocol compatable chat program (and others for that matter) skype,spotify,filezilla,wireshark,chromium,firefox,opera - yes indeed native

sorry couldn't resist... 🙂

each OS has its advantages, yes I do boot into windows sometimes.. just not very often as the list of windows only things I do is diminishing..

[again no offence intended molgrips, yes I can be awkward]

sorry [to OP] if the thread has veered slightly off course..

@molgrips, you could even skin Ubuntu so it looks/works Windows-like without the actual Windows OS installed.
Try before you make assumptions, please. There's a new Ubuntu beta available now, seems to be great.

how is ubuntu for wifi these days? i have it on another laptop i have, but havent used it for ages cos it was a PITA getting it to connect to my network via wifi in the first place, then it never remembered the settings. does it still insist on using the windows wifi drivers for your hardware or is that all resolved now? i may go back to it if so...

xherbivorex

it will probably work out straight away (on running the live CD or install) without needing to DL or hunt for any drivers

recently Broadcomm (a huge manufacturer of network chips) came onboard

http://www.pcworld.com/businesscenter/article/215919/broadcom_joins_the_linux_foundation.html

My laptops are connecting to Wi-Fi no problems, same for the desktop.

Ooh, OS willy-comparing.

I'm currently using:

an operating system that isn't plagued by viruses and spyware

Check. Can't remember the last time I had an infection, reasonably sure that I've not had one since Windows 98 days.

a journalled file-system that doesn't fragment badly

Check. NTFS is journalled and doesn't have any fragmentation problems that have any practical bearing on anything.

lots of free software void of adverts of licence warnings asking for money

Check. Most advert-supported free Windows software these days allows you to opt in or out. I don't recall ever seeing a licence agreement that asks me for money.

an OS that boots faster than windows on this machine (yes I have both on this machine)

If we say "boots faster than Windows XP" then check, My W7 install boots in a fraction of the time XP would.

a community that helps improve the software every day

No need for a community for the commercial products thanks to professional developers creating enterprise grade software. Independent third-party developers are pretty like-for-like between Windows and Linux.

a relatively stable environment and no BSODs!

Check.

open office because I don't need to spend money for an office suite

Check (however, I choose not to as I was given a full Office licence).

an msn protocol compatable chat program (and others for that matter)

I use Trillian, which connects to MSN as well as AOL, ICQ, Twitter, Facebook Chat, Jabber-a-likes such as LiveJournal, Gmail, corporate SIP servers, and pretty much anything else you'd care to mention thanks to an extensible plugin framework.

skype,spotify,filezilla,wireshark,chromium,firefox,opera - yes indeed native

Check, check, etc but we knew this.

Conclusion - Linux is almost as good as Windows! Who knew (-:

To be fair, I do like Linux, and Lucid Lynx is about as close to being a mature product as we've ever seen in the Linux arena. Though I can't help but think that we'll know when it's truly arrived when people stop feeling the need to justify their OS choices every time any computer question ever gets asked.

I have just developed a new respect for the techies at my school. 😀

@molgrips, you could even skin Ubuntu so it looks/works Windows-like without the actual Windows OS installed.

It's not what it looks like that's the issue. It's software quality and availability.

Free stuff is good value for money, but it's often not a patch on the paid for stuff. It's made by geeks who stick in whatever feature they fancy, and tends not to have teams of people doing usability labs on noobs and office workers to see what works.

Can I get tracklogs, DXO, a Photoshop equivalent (that's not Gimp), a good movie editing suite, Sky Player, iPlayer desktop, Windows Media centre equivalent (with all the plugins like Tuner Free MCE), utilities like Hulu downloader etc etc etc on Ubuntu?

Or are there all equivalents that are just that little bit less good (as I've usually found to be the case)?

I switched back to Windows because I got sick of hunting around for bits of utilities here and there written by some guy with a day job to try and mimic what I could do on windows with no bother at all.

