I need some help with virus infection on pc

Hi Guys,

Well as the title says I need some help with a virus problem.  I'm currently helping a Veterans group that provides services to Vets.  One of 3 PCs is infected.  It runs XP SP2.  It has McAfee (Comcast provided),  Spybot Search and Destroy, and Malwarebytes Antimalware (free version) installed.  I have scanned with all three.  They have removed some Viruses (trojans) but now they come up blank.  I'm using Tea-timer on it and have Immunized IE8 to block harmful websites.

The symptoms.   1). When running IE8 a new IE8 window will automatically open attempting to contact a blocked website.  This results in 505 error.  (Reminds me of a trojan) 2). When doing a search in Yahoo, Google or Bing the search results are corrupt.  Clicking on any links results in random web pages being connected but, always harmless web pages. (Reminds me of a Bot). 

I'm looking for safe effective advice for ridding this machine once and for all of all bots and trojans.

Help!!!!8C

11,720 views 27 replies
Reply #1 Top

one thing you could try is downloading and running the fantastic A-squared antispyware program, I find this program will usually pick up a few things that all the others miss as it uses an entirely different scanning engine. there is a free and paid version available. Also Simply super Softwares Trojan remover is another good and legit program to use. I am not sure if they gave a free version but i am sure a quick search on google will find that. This program helped me out last year when i got hammered by a virus and all my other programs didn't find it but trojan remover did and removed it and fixed my system without having to reformat. Good luck mate i know how frustrating it can be when you get a virus but perservere and you should be able to win this battle :)

Reply #2 Top

One suggestion would be is if you know when the computer started messing up is to restore to a date before that. 

I'm sure that there are other programs to run to try and clean the computer of virus/malware/trojans but you may not find everything.

The only other alternative is one that I'm pretty sure you have thought about, reformat the harddrive  and do a clean install of the OS.

Good luck.

Reply #3 Top

www.emsisoft.com/en/software/free/

and it is free.

Reply #4 Top

Have you tried in safe mode and at boot up?

Reply #5 Top

Just for information and not that it's going to solve your situation. Comcast doesn't offer McAfee anymore and it will expire very soon if it hasn't already. If you have Comcast you now get the full Norton Security Suite 360. If you go for it of course you would have to delete McAfee first.

 

http://security.comcast.net/ 

Reply #6 Top

Hey guys thanks for all the responses.  For right now I can try the free anti-virus scanners.  Thanks for the suggestions Nimbin and DrJBHL.

Thanks for the advice on restore points Philly0381 but, restore points were turned off on this machine. We tried that and it is a nogo.

Thanks for the advice w4xpl4y3r.  I tried that once earlier but, I had difficulty getting Windows to run in Safe Mode.  It just kept looping back to the Windows startup selection screen(B&W screen).  I'll try that again. 

Are there any really good free online scanners which will also remove any viruses found??;)

Reply #8 Top

Reformat.

Reply #9 Top

Thanks for the link DaveBax that will be done next week.

Thanks for the link machanix76.

Hi Jafo!!  You might be right, this one has been impossible to defeat so far.  The Norton free online scurity scan I went to from the Comcast Security web page came up blank also.

Reply #10 Top

Sounds like a virus that I had a couple of years ago. The damn thing kept backing itself up and I had to break down and reformat. Luckily the computer was only a week old, so it wasn't a huge loss.

 

Good luck to ya!

Reply #11 Top

If you do decided to reformat then think about how you want to set up the computer as fas as security goes.  Turning on the restore points function might be a start and then establishing a restore point after doing scheduled clean up and running scans would be good. 

Reply #13 Top

I am now posting a HijackThis log on Bleeping Computer web site. I hope this works.

Should...;)

Dump just about anything that says 'BHO'....that'll help.

Reality is tho that Browser Hijackers can be a pain in the bum to chase down/remove....As Ripley said..."Dust off and nuke them from space....only way to be sure."

aka

Reformat....;)

Reply #14 Top

As Paul said........Your safest option is to reformat...........Ask yourself..........are you ever going to be really sure that the virus has gone even after additional scanning??? If the answer is 'no'.............always reformat and then it will definately be gone.............If you want to go the free scanner route use BOTH the on-line tools offered by Kaspersky and ESET (two of the better known and reliable products) and they will give your machine a thorough going over. Links:-

Kasperskys on-line scanner is awol at the moment undergoing an overhaul but you can check individual files here  http://www.kaspersky.com/scanforvirus

ESET http://www.eset.com/online-scanner

..........But reformat is your best option |-)

 

Reply #15 Top

Ditto with the reformat,one more thing & it's free, macrium reflect it's an imaging program,only point i need to make is you need to create one time images (not to be confused with cloning as that's the whole hard drive including partitions),also it pays to have two copies of an image on seperate hdd's & take the images as you go starting from initial install

http://www.macrium.com/reflectfree.asp

 

CNET,PCWorld are good places to get free securityware

 

You also might want to consider using something like returnil or sandboxie

 

EDIT:Forgot to mention spywareterminater,it's pretty much the same as SUPERantispyware (or however it's spelt) except you get full funtionality & with HIPs enabled nothing can install without your knowledge

 

 

Reply #16 Top

these nasty little morons who create these trojans etc shld be shot - they are not harming microsoft but ordinary ppl. i have had to do fresh installs before and it is a time wasting pain

Reply #17 Top

Well...before reformatting...Have you considered using Firefox instead of the slow and dangerous IE8? Seems that the problem is IE related and it's a good chance to dump it for good and enjoy much faster and safer browsing!

If you like to be even safer, you can install AdBlockPlus and No-Script add-ons (for Firefox) to stop malicious code.

If that doesn't help, no need to give-up before you tried installing few free antivirus programs (but you'll have to uninstall the current one every time). Try Avast and Avira at least!

Reply #18 Top

Wow thanks everyone for the great advice.  I'm limited with what options I can apply to this pc, it is state property.  Because I've been helpful with past problems, I'm being allowed to work on this one. 

I'll try the Kaspersky and Eset online scanning links next.  Thanks Leo the Lion. 

I'll take this one step at a time.  Eventually the culprit will be found. 

Does anyone know why this Dell Optiplex Pentium 4 computer won't boot into Safe mode?  Windows fails to boot in safe mode then it loops back to loading the bios and Windows startup selection screen (F8 key).

Reply #19 Top

Does anyone know why this Dell Optiplex Pentium 4 computer won't boot into Safe mode? Windows fails to boot in safe mode then it loops back to loading the bios and Windows startup selection screen (F8 key)

Wouldn't be surprised if that was down to the 'infection' too....nothing better than crippling one of the methods of infection resolution...;)

Reply #20 Top

And after you go through the reformat process...do yourself a huge favor and get Acronis True Image home and then when you have your fresh bare bones install back it all up...then install all your apps and back that up as well. Then when you get those nasty viruses you'll have to choices to backup to. And the nice thing is...click it and walk away. :rofl:

Reply #21 Top

Does anyone know why this Dell Optiplex Pentium 4 computer won't boot into Safe mode? Windows fails to boot in safe mode then it loops back to loading the bios and Windows startup selection screen (F8 key).

What driver does it stop on prior to reboot? If the Startup screen is as far as it gets, threw in an XP disk and do a repair. If it will boot into Windows run: sfc /scannow

Reply #22 Top

What driver does it stop on prior to reboot? If the Startup screen is as far as it gets, threw in an XP disk and do a repair. If it will boot into Windows run: sfc /scannow

Hi yrag!  I'm not sure it starts to load xp safe mode and when it gets near the end of the list of commands it loops back to the BIOS startup with the error message Windows start up failed. 

I can get regular Windows mode to run.  I'll try the sfc /scannow command.

Reply #23 Top

Hit pause where the driver fails to load and tell me what it is. (hit enter to continue reboot). My guess is it's Mup.

Reply #24 Top

Hit pause where the driver fails to load and tell me what it is. (hit enter to continue reboot). My guess is it's Mup.

I have to wait for someone to give me the XP disks (if they have them).  They're gone for the Easter holiday.

Happy Easter!  I'll be talking to you again here on Monday .. Tuesday etc.

Reply #25 Top

I just wanted to say that Bleeping Computer solved everything. :D

If you ever have unsolvable system problems give them a try.

Problems they resolved for me:

Booting The computer wouldn't boot into safe mode.  It does now.

Internet Explorer 8. Unwanted popups, forced installs of fraud anti-virus packages such as ave.exe.  No longer occuring.

Web Seaches.  Web search results pages would be hijacked to unwanted web sites.  No longer occuring.

Check out my topic!  Bleeping Computer was great.