Welcome to Netrider ... Connecting Riders!

Interested in talking motorbikes with a terrific community of riders?
Signup (it's quick and free) to join the discussions and access the full suite of tools and information that Netrider has to offer.

PC Virus - I need some help big time

Discussion in 'Technical and Troubleshooting Torque' at netrider.net.au started by deyago, Jul 21, 2005.

  1. Hi All,



    Let's just say that, yes, I am an idiot. Getting past that I now need some help getting rid of a bastard of a virus on my home PC.

    It came as an Optusnet service email and muggins here just blindly opened it up and whammo.

    So, now I cannot open any internet site (but email still works), I cannot access the Task Manager, it automatically closes down, Norton Anti Virus etc have been disabled and I cannot reopen them, I tried to install an old Vet program but it wont load either. The PC seems to be running at almost full capacity and everything is either really slow or not working (I think).

    So I obviously need to remove the little bastard without having to reformat the hard drive as my preferred option. Can any of you help?

    jake
     
     Top
  2. Give this a go Norton Online Scan.

    Don't try it without broad-band though as it will take forever.
     
     Top
  3. i think wat you have is actually a worm not a virus.

    if you can look at this link it might help you
    http://securityresponse.symantec.com/avcenter/venc/data/w32.mytob.ia@mm.html

    if you can't then try disconnecting the internet, emptying the temp and temporary internet files folders of everything. after that look through your hard drive for any folder/files that seem out of place to you.

    sorry i couldn't be much more help
     
     Top
  4. Hey Demaros,

    That's the one, the last false message is word perfect to the one I received. I'll have a go at home tonight. What do I need to do to get rid of it once I clean out the temp files? DOn't want the little bugger hanging around. Thanks mate.

    Also, apologies to anyone who may have copped an email from me with this shit on it.

    I make this my heart felt promise: If anyone ever tells me that they make and distribute viruses etc for fun I will smack them in the mouth with all my short-arse might. Scum, scum, scum.

    Thanks
    jake.
     
     Top
  5. I thought one of deyago's problems was that he now can't access the internet using that PC:

    "So, now I cannot open any internet site (but email still works)..."
     
     Top
  6. you gotta get rid of the worms traces out of the registry, and also any files you find on your comp that are related to it in any way. you need to find the file you downloaded from the orginal email and delete it. although i may have made copies of itself so you need to find them if there is any.
     
     Top
  7. Affraid so, but thanks anyway Nova, will give that a go if I can get the sod off first just to check everything. It does look like a worm from what Symantec has written up. I've printed off the info and will give that a go tonight. That said, any and all other help will be appreciated, I'm the PC equivalent of a Mercedes owner, I can turn it on but don't ask me where the spare tyre is :wink: :LOL: .
     
     Top
  8. Ah ha, Symantec said something about that, will try that tonight, hope I don't end up "making love" to the PC. :roll: :)
     
     Top
  9. :newb:

    i'm pretty good with computer, built my first when i was about 12 i think, always have family members and friends ringing me up to fix there damn computers for them....bastards
     
     Top
  10. Assuming you are using XP??

    You might find, without using a specific fix, that every time you restart the computer the problem will still be there. (Hope not)

    The reason is that the restore facility is infected as well. Most virus scanners etc do not check te restore section.

    Disable your restore system first. Then clean the virus by whatever means. Get someone else to get a fix on a floppy for you, or try the fix link someone above mentioned.

    After you have cleaned it and the computer is working OK again, remember to restore the restore system. Most macro and worm viruses(?) work like that.

    Good Luck

    Brian

    ps. I think it is a good idea for people like yourself to tell us what happened so we can all learn. Thanks.
     
     Top
  11. deyago wrote
    Interpretation


    :LOL: :LOL: :LOL:

    Know how you feel Jake , i had one last week and didn't know what to do but the good lads here were able to help me get rid(edited) of it.
     
     Top
  12. At 12 I was busy crashing my old Yammy dirt bike, let me know if you need servicing advice, I'll try not to stuff you up too much :wink: :D .
     
     Top
  13. For once I wasn't, honest! :LOL:

    Man, I was so majorly pi$$ed off thinking I'd have to wipe the hard drive and start again. It sounds like I can avoid that if I'm careful and clean the bugger out.

    Brian, will let you know how I go and thanks for the additional advice, didn't know that.
     