Admittedly that was a while ago, and we all have different requirements.

and we all have different requirements.

Well said this is the fundamental point.

I think both have strengths and weaknesses.

Can I get tracklogs, DXO, a Photoshop equivalent (that's not Gimp), a good movie editing suite, Sky Player, iPlayer desktop, Windows Media centre equivalent (with all the plugins like Tuner Free MCE), utilities like Hulu downloader etc etc etc on Ubuntu?

Some of these are available in Linux in some form. But photo editing isn't a strength. Nor is gaming.

I don't play games so that doesn't bother me. But it would be nice if there something free to compete with the Adobe photo products for instance.

For web surfing, internet, development, network stuff, music its pretty awesome and its free.

Er, Jedi, how's the computer now?...

i just got in since camping yesterday. doing the anti spy ware thing from usb at the mo

But it would be nice if there something free to compete with the Adobe photo products for instance

I think it's very rare that the free stuff can compete with the paid for stuff.

To be honest I'd rather see much more PAID for software for Linux. This would increase the value of the platform no end, imo. I'd even pay for a window manager if it was available. Hell, if there was more quality software I'd pay windows-like licenses for a good quality distro that comes with the kind of usability and supporting software that Apple/MS have.

I wonder if this would be good or bad for the free linux world. I do think linux is a vital part of the IT world - if I wanted to set up a firewall, VPN endpoint, web server etc etc it'd be linux no question, so I don't want to see it fail.

People have tried, TBH. If you want to pay for Linux you can - for example https://www.redhat.com/apps/store/server/

Far as I can see, this gives you a controlled distro and enterprise support. Think I'd be using an x.04 Ubuntu release myself, but one of the nice things about Linux is that there's plenty of choice. Arguably, this is also one of its failings, from a certain point of view. (-:

Yeah like I say it's excellent for servers, if I were planning something I don't think I'd use anything else. I'm aware of redhat, looks pretty decent.

But the range of desktop app softwre is huge.

If we all used Java for our apps this would not be an issue 🙂

If we all used Java for our apps this would not be an issue

If we all used Java for our apps the Linux advocates would quickly have to stop bleating about how fast Linux is. (-:

Java is plenty fast enough for big desktop apps.

Just don't ask me about memory consumption 🙂

Most of us just want a machine that we can switch on like an amplifier though, then plug in anything we buy; phone, camera, printer, sound system, mp3, etc.. And all (not some) can be plugged into a computer with Windows and work, usually without even installing a driver. Dealing with what could go wrong but probably won't is easier that running Linux and then finding it doesn't work with the "tableau numérique" at work.

Running Windows means being constantly under attack so you need an anti-virus, spyware and malware that work. IME Norton doesn't. Having used Spybot and AVG to get my wife's machine working again I thought it might be worth running the Superantispyware and malware suggested by the first contributors to this thread. Because some people are clearly being helpful rather than just bragging and ranting.

I ran them first on my own PC that has always had AVG and Spybot; zilch apart from a few hramless tracking cookies most of which I recognise are from sites I visit regularly (yup hteres one from STW°. Then the wife's PC that was using Norton till the Windows simimulator thing got it last week. In addition to the stuff AVG and Spybot elliminated that brought the machine to life, the SUPERantispyware has just removed.

Adware Zango 31
Tracking cookies 605
Adware shopper report (low risk) 2
Disabled security centre 3
Adawre Zwangi
Gen Pinball 6
Trojan 1

Now I know that most of those are harmless but they slow the machine down, and it strikes me at least 4 are not harmless. So, Cougar, a laptop with reguarly updated Windows and Norton had been infiltrated and infected with over a 1000 unwanted files and enough "nasties" to bring the thing to a grinding halt. I think you are wrong to encourage STWers to have faith in Norton.

Oh dear will the Linux vs Windows argument ever cease here on STW?

Both are great OS's, and contributed quite a bit to the development of the personal computer over the years.

