I googled this & got vague answers. I have a buddy that just moved & got DSL. He's gotten three viruses in the last 2 weeks........in fact it's non-stop. I fixed the 1st 2 (Malwarebytes & combofix) & he then loaded an antivirus (via disc) onto his laptop. However, when he got online to get the updates he got hammered immediately. Now he's bringing it back to me & we're going to fix it again & try loading it at my place.
I can't believe that he could just randomly get these things that quick. Could it be his IP address is part of a targeted series of numbers? I've fixed this thing & played with it on my FIOS service & have had no issues, even when it's been unprotected.
Anyone have any ideas or experience with this?
0
To remove first post, remove entire topic.
I googled this & got vague answers. I have a buddy that just moved & got DSL. He's gotten three viruses in the last 2 weeks........in fact it's non-stop. I fixed the 1st 2 (Malwarebytes & combofix) & he then loaded an antivirus (via disc) onto his laptop. However, when he got online to get the updates he got hammered immediately. Now he's bringing it back to me & we're going to fix it again & try loading it at my place.
I can't believe that he could just randomly get these things that quick. Could it be his IP address is part of a targeted series of numbers? I've fixed this thing & played with it on my FIOS service & have had no issues, even when it's been unprotected.
Yes, they can be targeted - hacker programs go through an entire range to find vulnerable computers to attack. My guess would be something has already installed itself on your friend's computer and just re-installs itself at startup (try running the av programs in 'safe mode').
2 questions that would probably help the guys here understand the problem better: 1) Is your friend running a firewall (Windows Firewall does not count)? and 2) Define the 'virus' (popups, connecting to one site in particular).
0
Yes, they can be targeted - hacker programs go through an entire range to find vulnerable computers to attack. My guess would be something has already installed itself on your friend's computer and just re-installs itself at startup (try running the av programs in 'safe mode').
2 questions that would probably help the guys here understand the problem better: 1) Is your friend running a firewall (Windows Firewall does not count)? and 2) Define the 'virus' (popups, connecting to one site in particular).
Yes, the modem/router has a firewall BUT........I'm not sure if it's active or not. He said it was, but I'm discovering he knows a lot less about computers than he led on about. I'm certainly no expert.........just learned/learning on the fly.
It appears to just be malware (phony antivirus) & I was able to load the malwarebytes back on last night after several attempts........tried in safe mode too..........& I was able to erradicate the villain. But I noticed afterwards that I was still getting redirected to other web sites whenever I tried to go to something like "AVG" or "Malwarebytes antimalware"......sooooo, I loaded Spybot S&D & ran it a couple times. It found about 30 more issues & deleted most of them but I had to run it again overnight.
I also downloaded a bunch of MS updates. Not sure if it's all fixed or not.........at this point I'd be surprised if it was. I'm guessing you guys are right, & there's something else buried in there that's eluding all the jedi mind tricks. I'm getting tired of looking at his laptop. I think I have 8-10 hours into this thing now.
Question...........the "Combofix" had me add the MS Recovery Console to his laptop.........what does it do/ (Haven't looked into it yet).........&.........what is a destructive recovery?
Thanks gentlemen
0
Yes, the modem/router has a firewall BUT........I'm not sure if it's active or not. He said it was, but I'm discovering he knows a lot less about computers than he led on about. I'm certainly no expert.........just learned/learning on the fly.
It appears to just be malware (phony antivirus) & I was able to load the malwarebytes back on last night after several attempts........tried in safe mode too..........& I was able to erradicate the villain. But I noticed afterwards that I was still getting redirected to other web sites whenever I tried to go to something like "AVG" or "Malwarebytes antimalware"......sooooo, I loaded Spybot S&D & ran it a couple times. It found about 30 more issues & deleted most of them but I had to run it again overnight.
I also downloaded a bunch of MS updates. Not sure if it's all fixed or not.........at this point I'd be surprised if it was. I'm guessing you guys are right, & there's something else buried in there that's eluding all the jedi mind tricks. I'm getting tired of looking at his laptop. I think I have 8-10 hours into this thing now.
Question...........the "Combofix" had me add the MS Recovery Console to his laptop.........what does it do/ (Haven't looked into it yet).........&.........what is a destructive recovery?
