Last night was the worst computing experience..

Discussion in 'Off-Topic Discussions' started by recruiting, Aug 24, 2008.

Loading...
  1. recruiting

    recruiting Member

    of my life! I was surfin the web looking of olympic news then stopped and went to eat chow.

    When I came back Norton Antivirus was up and there was a box to install ANTIVIRUS XP 2008

    Thinking this was a update from NORTON ANTIVIRUS I clicked install. BIG BIG BIG MISTAKE!!!!

    This program not only deleted my restore files and LOCKED my Ether Net card and internet connection open to the world BUT it did do to the point where I COULD NOT DISABLE IT and I now have three connection showing to the internet. It also infected both my browsers and a host or other applications. It removed my wallpapare and replaced it with a warning message that I WAS INFECTED AND SHOULD BUY ANTIVIRUS XP 2008 to remove the infection. It disabled my video card and sent me back to 1984 VGA mode as well. GOD I WAS SO POed!!

    Three Malware, Spyware and Nortorn programs could not remove this, some did not even see it. It was at 200AM when I had to buy yet another program that boasted that they are the ONLY one that could remove THIS infection (umm very interesting) However, it did, almost. Every scan shows some bit of infection is still left in there.

    My internet connection STILL accesses the net and I can't see what program it is. The TASK MANAGER shows no applications running, so I don't know how to see what is sending info out over my connection. Is there a program that can do this? I want to delete the Local Area Connection (3) but WIN XP wil lnot allow me to delete these!!

    STAY AWAY from this bug, it's BAD!! GOOGLE IT!!

    I have a weird feeling about the ONLY company that can fix. Did they create the damn thing?
     
  2. Bruce

    Bruce Moderator

  3. Abner

    Abner Well-Known Member


    Hopefully, Sentinel will respond. If not, you may want to pm him, he is a computer genius, and a cool dude to boot!


    Abner
     
  4. Kizmet

    Kizmet Moderator

  5. sentinel

    sentinel New Member

  6. recruiting

    recruiting Member

    I'm afraid to look!!

    But I will, STILL working through this issue as I type.

    Downloaded Zone Alarm to restrict internet traffic.

    I HAVE THREE CONNECTIONS under my Network Connection tab.
    SAY:

    LOCAL AREA CONNECTIONS (3) and there is the icon below it. Anyway to start from scratch with the connections?
    DELL DIMENSION 4600 STOCK
    INTEL PRO 100 VE (NET CARD)

    I only want one connection like I had yesterday !! However windows XP will not let me delete OR SEE the other connections.

    This is BS!! Sorry..

    I will check the links you all sent to see if they will help.

    I'll have so much security on my system it will probably run like a snail..
     
  7. recruiting

    recruiting Member

  8. sentinel

    sentinel New Member

    If the only tasks for which you use the computer is web browsing, email, and instant messaging might I be so bold as to suggest you try a bootable from USB thumb drive distribution of GNU/Linux called SLAX. You set the computer to boot from the USB thumb drive and depending upon the amount of RAM in the computer, choose either run from USB thumb drive or run from RAM. Nothing is installed to your hard disk drive. When you need to do MSWindows things, simply reboot the computer and remove the USB thumb drive.
     
  9. recruiting

    recruiting Member

    Thanks to everyone for the help! Sentinel I will do that, I just need to know what is trying to access the net when I dont have anything running. I even shut down all the security programs that could look for an update including MS update.

    I just bought a new wireless router (D-LINK) and installed PURE NETWORKS SUITE. From what ZONE ALARM is saying is PURE NETWORKS is listening on port blah blah blah..
     
  10. sentinel

    sentinel New Member

    The best way to check what ports/traffic is exiting your computer via the ethernet port is ethereal. The provided URL is for a portable version that is self-contained. Run it from within MSWinXP. Another way to check which outside ports are visible to the Internet is ShieldsUp. If you cannot identify the unauthorized outbound traffic and the other fixes have not resolved the issue you will most likely have to reinstall MSWinXP from the CDs; hopefully you have those CDs.
     
  11. MichaelR

    MichaelR Member

    This is why i have a ghost image of my Laptop...... Granted it wasn't the most recent image, but i can live with a few lost e-mails.
     
  12. recruiting

    recruiting Member

    Ghost image? This Malware/Virus is pure evil my friend!

    I got my system back yesterday.

    What cured this infection:

    MALWAREBYTES.COM
    ZONEALARM.COM
    NOSCRIPT
    The people from this forum.


    I did not have to re-format my hard drive either!! :)
     
  13. sentinel

    sentinel New Member

    This is a good approach to facilitate rapid restoration of a computer after infection or if you decide it is time for a clean-up to address the entropy Microsoft Windows seems to introduce as the time between operating system installation and today increases.

    I take a similar approach using Sun VirtualBox running atop Novell OpenSuse. I install Microsoft Windows XP (HE) inside Sun VirtualBox and make a backup copy of the image. If MSWinXPHE ever gets infected or otherwise starts misbehaving I delete the current image and replace it with the backup copy from the initial installation fully patched of course.
     
  14. sentinel

    sentinel New Member

    Glad to hear you were spared the reinstall process. Though you might want to keep an eye on any outbound traffic for awhile.
     
  15. sam999

    sam999 New Member

    hello all,
    I see "recruiting" has had some great answers here. Will this link that Sentinel gave you work to clean up possible registry issues? The "lancelhoff" one, I mean, I do not know for sure what is making my XP hang at times on startup.

    Or is there another program I should download to check for what the cause is? I have not tried a re-install yet------so much to backup first.
     
  16. Bruce

    Bruce Moderator

    A fantasic free utility I use is CCleaner (short for "Crap Cleaner") which cleans out your cache, cookies, etc., and also includes a registry optimizer. If you run all the tools (cleaner & registry scan) you should see an improvement in performance;

    http://www.ccleaner.com
     
  17. recruiting

    recruiting Member

    Thanks Bruce, I actually downloaded that a week ago and it is GREAT! I also downloadad NOSCRIPT this product is outstanding. All scripts on a website have to be approved before they can work.

    Thanks for the heads up on that one!
     

Share This Page