Malware/Adware/viruses causing havok

S

Scott_Arm

Legend
So I spent a long time last night trying to fix my friends PC. Her Windows would not boot. It would come up with an error saying Windows had stopped booting to protect her drive from damage. I brought my PC to her place, threw in her drive as a slave and Windows repaired a bunch of errors on the drive. If I was smart, at that point, I would have done a virus scan and adware/malware removal from my PC. We backed up a bunch of her stuff and burnt it to DVDs.

So now I get to the annoying part. I put her drive back in her PC, expecting her Windows to be fucked and not boot. Turns out it works, which is good, but there was so much crazy malware/adware on her PC that I couldn't really get it working. There was some "virus scanner" that had installed itself on her PC. It was in the tray and you couldn't shut it off, or remove it from add/remove, or uninstall it. When it ran it would find things and then direct you to a website to buy a retail version to actually remove the virus. I managed to figure out which process it was, kill it, and then deleted the files which were installed in a directory named with garbage characters, and then I wiped it out of the registry manually.

I finally managed to get enough crap off and have things running well enough (after figuring out she had Spybot, OneCare and some Norton package all running at the same time, doing the same thing) to get a good virus scanner installed. I left at 1:30am with the virus scan at 50%.

I'd love to blast it and reinstall XP, but she couldn't find her disc and key. Any suggestions on a great way to remove malware? She still is getting weird popups to her desktop and something is interfering with her web browser by redirecting to security software for sale.

It was a nightmare, to say the least.
 
Do not run online scans. They are worthless. If malware is resident in memory, your AV program has just about zero chance of being able to shut it down (if it's an effectively-written piece of malware, that is). You need to throw her drive back in your machine and run scans on it as a slave drive. Also, I hope you don't use Norton... I'll have to point my finger and laugh :p

Seriously, use Panda, AVG, NOD, Kaspersky.....
 
ShaidarHaran said:
Do not run online scans. They are worthless. If malware is resident in memory, your AV program has just about zero chance of being able to shut it down (if it's an effectively-written piece of malware, that is). You need to throw her drive back in your machine and run scans on it as a slave drive. Also, I hope you don't use Norton... I'll have to point my finger and laugh :p

Seriously, use Panda, AVG, NOD, Kaspersky.....
Click to expand...

NOD. Yeah, I'm really kicking myself for not scanning her drive from my machine before putting the drive back in her pc. Maybe I'll have to make a second visit to do the scan and see where that gets me.
 
Scott_Arm said:
NOD. Yeah, I'm really kicking myself for not scanning her drive from my machine before putting the drive back in her pc. Maybe I'll have to make a second visit to do the scan and see where that gets me.
Click to expand...

That is the way to do it ie, scan the infected drive from a different disk, so you are not running the infected OS. Kaspersky do a rescue disk (I think you can download it from their website) so you can boot off a CD, and scan your hard drives without letting the infected OS run.
 
Bouncing Zabaglione Bros. said:
That is the way to do it ie, scan the infected drive from a different disk, so you are not running the infected OS. Kaspersky do a rescue disk (I think you can download it from their website) so you can boot off a CD, and scan your hard drives without letting the infected OS run.
Click to expand...

Doesn't look like Kaspersky has rescue disks for download anymore. Any other virus scanners have good rescue disks? Would I be able to make a rescue disk on my PC and have it work on hers? Any other ideas of companies that would offer rescue disks for download?
 
Last edited by a moderator:
Shady what problems have you had with sata disks ?
(I couldnt re install xp only after I had installed vista did I realise it was because I had to set my hdd to compatablity mode in the bios for xp cd to see it :( )
 
Kaspersky rescue didn't work. It actually locks up about 40% through the scan.

This is a nightmare. My options are hauling my pc over and scanning her drive from mine, or wiping things clean and starting over, but she still can't find her windowsCD and key.

She has a compaq pc, so I'm assuming her key will only work with a special compaq oem version of WindowsXP? I think hers is Home as well.

I'm not sure that I want to give her a version that's not genuine, if you know what I mean. I'd like for her to be able to get all the updates and whatnot. I'm not sure what having a non genuine copy prevents you from doing.
 
