Online or off?

Hi, I'm new here, but I did all the reading first. I have been maintaining my comp 4 a few years now and Bside Windows problems, haven't had 2 many issues, KOW. I am fairly confident of myself with a comp, but I still get stuck once in awhile and I'm very glad that U ppl R here 2 help. So without wasting NEmore time I'll get 2 it.
I just have a quick question. I read the thread about "read me before you ask 4 support" and I have a good understanding of what I need 2 do. I was just curious as 2 whether I should run all of the scans and fixes while the machine is online or off. I have a second comp that is "clean" 2 use if NEthing happens 2 the 1 I am working on, which is my wife's sisters machine. She got a massive infestation of all sorts, really bad, and asked me 2 look at it because she has no cash 4 a pro and she knows I am good at keeping mine out of trouble. NEway, I installed ZoneAlarm, but whatever she got seems 2 know how 2 disable the internet lock and I was wondering if I should completely unplug the wire, after I update the prog.s of course, or if it OK 2 run the process with the machine online? NE info would help, and again, thanx 4 bieng here, I work 4 free 2

 

When running through the READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal.
Tutorial they suggest to do it in safemode with networking ENABLED. This is because some of the scans in the tutorial are online scans.

 

Run things just exactly as it says in the READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal
you will do somethings via online in normal boot mode and then it will have you switch to safe mode depending upon your OS (Operating System).

Win9x (Windows 95, 98, 98SE) users boot normal mode

And Windows XP, 2000, NT, ME, users boot in "safe mode with networking support" (and remain in there)

So as you can tell it depends upon your operating system as to if you should be in Normal or Safe Mode..
Follow all directions in the tutitorial and report back here what problems still exist and be as specific as possible the more information we have the better we will be able to help you.

Please also tell us what Operating System you are on and if you are on WinXP we need to know what Service Pack (SP1 or SP2) you are using..
Welcome to MG..
SW

 

OOps sorry, the comp I'm cleaning is running XP Home and all updates R current so I believe it has SP2. Thanks 4 the info, I'm going 2 Give it a shot, B back soon w/ results.

 

Hi, I'm back. No luck yet. I got as far as trying 2 run the Symantec online virus scan. I disabled System Restore, booted in safe mode and ran the Trend Micro scan with no problems. The scan found 16 threats and deleted them in short time, maybe 10 mins. I ran it a second time 4 fun and it found nothing. Hooray! Yeah, right! I tried 2 run the Symantec scan and got a bunch of pop-ups. After closing those I got 2 the scan part and got it running. It was very slow, but I let it run 4 a couple of hours. In the meantime, I tried 2 come here 2 C if was suppose 2 B that slow. I couldn't get IE 2 work at all so I just let it run. After it got about 75'/. done, the window just dissappeared, poof!!! I tried 2 get it going again, but IE won't have it. I rebooted, in safe mode again, and got it started again, after pop-ups were closed, and it was still slow and I lost IE 4 NEthing other than the scan. The pop-ups R various ads 4 scanners and junk. So instead of waiting a few more hours 4 the same result, I'll C if I can try something else. I'm stumped. I run Norton AV that's with System Works Premier 2005, can I update and run that instead of the online scan?

 

Hi, I'm back, getting really frustrated here. I keep losing connectivity in safe mode. Properties say connection is alive, but nothing works after the 1st couple of operations I do. I am trying 2 get the Symantec scan 2 run, but I can't get past the part where it teies 2 open CD. Have 2 b quick, keeps shutting down now, b back later on "clean" comp, just want 2 get this posted in hopes of reply, please help.

 

Ok we will go ahead and have you read the following tutitorial on attaching a HJT (Hijackthis) log file.

Make sure you have HijackThis 1.99 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread
NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

Now post a HijackThis log as an attachment to your message (Do not post the log inline). All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

To repeat: Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT

After you post back with your log file as an attachment please be patient as it will be read by someone with more experience in dealing with HJT logs. Many are extremely busy with helping others and with things in their daily lives so please be patient.

SW

 

OK, this is gonna take me sum time to ingest, but I'll do my best. Another quicky tho, could I have infected my other comp by sharing the net cable from a Motorolla Surfboard cable modem ie;swithing cable back and 4th?

 

Thanx Chas, My main comp doesn't seem 2 B hijacked yet as I am pretty careful myself and try 2 keep up on security. I was just curious, because I saw a couple of strange processes in Task Manager. The comp I'm fixing is a favor 4 my sister in law and they haven't been careful at all. I was just hoping that I couldn't infect my comp with this junk she has by plugging my modem in2 it and then putting it back in mine. I also have used a CD-R to get files from my comp 2 hers and put it back in mine 2 write more files on. I haven't taken NE files from her comp 2 mine so I hope I'm safe there 2. I really dont want whatever she has, because it is damn nasty.

 

I didn't take any chances, I ran the full process described in the http://forums.majorgeeks.com/showthread.php?t=35407 successfully on my main comp. I had a bad memory stick and since I removed that, it has been performing better than it ever has. Thanx 4 all the info Chas. This experience is giving me a new respect for security. As for sis's machine, I am still in the process of ingesting the info in post #7 of this thread, from shewolf. She also has other issues to be resolved before I can continue. I think her memory is fried 2. I couldn't get a video signal the last time I plugged it in and that was how I found my memory problem. I had 2 stix in mine and after a few mysterious crashes, I pulled out the second stik and no video, I put that one in the first slot after removing the bad stik from it and BINGO, comp runs like a dream. Then I ran all tests from here and I seem 2to be OK for now. Sorry to get off track from my original post but her comp is taking a backseat, as she has a borrowed machine and I am working on my own projects now. I want to fix hers out of sheer determination at this pint so I want to keep this thread open, but I will start a new one for my stuff. Thanx again for any and all help.

 

For my comp? I will tomorrow if you want. I posted this thread for my sis's comp, and I haven't got that far on hers yet and I didn't post one for mine because I didn't want to sidetrack from this thread, too much anyway, seeing as how I already have.

 

Hi, the log 4 my comp. sorry took so long, just trying to understand how things work w/ limited time.

 

OK, I've updated, restarted in normal boot mode and ran HJT. I saved a logfile from that. As for Sky or SpyKiller, I don't know where that came from. My wife and kids were using this comp for awhile, so maybe something they did, or I just forgot. I do use Webferret and have for years without any problems that I was aware of, but if it is bad, I'll get rid of it and SpyKiller also, but haven't as yet because I want to see what you suggest. I ran HJT again, saved a log, which is probably the same as the first one after update, but saved anyway. All of the values that you wanted me to fix were not there after updates and reboot, but I selected the ones that were, closed everything and clicked fix. The first two and the fourth value were there and I fixed in HJT and saved a third log. This is the one I am posting, because it is the most recent, but if you need any of the others, let me know. As for msconfig, I had it like that, because there are alot of things in there that I don't want or need for one reason or another. I have been using this comp for almost four years and have done alot of things to it. There is alot of junk in there that I don't even have anymore and I don't know how to clean it up. So that's where I am at, let me know what to do.
Thanx for all the help so far,
Ray.

 

I got rid of SpyKiller, it wasn't installed as you thought, so I did it with HJT. Which log are you referring to when you asked me what I wanted to remove? I do like Webferret and have never seen any problems related to it. I have been using it as long as I have owned computers, so I will keep it for now, but I will check into it. One other thing I would like to mention is that something seems to be bogging me down real bad at shutdown and startup. Haven't had mch time to look into it yet, but if you have any quick suggestions it would be appreciated. I don't mean to stray off track here and you must have alot to do, so if you're too busy I can probably figure that one out. I don't see anything strange in TM. It is taking an unusually long time to shut down, it doesn't hang, the HD is going like crazy. And the same at startup, loading the tray, but I don't see anything weird there either. I would also like more info on alternative to msconfig.
Thanx,
Ray

 

Here are the lines from the HJT log that I posted last that I am concerned about. I know nothing about some, but others I definitely want out. The file has a small note with each line with my reference to each.
Thanx again,
Ray

 

I want to thank you very much, you all have been very cool, it is nice to have a clean comp. I will try harder to stay out of trouble now that I have learned quite alot about how this stuff works. I am still working on another computer for my sis in law and will have a much better understanding of what to do so that I may not require so much assistance. I vow to fight this crapware with all I have and I will recommend this site in any way I can. You guys and gals rule. Thanx a bunch.

 

Hi, just wanted to post a follow up to let evryone know that all my problems have been solved by the wonderful people who help us all out in here. I have been free and clean since just after my last post here and have been following safety precautions and all is well. I have also learned a great deal from these posts and intend to fight malware to the end of my computing days. I'm strapped right now but as soon as possible I will make any contributions to the cause that I can, both here and to the freeware vendors and I would encourage anyone who has the means to do so to help out as well as we need more people and programs to fight this crap. Maybe someday the scumbags will give up if we all fight as hard as we can.

 

Hi chas, just a little wishful thinking. I'm in the poor house right now, but I feel the need to do something to help out. I want to fight this stuff as much as possible. I am no expert, but I am pretty good following directions and learning. Just wondering if there is anything I can do to help out manually? I wish to fight this crap with all I have in me. Never really thought much of it before I was attacked myself, now I'm on a mission

 

Just a little note to anyone reading this thread, I am finding that alot of this crap is coming from the kiddie sites that my oldest son likes to go to to play online games. Everytime he uses the computer, we pick up some kind of crap that I have to spend an hour or so getting rid of. I don't want to tell him he can't use the computer anymore, but everytime I tell him a site is bad and he finds another one, it seems to be full of it too. We bought a second computer for them for x-mas so that mine will stay clean, and I have to sit down at theirs a couple times a week and run all these scans and fixes. They don't understand what to do when the programs pick stuff up so I just let them run it and fix as needed, but I seem to be spending an awful lot of time on this. Guess that's just how it goes.

 

Yes, I completed all the steps in that link and things are working out well for myself on my pc, but my son is 8 and doesn't have the understanding of what to do when a program asks what to do and I'm not always here to guide him. I explain what I can and help him when I can and eventually he will know better what to do, but I have a 5 year old also who will be right behind him to do the same, so I'm looking forward to a few more years of fun taking care of their machine before this settles down and then who knows what other kinds of threats these scabs will dream up in the meantime. I don't mind so much now that I have a good idea of what to do, I actually find it kind of fun. I'm bored now that my comp is clean, need something to fight, but not bad enough to go looking for it