Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
I don't know what's wrong with my computer, so I can't give many details, but I'm definitely infected with some kind of spyware or maybe even a virus. I have no idea where it's coming from; sometimes I'll have pornographic sites popping up and sometimes it's a blank page that starts downloading something. Also, ever since my computer started having trouble, my McAfee virus scanner has been disabled and I can't enable it or use it. I've tried scanning with AdAware, SpyBot, Spyware Doctor, and Norton. They all found infected files but I didn't really see a difference in how my computer was running. Plus, I've been scanning my computer every day, and every day the same infections come back so I don't know what to do. I'm considering just backing up my files, wiping my whole operating system out and starting over (although I'm not sure how to go about that either :/) Can anyone give me suggestions for things to try before I use my last resort?
Thanks!
Try turning system restore off(My Computer>properties>system restore) and restarting the computer. During the restart enter the safe mode(usually by tapping the F8 key during the startup and select administrator). Run McAffee while in it, and the other antispyware programs(make sure they are updated before you use them) that you have. What firewall are you using?
0 
www.trendmicro.com has an online virus scan that will be up to the minute and it is free to use. It would be a recommended product to purchase as well. Backing up at this stage will backup the infected files. Cleaning up is first, current active virus protection is equally important. I doubt that you have had any failure in the file structure that would warant formatting even if you decide to wipe everything and restore.
0
Thanks. I'll try those things. I don't know what firewall I'm using, though. How do I figure that out?
0
Something is stopping me from downloading the virus scanner on trendmicro.com - every time it starts downloading, the internet closes. Also, my internet is practically unusable now because every 10 seconds, a new page pops up that starts downloading more spyware to my computer. I'm about to throw the whole thing out the window...any other advice would be much appreciated
0
Get a friend (or neighbour) who is on the Internet to download to a floppy a tiny anti-virus program - Stinger....
http://vil.nai.com/vil/stinger/You can run this to see if it finds anything but it only looks for about 50 of the most common viruses.
If your infections keep coming back it sounds like....
1. you don't have a firewall
2. you have a Trojan
3. both 1 & 2XP has a built in firewall (if it's been enabled). Someone on here who has XP can tell you how to enable it.
Start Windows in 'SAFE MODE' then run your anti-virus programs. Run Spybot and the others you have. Start the PC normally and try an online Trojan Scan. It's free and may find your bug.
http://www.windowsecurity.com/trojanscan/If you can list the viruses that keep coming back, it may give a clue as to how best sort this problem. Norton sometimes has tools to download that you run and these tools are better able to kill certain viruses but you need to give us the names first.
There are many bugs that cause more stuff to be downloaded but a long shot would be to search your PC and delete (to the recycle bin only) a file named n-case.exe or ncase.exe
I have had your symptoms before and the bug was n-case but as stated earlier... it could be one of many.Post back with more info after you have tried the above.
0
P.S. I should have also said.....
When you are virus free, be sure to virus check any disc's of your backed up stuff that may have got infected before you just load the stuff back in.
0
I can't tell exactly which viruses are on my comp, but here are some names that keep popping up in the scans:
-TIBS dialer, tibster
-BackDoor
-PurityScan
-Web Site Viewer (I think this is responsible for the porn screen that pops up every time I start my comp)Also, these are the most common sites that come up automatically while I'm on the internet:
-klickfeed.com (a search site)
-horseserver.net (this downloads something to my comp every time it pops up)I have tried running my scan programs in safe mode (Ad Aware, Spybot, Spy Sweeper, McAfee Virus Scan, Norton Anti Virus, Microsoft Anti Virus, CWS Shredder, AND Spyware Doctor). They all found lots of problems and supposedly deleted them. But they keep coming back, so I don't think these programs are finding the root of the problems.
I will try the Trojan Scan and post the results. Again, thanks for the help
0
http://www.webroot.com/spywareinformation/spywaretopthreats/
Name: TIBS Dialer
Description: TIBS Dialer – TIBS Dialer is a dialer program that hijacks your modem and dials toll numbers, usually to access pornographic "pay" Web sites. You may find you have been dialing £1 ($2) per minute.
http://sarc.com/avcenter/venc/data/adware.purityscan.html
Adware.Purityscan is an adware program that downloads and displays advertisements on your computer.Back-Door is most probably the Trojan although there are many variations.
You should get the firewall sorted first as this will help stop the bugs getting back onto your PC after you have cleaned them out.
0
Every time I try to check my firewall settings, I get this message:
"Due to an unidentified problem, Windows can not display Windows Firewall settings"
Whatever is on my comp is clearly trying to make sure it stays there
Now Internet Explorer won't work, either - I have to use Firefox
Should I just give up and pay someone to fix my comp?
0
You have tried so many things without success that it would appear time to get some hands-on help from someone, maybe a trusted and patient friend with some experience in finding and correcting problems such as you have. I'm sorry that nothing we've recommended has helped you.
0
I'm working on this problem right now.
It's very nasty. With the right tools you
can see it doing buffer overloads. Not sure
yet but it may be due to an infected copy
of "collapse" game.First of all block horseserver.net on your
external firewall. That will keep the trojan
from updating. It wont stop the progam from
working since it survives a reboot and reinstalls
webview entries in the registry. You will
see the temp files it creates to do this.The worm destroys Zone Alarm and Windows
Firewall and dumps its files into the temp
directory. It also trashes or patches wininet.dll perhaps to proxy requests.It also spawns this porn dialer.
You may want to invest in a hardware firewall and monitor your pc externally to see what ports it is opening up. I'm making some progress in getting
rid of it. There's also notices showing up
on virus sites regarding the porn dialer which
have instructions on removing it, which I have
not gotten to work yet.
0
im not a computer expert or anything, so please dont make me sound like a know-it-all fool if you reply to this, but iv had my share of experience with viruses and spyware stuff, and am happy to share if it helps.
1.if you think you're comp is infected, start by immediately running running a check with spybot S&D, adaware or anything you have.
2.ctrl alt delete, and click the 'processes'tab.
3.look for anything suss, but only run by you and not system or anything else.
4. google the name of the program to see if u get a bunch of virus forums (how i got here).
5.end the process.
6.once the check S&D or adaware is complete, take note of the directory of any registry keys (HKEY...).
7.track them down and delete them all manually (be sure you delete the right ones).
8.delete the other files with S&D or whatever you use, when a message appears saying some files could not be removed (these should be the registry keys that were removed mannually),select scan when restart.
9.run a check again after all this, there shouldnt be anymore infected files.
10.run a check with norton, avg, or whatever antivrus programme you use.
11.restart (without internet connected if possible) and S&D or whatever should run,
once its finished run your antivurus programme again.this should hopefully solve your problems, its worked for me and iv had TIBS and websiteviewer, among others.
hope i help someone,
cheers, TyGuY-It is good for girl to meet boy in park,
but better for boy to park meat in girl.-A ship in the harbour is safe, but thats not what ships were built for.
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