"Destructive Recovery" is pretty much as it sounds - your computer gets wiped clean and reset to its original state. If your friend has an HP or Compaq (and possibly some other manufacturers as well), the hard drive contains a "Recovery Partition" which contains all the computer's original information. Pro: It's like the first day you got your computer all over again. Con: You have to reinstall EVERYTHING (programs, updates, documents - and if your computer is more than a year or two old, trust me, there are going to be ALOT of updates) and God forbid you forget to back up ALL your files (all those illegally downloaded mp3's are gone like the wind).
I would say the 3 probable locations it's hiding: "Documents And Settings", "Program Files" or inside the browser itself. Just be careful what you erase: what sounds suspicious to you might be a legitimate file needed to run a program. Google it first.
0
"Destructive Recovery" is pretty much as it sounds - your computer gets wiped clean and reset to its original state. If your friend has an HP or Compaq (and possibly some other manufacturers as well), the hard drive contains a "Recovery Partition" which contains all the computer's original information. Pro: It's like the first day you got your computer all over again. Con: You have to reinstall EVERYTHING (programs, updates, documents - and if your computer is more than a year or two old, trust me, there are going to be ALOT of updates) and God forbid you forget to back up ALL your files (all those illegally downloaded mp3's are gone like the wind).
I would say the 3 probable locations it's hiding: "Documents And Settings", "Program Files" or inside the browser itself. Just be careful what you erase: what sounds suspicious to you might be a legitimate file needed to run a program. Google it first.
Thanks gentlemen...........the unit is a 4-5 yo dell that was bought used (2 years ago )...........no recovery disk(s)............may have to junk it if I can't pinpoint & eliminate the problem.
0
Thanks gentlemen...........the unit is a 4-5 yo dell that was bought used (2 years ago )...........no recovery disk(s)............may have to junk it if I can't pinpoint & eliminate the problem.
It's not a problem. You can call Dell and order the disk from them. Not a big expense at all.
Or...........dirty little seceret time....
You can use almost any Dell disk for a restore and recover. Just as long as it matches your CPU. x86 or x64 (32 bit or 64 bit)
You will still need the driver disk, but again you can order it from Dell or just get net access on another computer and download the network driver. You can install it on the computer where you are doing the recovery and download the reast of the drivers after that
0
It's not a problem. You can call Dell and order the disk from them. Not a big expense at all.
Or...........dirty little seceret time....
You can use almost any Dell disk for a restore and recover. Just as long as it matches your CPU. x86 or x64 (32 bit or 64 bit)
You will still need the driver disk, but again you can order it from Dell or just get net access on another computer and download the network driver. You can install it on the computer where you are doing the recovery and download the reast of the drivers after that
Really? Cool...........that may do the trick. This unit doesn't have a ton of programs on it (not much to lose) so if I can do that I think my buddy will be happy.
Really? Cool...........that may do the trick. This unit doesn't have a ton of programs on it (not much to lose) so if I can do that I think my buddy will be happy.
The easy answer is you didnt remove everything and it redownloaded or respawned whatever processes it runs. Can easily happen. At this point you would be better off reloading the computer like others said to be sure its gone.
ComboFix makes a recovery partition in case after its done doing its thing you cant get back into the machine. This way you can at least get the recovery console and dont have a Windows CD.
Like Lippsman said, If its a Dell, you can use pretty much any Dell disk (most work) to reload the machine. I usually just download the drivers for the specific computer from Dell's site onto a USB drive from another computer and install them that way
0
The easy answer is you didnt remove everything and it redownloaded or respawned whatever processes it runs. Can easily happen. At this point you would be better off reloading the computer like others said to be sure its gone.
ComboFix makes a recovery partition in case after its done doing its thing you cant get back into the machine. This way you can at least get the recovery console and dont have a Windows CD.
Like Lippsman said, If its a Dell, you can use pretty much any Dell disk (most work) to reload the machine. I usually just download the drivers for the specific computer from Dell's site onto a USB drive from another computer and install them that way
If you choose to make use of any information on this website including online sports betting services from any websites that may be featured on
this website, we strongly recommend that you carefully check your local laws before doing so.It is your sole responsibility to understand your local laws and observe them strictly.Covers does not provide
any advice or guidance as to the legality of online sports betting or other online gambling activities within your jurisdiction and you are responsible for complying with laws that are applicable to you in
your relevant locality.Covers disclaims all liability associated with your use of this website and use of any information contained on it.As a condition of using this website, you agree to hold the owner
of this website harmless from any claims arising from your use of any services on any third party website that may be featured by Covers.