It gets tiring when each time someone asks about viruses/malware on Windows, the usual people pop up with the "switch to Linux and all your problems will be solved" tune.

Seriously, change the record.

@ Molgrips - if you like Redhat, have a look at CentOS ([b]C[/b]ommunity [b]EN[/b]terprise [b]O[/b]perating [b]S[/b]ystem) - 100% redhat compatible OS, built from the official Redhat source code.

Most places I have worked run Redhat on their production servers (politically they needed official OS/server support - even though we never used it), and CentOS on their development systems.

I might if I ever spec a work-only machine or a server 🙂

Edukator > Three things,

1) Of that list you cite there, none are viruses other than the last entry which is an unidentified trojan. This could easily be an innocuous trace from something that has already been removed (or might've been found by SUPER in a Quarantine folder). The rest is crap that she's installed.

An anti-virus program, as the name implies, prevents viruses. It doesn't, and never claims to, stop things that aren't viruses. It won't stop users from installing advertising programs, or protect against any other layer 8 issues.

2) At no point did I "encourage STWers to have faith in Norton," I simply believe that Norton AV is treated excessively harshly by a lot of people. It particularly seems to get a lot of flack from the same people who think that names like "Internet Exploder" and "Micro$oft" are original and clever.

3) I'm trying to help people here partly because I see it as a goodwill investment for when I need MTB advice and partly because I'm just nice like that; but, ultimately, I don't care whether you agree with me or not.

I'm the first to admit when I don't know something, but I'd like to think that this is a subject that I've got a reasonable handle on. I've first-hand experience of Norton AV and Symantec AV Corporate going back to DOS days. I've supported home and enterprise installs of pretty much every AV solution on the market, for everyone from a mate's grandad to Blue Chip installations with tens of thousands of connected clients.

If you want to believe that 'Norton is crap' (which IMHO is an astonishingly sweeping concept given that the Norton AV moniker has been in use for 15-20 years to describe a large number of wildly different products) then you do that, I'm not going to argue any further with you.

FWIW I've found Prevex Edge to be the most effective at getting rid of viruses. It managed to destroy a rootkit virus that AVG & Spybot couldn't do anything about.

rollox, i keep getting pop ups 🙁

Jedi, go for the boot in safe with networking, then run whatever antivirus/anti malware you have and see what happens. Should clear it.

so what do the pop ups say? it might help track it down
(and thank you Cougar for 'layer 8 issues')

i tried that. keep getting internet explorer pop up even though i use firefox.
get windows security is off message then pop ups too.

then what do the pop ups say? might give a clue as to what the infection is

i tried that. keep getting internet explorer pop up even though i use firefox.
get windows security is off message then pop ups too.

🙂 - oh well, well, well...

Pull the hdd, replace with new, install, get data off old one then full format/data erase. If you need a hand i'm about 30 miles up the a1 from you.

so, are these the sorts of messages you are getting?

Hard Drive Failure
The system has detected a problem with one or more installed IDE / SATA hard disks. It is recommended that you restart the system.

Or

Critical Error
RAM memory usage is critically high. RAM memory failure.

or
Windows Diagnostic Diagnostics
Windows detected a hard disk error.
A problem with the hard drive sectors has been detected. It is recommended to

(and thank you Cougar for 'layer 8 issues')

*whistles innocently*

leffeboy

yep seen them

Jedi,

It appears that my computer-telepathy interface is down at the moment. So you need to do one of two things,

1) Follow the instructions on xerbivorex's link on the first page of this post, or if they don't appear to be what you're dealing with then,

2) Tell us what you're dealing with. "It's a pop-up" narrows it down to about 30,000 likely infections; as leffeboy is suggesting a little more subtly, we're going to need more than that. What do the popups call themselves, what do they say?

If you've seen those, does it look like this?

http://www.bleepingcomputer.com/virus-removal/remove-windowsfixdisk