There isn't a sticker on the PC? Compaq, and other OEMs, are required to put one on the computer. Also, your ideas of how the key will only work with that disc are wrong. Any Windows Home disk will work just fine. You might want to have downloaded the drivers and put them on a flash drive to have handy if you do that option though.
 
Davros said:
Shady what problems have you had with sata disks ?
(I couldnt re install xp only after I had installed vista did I realise it was because I had to set my hdd to compatablity mode in the bios for xp cd to see it :( )
Click to expand...

Sorry I wasn't clear earlier, I meant that a lot of the utilities on Hiren's boot disk don't work with SATA drives, or at least not the way they should. Hiren's itself will create a RAM drive on just about any type of disk (including SATA), and the utilities on the boot disk can see this RAM drive, but a lot of them cannot see any other partitions on the drive so those scanners become useless on a lot of newer computers.
 
Skrying said:
There isn't a sticker on the PC? Compaq, and other OEMs, are required to put one on the computer. Also, your ideas of how the key will only work with that disc are wrong. Any Windows Home disk will work just fine. You might want to have downloaded the drivers and put them on a flash drive to have handy if you do that option though.
Click to expand...

That's just wrong. I have an XP license from a Dell and an HP XP disk that it doesn't work with. Both SP2 XP Home.
 
ShaidarHaran said:
That's just wrong. I have an XP license from an HP and a Dell XP disk that it doesn't work with. Both SP2 XP Home.
Click to expand...

I've never had or heard of someone having an issue with a standard XP Home disk not working with the license on the CoA on a computer. But hey, not like this is the first time your experience is wickedly different.
 
I really wish Windows was offered free on some level. There should be a basic version of windows for the average joe that doesn't cost anything. They can charge for the "pro" and server versions.
 
I just wished us brits were charged u.s prices for vista
thankfully i downgraded someone from vista to xp and they gave me the disk
 
Skrying said:
I've never had or heard of someone having an issue with a standard XP Home disk not working with the license on the CoA on a computer. But hey, not like this is the first time your experience is wickedly different.
Click to expand...

I said I have the disk and the license. I'd offer you a photograph but then I'd be leaking a license and I'd rather not get busted for encouraging piracy just to prove you wrong.
 
ShaidarHaran said:
I said I have the disk and the license. I'd offer you a photograph but then I'd be leaking a license and I'd rather not get busted for encouraging piracy just to prove you wrong.
Click to expand...

No, what you said was you have a Dell license and a HP disk. What I'm saying is the Dell license should work just fine with a standard XP disk, as in one bought retail or OEM but no potential manufacturer change. I've never heard or had an issue with using a standard disk and the CoA include on the computer. In fact it not working seems like it would be a violation of Microsoft's license.
 
You stated any (OEM - your omission) license will work with any "standard Windows Home disk". I stated this is incorrect, in my experience, and explained why. Now you want to re-state your argument so as not to be incorrect.

Whatever.
 
What does she use her PC for?
If it's just browsing, email, simple docs, music and videos then just download a good linux distro and install that :)
 
ShaidarHaran said:
You stated any (OEM - your omission) license will work with any "standard Windows Home disk". I stated this is incorrect, in my experience, and explained why. Now you want to re-state your argument so as not to be incorrect.

Whatever.
Click to expand...

Standard meaning no potential alterations to the disk. You have to know, seeing your claims as having so much experience, that disks from companies like Dell and HP are often modified for whatever reasons. For instance many Dell disks use to not require a serial when being installed on Dell systems, recall the first cracks for Vista? They worked off whatever the trick was (I've forgot it now) by tricking the disk into thinking the system was a specific model. So yes, any standard non-altered disk should work. I've never seen this not be the case.
 
You must log in or register to reply here.

Similar threads

digitalwanderer
Vacation suggestions for the US for Feb 4-10
2
Replies
24
Views
2K
nutball
N
digitalwanderer
New monitor for my wife
Replies
11
Views
1K
Davros
D
D
Retro build - What GPU's should I go with?
Replies
16
Views
1K
davis.anthony
D
D
4K Tv and Windows 10
Replies
3
Views
415
Davros
D
digitalwanderer
Anyone knowledgeable on car tires?
2
Replies
21
Views
2K
Silent_Buddha
S
Back
Top