     Top
  14. thanks i might take you up on that when i actually get a bike lol
     
     Top
  15. General info for any Virus, Malware, Adware, Spyware.

    If you have trouble removing any of teh above without internet access to download files, patches etc, the, on your work PC (or similar "donated" internet access :wink: ) Go to www.iamnotageek.com (www.ianag.com) download the program "Hijackthis" also called simply hjt.

    Run this on your infected PC, it will generate a plain text report. Transfer the report to you "donated" pc, via email (I think you said it still works) or plain old flopy disk. Go back to www.ianag.com, go to the hjt page and paste the report into the place provided.
    A coupla seconds later, it will tell you exactly what is broke, where it's broke, click the highlighted text and it will tell you exactly how to delete each and every occurance (I guarantee if you were vulnerable to one, you are vulnerable to lots of trojans, worms etc)

    Some fixes require additional downloads, and involved rebooting into "safe mode etc", some are easier to fix with a format and re-install

    Once clean.. do the following.

    Purchase, install and keep updated (scheduled daily is required for those on broadband) a reputable virus scanner.

    Obtain, install and keep updated a good "spyware" and "adware" scanner, most a free, I use "Spybot search and Destroy" and have never been infected sinse running it.

    If you don't have a broadband/ADSL router that includes a firewall, then install one ASAP.

    Religously check the vulnerability warnings from the firewall/Anti virus/Spyware tools and block these ASAP.

    Having a good anti virus solution is only the first step in keeping the PC clean.
    Boring geeky stuff eh... but sadly needed these days.

    JJ
     
     Top
  16. Iffra

    I reckon your recommendations are not just recommendations, they are a MUST. An absolute minimum.

    I cannot understand anyone logging on to the net without those 3 recommendations.

    My Avast (free) apparently checks for updates every 4 hours. Some like F-Prot check every few seconds I believe.

    Does that file you mentioned only work on virus etc?

    I use spybot and Ad-Aware, Zone Alarm and Avast. Seems to keep my machine steady enough.

    Another thing to do if you are game is to do a registry clean. Get rid of anything that does not have a valid path.

    Brian

    Don't forget to do a backup or set a Restore point before and after any major clean. Just in case.
     
     Top
  17. Bwian

    "Hijack this" is mainly for spyware/adware removal, but is a good general health check tool, as it scans the registry and memory as well.

    www.ianag.com is a bloody good site for anything that can make a PC sick, saved a few very embarrassed an woried notebook owners at work quite a few times (you can never get them to comply with good browsinghabits when they're outside the office)

    You need to register to get the best out of the site, but hey, it's free :LOL:

    JJ
     
     Top
  18. I reckon it would be a worm, that is using your computer when your online, the first thing i would do is NOT go on the net with it, you dont know what its logging, sending or being used for. take the phone cable out!

    Then restart windows in safe mode, F8 when booting (only boots up the backbone of windows, doesnt load anything else) then try and start nortons, if it doesnt start, try reloading it. If that still doesnt work, rip your hard drive out and stick it in a computer that has norton's running, make sure you the computer you stick it in is only able to read your files not yours can read its (turn of file sharing).

    Run a norton scan on your hard drive from the other computer and when it finds something look it up on the symantec website. If it says anything about corrupting your Windows on deletion, copy your personal files you need to the other computer (norton will pick up if its copying bad files). Then run the fix on the hard drive.

    Hope that all makes sense. symantec (norton) website is good for all that kind of stuff.
    Then buy a firewall www.zonealarm.com , download windows antispyware www.microsoft.com , and biggest advice ALWAYS KEEP YOUR SOFTWARE UP TO DATE it takes a fraction of the time its gonna take to fix it!!!!

    edited - cos im too much a geek! HAHA lets talk binary HAHA NYUR 10011101000 :LOL: :LOL:
     
     Top
  19. Iffra

    Couldnt make much sense out of that site. I found a fixer that was free. Free my arse. It supposedly found some errors that were missing files in the registry. I knew about them. It then wanted money to fix it.
    While I don't have a problem with paying for a service, I hate seeing free when it means scan free, fix for a price. How do I know it will fix it once they got the money? I had trouble with overseas types before. Notably McAfee. Try getting your money back from that lot.

    Anyway the prob I have is the computer does not shutdown properly, or restart properly. Gets to a point and stops.

    Tried a few things but it just does it all the time. Starts ok.

    I have the same prob on another machine as well so it may be the version of xp I have.

    Brian
     
     Top