Four computers networked and hijacked?

We have one desktop and three laptops on a wireless network. (at home)Two weeks ago, the network stopped working. The desktop had been running slower and slower, and we hadn't been able to access or search on Yahoo or Google for ages, so we figured it must be loaded with spyware. (I already had Spybot and AdAware installed, and had run it regularly, but it never fixed the problem) After doing some looking online, I found your forums. I followed all of your instructions in READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal, (except for Kill2Me, I couldn't get to the page to download it) After doing all of this, we could search on Yahoo and Google, and we were able to get the network back up and running and all seemed fine....for a few days. (Everything actually was not fine because the desktop was still running really slow and Spybot kept telling me that the BDE projector was still there and could not be deleted because it was in use.)

Skip forward a day or two and all of a sudden ALL of our computers have a problem. There are many web pages that we can't get to anymore. (microsoft, windows update, ebay, old navy, amazon, usps, etc. etc.) The page just sits there, looking like it is loading for a really long time, and eventually "the page cannot be displayed" comes up.

Please help...I was so excited for having "fixed" the problem, and now it seems I have made it worse...almost. (of course my husband is not too concerned about me not being able to access ebay, but hey)

Thanks in advance, and also thank you very much for your wonderful and easy to follow instructions.


Roseann

PS: We are running Windows XP and using IE. I have downloaded Foxfire on my laptop, but can't get to those pages using that either.

 

Hi Roseann,

I just wanted to tell you to hang in there This will be a complicated fix due to the number of computers involved. You will likely have to disconnect each computer from the network and then work through the tutorial and the fix for each computer one at a time.

Hang with this thread. As you can see, the forum is quite busy and chaslang and Major Attitude are the true experts here. They will know best how to proceed.

Best Luck,

PP

 

Thank you Phillie Phan. You are busy here, aren't you? Maybe I will try going through the instructions again on the desktop and see what happens over there.


Roseann

 

Hi Roseann,

I am hesitant to start you off on such a big project. I am not able to visit this forum often enough to fix you problem in a timely manner. And, frankly, the resident experts (Chaslang & Major Attitude) have forgotten more about virus and malware problems than I’ll ever know! They will know the best way to proceed.

I still think you will have to run through the tutorial for each computer while disconnected from the network to avoid re-infection. It may be a good idea to put all of the tools the tutorial has you download onto a disc to make dealing with multiple computers a bit easier.
Sorry I can’t be of more assistance.

Best,

PP

 

Please Help!!

We have one desktop computers and three laptops on a wireless network. (please reference my original post of 9-28-04.) We cannot access certain web sites on all of the computers. When I try to go to ebay, the URL changes to doubleclick.ebay.com (or something like that) and it goes nowhere. When I try to go to Jenny Craig, it adds in "postpublisher". We can't go to the Microsoft page, or Old Navy, or Amazon.com, or any Yahoo store. The little red security alert icon at the bottom tells me that these pages have been blocked.

I have already followed all of the instructions in your How To guide. I have done this twice. Once before my post of 9-28, and again today. I ran the online scans at Trend Micro, Symantec and ran the McAfee Stinger. They all found nothing.

Ad-Aware found and deleted something called Alexa. Spybot found (as usual) BDE Player and would not let me delete it because it said it was in use. (I was off-line and running in safe mode when I scanned with both Ad-aware and Spybot.)

Kill2Me, about:Buster, and HSRemove all found nothing.

Please help. I don't know a whole lot about computers, but it sure seems as though something or someone has taken this machine over.

I also performed all of the above mentioned tasks on my laptop and found nothing at all. My husband believes the problem lies with the desktop and that somehow it is causing the problem with all of the other computers on the network. He needed to get to the Ford website to make a lease payment, and was blocked on his laptop until he bypassed the network (if that is what you call it) and hooked up directly to the DSL. Then he could access the web page.

I might also mention that after doing all of the scans on both this desktop and my laptop that the home pages were changed to www.google.com, and the search engines were also changed to google. Is it supposed to do that?

I really hope that someone here can tell me how to fix this. It all seems so very strange.

Thanks,
Roseann

 

Thank you so much for your reply, chaslang. It turned out to be a problem with a setting in the desktop. It had been set to *not* allow access to secure sites. (yes that does sound weird) It must have happened during the set up of the new router, which took place right after I ran all the spyware stuff the first time.

Do you mind if I ask a few more questions? Do I need to worry about the BDE Projector? I have found a folder with a few files in it, the whole thing is empty, and the computer won't let me delete it. I am not sure if it is still active and doing its thing or not. It shows up everytime I run Spybot, and I can't ever get rid of it.

Also, the CPU usage on the desktop goes up to 100% for long periods of time, even when we aren't doing anything on it. For example, yesterday when I was running one of the online virus scans, the scan seemed to be stuck for quite some time while the CPU usage was at 100%. This was when I was in safe mode. Is it possible that something is hacking into our computer and using it? Is there any way of finding out what all of those programs are that are running in the Windows Task Manager?

These are probably all dumb questions, and I apologize for that. I wish there was a book somewhere that explained all of these things. I think that computers are very interesting and I would love to learn more about "what makes them tick."

Thanks so much,
Roseann

 

Hi Roseann,
Happy to see that you were able to hook up with Chaslang Sorry I was next to useless! There are no dumb questions here - if there were, they would have kicked me out long ago

Here are a couple links you might find useful:
http://www.answersthatwork.com/home_page.htm

http://www.windowsstartup.com/wso/browse.php?l=1

Those can help address your query as to Running Processes. I would also recommend visiting Black Viper - Many find his site to be a bit intimidating, but I think you might find it enlightening! He's got some good recommendations regarding Windows Services Configurations.

http://www.blackviper.com/

Best,

PP