Help -Computer locks up, explorer doesn't work after cleaning with adaware and spybot

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by thealu, May 17, 2004.

  1. thealu

    thealu Private E-2

    I'm helping a friend clean her computer of spyware (she's running XP on a pentium 4). I had her run Norton anti-virus - no virus detected. Then I had her download and run Adaware and Spybot. WOW did they come up with a ton of stuff including clearsearch, cometsystem, 180 solutions, egroup dialer, hiwire, lycose sidesearch, stoppop, vx2betterinternet, winfavorites, dyfuca, bargain buddy and a few others I can't remember.

    We had adaware and spybot fix/remove everything it found (including tons of registry changes it found). All seemed to be well. Explorer was working and her computer seemed okay. This was last night. Now internet explorer doesn't work (can't load page), and her computer locks up when she tries to do other stuff (like add/remove programs). I have no idea what to do next. I'm guessing her registry is a mess and that might be part of the problem? But I don't know how to fix that. Also, once when she opened explorer last night (after we cleaned up) it tried to go to a different page than her home page for just a second but then did go to her homepage and seemed to fuction okay after that.

    I'm not a computer geek! I only know how to do basic maintenance stuff. So I really need help to figure out what's wrong with her computer! Thank you so much for any help.

    thealu
     
  2. Kodo

    Kodo SNATCHSQUATCH

    it sounds like there's more crap on there. Did you run adaware and spybot with all the updates to them? if not, download the updates (they have autoupdaters in them that you can use) and re-run the scan.

    next, try a different AV to scan for viruses. Here's an online one that may help: http://housecall.trendmicro.com/

    make sure she also has all the updates to XP.
     
  3. thealu

    thealu Private E-2

    Yes, we updated adaware and spybot before running. We can't use an online AV because we can't get explorer to work anymore. I guess I can download an AV onto a CD-Rom on my computer and take it over to hers? Which one? And is there a different spyware detector program I should try too?

    She doesn't have XP updated with all the security patches - in fact I think she's missing a bunch BUT should we update before or after we get rid of any virus/spyware that's on there? I guess we can't update til we can get explorer to load pages anyway.

    Ideas?

    Thank you SO MUCH.


    thealu
     
  4. Kodo

    Kodo SNATCHSQUATCH

    if you can, have her try Avast! as an antivirus. Also go to start..run.. type

    notepad C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS

    When it comes up. Copy what it shows and paste it here.
     
  5. thealu

    thealu Private E-2

    I will download Avast, take it over there and run it. If I install it on her harddrive, will it interfere with her Norton AV program?

    I will also post the results of the search you asked for. Thanks again for the quick response and the help. I really appreciate it.


    thealu
     
  6. Kodo

    Kodo SNATCHSQUATCH

    just temporarily disable Norton. You will find that most of us would rather use Avast! over Norton any day. While I don't want to TELL you not to use Norton, I would like to say that its' performance has been less than stellar recently. It's up to you to decide. If you want our recommendation on Antivirus software just do a search on Antivirus in the forums, grab a cup of coffee and few cookies and have a read :)
     
  7. alanc

    alanc MajorGeek

    Once you get Avast installed, make sure you update to the latest virus definitions, then go to the menu and select Schedule boot-time scan, and reboot. This will thoroughly scan all drives before Windows has a chance to lock any files.
     
  8. thealu

    thealu Private E-2

    Thank you for all the help so far.

    okay, I managed to get my friend's computer back on the internet.

    After tinkering with settings and doing some clean up, when I rebooted the computer I got a message from Norton that said that something was wrong with this or that it was corrupt or missing or something (can't remember now): C/Progra~1/Common~1/Symant~1/CCREGMON.DLL

    It suggested that the computer might have the Klez worm, or that IE/Outlook might need repair, or that I might need to uninstall and reinstall Norton. I wanted more concrete information than that so I then I did what Kodo originally suggested and I ran an antivirus scan from "housecall.trendmicro.com".

    That came up with 4 trojans in five infected files: Small.Go, Small.IQ, REVOP.A, STILEN.A. They were uncleanable so I used the delete option and got rid of them. STILEN.A was running so it couldn't get rid of it. I went into msconf and unchecked it and rebooted. So it's not running at the moment (I assume) but it's still on the computer.

    WHAT'S MY NEXT STEP??

    I was about to uninstall Norton, download and install Avast! (is that easy to install and use?) and rescan the computer following alanc's boot-time scan instructions. Then I thought maybe I should check with you guys first in case there's something else I need to be doing.

    Thank you for all of your help!


    thealu
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds