Thank you geeks!!!

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by ironcladstu, Sep 28, 2004.

  1. ironcladstu

    ironcladstu Private E-2

    There seems to be something missing from the FAQs...
    Where do you thank the geeks?

    Last week my stupid brother stayed over at my mum's place. Naturally he jumps on her PC and heads straight for the pr0n... but since he's an idiot, he ends up in dialer land and inadvertantly installs every piece of malware spyware trojan nasty known to the internet.
    The next day my mum compains to me that she can't access the internet, could I help. Thinking its something trivial, like it typically always is, I inspect her PC expecting to see some basic error, such as not connecting to the router.
    I jump on and load IE to check if I can 'see out', and land myself on a nasty search page with links to all manner of .. 'personnel aides'.. we'll call them. I try and leave, but clicking anywhere does nothing. You can't exit this page no matter what you do. Seems a kind of pointless hack seeing you can't even get access to buy any of the said... 'aides'...
    As it turns out the page was a smokescreen to the multitude of dialers sitting in the background trying to find a modem to call out to a premium hotline.
    Sucks to be a dialer here, since the PC is on broadband. No modem installed, just a software connection to the wireless dsl modem. Hopefully no large telephone bills coming.

    I fear the worst. Great... full format.. full re-install. I can't see any way out of this to fix the PC.
    I dread installing anything to do with windows these days. The other week I tried to install just a basic graphics card update. What could be simpler right? 6 hours later I can finally use my PC again... but the software for the TV-in card is gone and can't come back. I was defeated. I hate PC's.

    Every single time I've tried to install anything to do with windows, no matter how simple, you can guarentee that a whole weekend will be lost. Some people have claimed that they can do a full windows re-install in 20 minutes. Others claim to have seen leprachauns. I put the two people in the same category. I hate 'installing' things... nothing can be more frustrating...
    Well.. maybe the things that require the 'personnel aides'... but lets not go there.


    I see mum's PC as a lost cause. Dead to the world. There is a pulse.. but weak... what to do?

    I head over to google on my PC. Maybe something will be able to help. At least google could confirm that something is nasty on the PC. Then I'd at least be able to say to mum.. see here... your PC has a virus... google tells me so... you'll need a full reformat.

    Google is our friend. Low and behold the search I entered brought back many tales of woe... pain and suffering...

    But also hope. Here.

    Just Brilliant:
    http://forums.majorgeeks.com/showthread.php?t=35407
    So simple, yet covers everything you need to know. An excellent guide that perfectly sums up all any computer novice could possibly want. Great stuff.

    I head into the guide full of excitement. This guide is simple enough to read. I can do this. I start to feel happier. Maybe the PC is not dead? Just download all the programs I'd ever need, linked straight from the article. All updated to the latest versions.
    A simple transport from my PC to mum's, including the guide as a txt file. And what the heck, a different browser as well. Mum will never be PC confident enough to use anything but IE, but at least then I'd be able to see the internet from her PC, grab whatever was needed.

    I run through the guide and try everything. All seems to go well. Things are removed... actually many many things are removed. The little sucker spawned quickly. But now they are gone. All fixed?
    A reboot, load IE and ... still there. Damn.
    But IE is half fixed. You can now at least navigate out of the hijacked start page.

    Only a little disheartened, I venture further into the majorgeek site and find another article of pure genius.
    http://forums.majorgeeks.com/showthread.php?t=38772
    Legend. This guide simply is perfectly written. It covers all, skips nothing. Follow the steps and it all works properly. Guides like this make the internet worthwhile.

    Every single instruction manual I've ever encounted leads to heartache. There's always something missing... something vital that is missing. Like in the graphics card update I alluded to previously. After installing then rebooting, windows install was supposed to detect the card. OK... maybe it did,... but the message window that popped up had absolutely zero text on it. None. Just two buttons. One I assume was OK, the other cancel. No text on them. Very helpful. I guess one button, hoping for OK... I guessed wrong, the card didn't install and instead left traces of itself that meant it couldn't uninstall / re-install either. Just great.

    No such nonsense in this guide to remove the spyware. Every step covered. Follow them and it all works as stated. Just a great article. I followed it completely and in fact found myself enjoying the process.
    Sure it still took the whole day (I'd say at least 10-20hrs so far on the nasties), but I always felt confident that things will work due to the expertly written guides to which I'm following.

    You really need to have a dedicated thank-you post or forum. Just for all of what must be many many people who've stumbled this way and solved the internet.

    Yes this is sucking up and long, but dammit I'm happy. Something works. Things get fixed. Joy!


    As good as the articles are, there are still a few leftovers still to be killed. A file sqle.dll stopped the about:buster program from working. This seems to be a rare problem though. But another helpful crew over here http://mytechsupport.ca/support/topic.asp?TOPIC_ID=4929 solved that one.
    If you ever head into Canada, go have a beer with these guys. You'll be in geek heaven.

    Finally, a more common nasty persisted through all the club bashing I'd given it. A Websiteviewer dialer keeps coming back. I'd say I'll have this one nailed shortly. http://www.dslreports.com/forum/remark,11393040~mode=flat
    http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_PORNDIAL.BP&VSect=T
    http://securityresponse.symantec.com/avcenter/venc/data/dialer.wsv.html
    Yeah, it be gone once I next get to mum's PC to take it out.


    I feel it's important to give credit where credit is due. Most people will come here, solve their problems and hope to never have to venture to these forums ever ever again. I know I'm one of them. I never want to get attacked by spyware again and need this site, but am extremely greatful that there is resources out here available to help.

    Thanks again geeks. You're doing a great job here, solving what can seem like the impossible.


    :D
     
    ironcladstu, Sep 28, 2004
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Thanks for the praise! We all do appreciate. As you can tell a lot of work goes into writing and refining those tutorial threads.

    By the way problems like you had with sqle.dll have been covered here literally hundreds of times too. The filenames change but the problem is the same. Do a search for AppInit_DLL or Registrar Lite and you will see many problems like the one you had being resolved.

    Things you gave other links for have also been covered here.
    You should also check out this NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting for a more good information.

    And another canned speech you may find useful:

    Make sure you get your system protected from reoccurrence of issues like this. Here are some simple steps you can take to reduce the chance of infection in the future. I strongly encourage you to do them all.

    1. Visit Windows Update:
    Make sure that you have all the Critical Updates recommended for your operating system and IE. The first defense against infection is a properly
    patched OS.
    a. Windows Update: http://v4.windowsupdate.microsoft.com/en/default.asp
    Do this at least once a month.
    b. Never add any site to your Trusted Sites Zone.

    2) Anti Virus: make sure you have one and keep it updated. Here are some good free ones:
    http://majorgeeks.com/download1968.html Avast
    http://majorgeeks.com/download886.html AVG
    The top two hands down. Better than Norton or McAfee!
    Only run ONE AV!

    3) Firewall: if you don't have one get one of these below. The last two are free versions:
    Don't care if your on dial up or High Speed....you must have a firewall
    http://majorgeeks.com/download738.html Kerio Personal Firewall
    http://majorgeeks.com/download3356.html Sygate Personal Firewall Free
    http://www.majorgeeks.com/download388.html ZoneAlarmFree

    4) Get a Temp File/Cookies/index.dat cleaner
    http://majorgeeks.com/download4191.html CCleaner (Crap Cleaner)

    5) SpyWare Prevention (These prevent, they are not scanners. Scanners are listed later.)
    http://majorgeeks.com/download2859.html SpyWare Blaster
    http://majorgeeks.com/download3045.html SpyWare Guard

    6) SpyWare Scanners/Removers
    http://majorgeeks.com/download2471.html SpyBot (Use the Immunize feature. I don't activate the TeaTimer)
    http://majorgeeks.com/download506.html Ad-aware SE
    http://www.majorgeeks.com/download4283.html VX2 Cleaner Plug-In for Ad-Aware

    Also, look into replacing Microsoft Java with Sun Java and also use Mozilla FireFox in place of Internet Explorer.
     
    chaslang, Sep 28, 2004
    #2
  3. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Its feedback like yours ironcladstu that makes all the hard work in writing those guides worthwhile for those who had a hand in them and will spur them onto updating them for newer exploits that will come over time, which in turn will help more users who fall foul of those nastys!

    I dont generally pop into this part of the forum.. as I know how to keep my PC clean but I'm not upto date with all of the latest spyware and removal techniques to be of much help in this area ( my fix to anything that goes wrong is re-install or recover via an image backup.. too lazy/busy to find the route cause these days ;) ) BUT when I started to read your post I had to comment as these days all people do its complain and rarely give thanks where its applicable :)
     
    DavidGP, Sep 28, 2004
    #3
  4. ktiz

    ktiz Corporal

    I too must say thanks, I have been helped with every problem I have ever had, except 1 so far. But is not possible to be fixed, I believe... But THis is a big THANKS to all of you MAJOR GEEKS out there.
     
    ktiz, Sep 28, 2004
    #4
  5. melomano

    melomano Private E-2

    ironcladstu wrote:

    Guides like this make the internet worthwhile.

    What about "Sites like this make the internet worthwhile"?

    For me Major Geeks is like the Red Cross. You are like heroes.
     
    Last edited: Oct 2, 2004
    melomano, Oct 2, 2004
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds