Stephen <mcavoysAT@aolDOTcom> wrote:
> On Mon, 28 Apr 2008 11:24:41 EDT, "Chambers" <bdc### [at] yahoocom>
> wrote:
>
> >If anybody here could help me with some advice, I'd appreciate it.
>
> What flavour of Windows are you going to reinstall? :)
> Have you tried to restore?
> --
>
> Regards
>      Stephen

:(

I'm dual booting to Linux anyway, maybe it's time to go cold turkey...

....Chambers
www.pacificwebguy.com

Post a reply to this message

On Mon, 28 Apr 2008 12:38:36 EDT, "Chambers" <bdc### [at] yahoocom>
wrote:

>
>I'm dual booting to Linux anyway, maybe it's time to go cold turkey...

Maybe, indeed. But I would fix my Windows first. Just in case :) 
-- 

Regards
     Stephen

Post a reply to this message

Chambers <bdc### [at] yahoocom> wrote:
> I have both AVG Free AV and Antispyware

  Did you run the antivirus and the spyware scanners from safe mode?

  Have you tried with ad-aware and spybot s&d? It probably wouldn't hurt
to try.

-- 
                                                          - Warp

Post a reply to this message

web.4815ec39b493a40f261d9700@news.povray.org...
> Has anybody here had a similar experience, and is able to comment?

Look for a rootkit
http://www.f-secure.com/blacklight/
http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx

My dad's laptop caught one once, it took me a couple of hours to understand 
what was going on, but Blacklight took care of it immediately.

G.


-- 
**********************
http://www.oyonale.com
**********************
- Graphic experiments
- POV-Ray, Cinema 4D and Poser computer art
- Posters

Post a reply to this message

On Mon, 28 Apr 2008 11:24:41 -0400, Chambers wrote:

> If anybody here could help me with some advice, I'd appreciate it.
> 
> Lately, I've been getting crashes when Windows starts*, and something
> has been interfering with my web browsing.
> 
> Searching with Google or Yahoo never finishes** (it just loads the page
> for several minutes, and then quits).  Other functions of Google and
> Yahoo (ie, Google Webmaster Tools, or My Yahoo) work fine.
> 
> Downloading files in Firefox gets interrupted (it asks me where to save
> the file, but never actually saves - or even begins downloading - it). 
> Downloading in IE sometimes works, and sometimes doesn't.
> 
> I get random popup ads and new tabs opened in both IE7 and Firefox 2,
> most of them advertising antimalware software (which I've never heard
> of, and don't trust).
> 
> I *do* have Safari installed (just to try it out), but I haven't tested
> for these symptoms in it yet.
> 
> I have both AVG Free AV and Antispyware, and ZoneAlarm firewall
> installed.  I managed to install Avast last night, and performed a
> boot-time scan, which didn't yield any results.
> 
> Before I left for work, I left the machine running complete scans from
> AVG (antivirus *and* antispyware), and from Avast.  I'll check the
> results when I get home.
> 
> Has anybody here had a similar experience, and is able to comment?
> 
> BTW, the only software I've installed recently (other than Linux... heh)
> is MS Silverlight, which I've since uninstalled.
> 
> ** These work fine in Linux, so I know its something with the machine
> and not the network.
> 
> * By googling under Linux, I was able to determine that the crashing
> process belonged to Nero Scout, something I didn't even have installed
> (I only installed Burning ROM, with none of the extras).  Just to be
> safe, I uninstalled Nero, but that hasn't changed anything.
> 
> ....Chambers
> www.pacificwebguy.com

I got a similar problem caused by the latest version of Vundo, Vundo.D. 
Nasty little trojan horse, I realized it was there when normally sane 
sites opened several pop-ups. AVG missed it, Trend Micro's Housecall 
found 2 dlls it was using but it recreated those when I rebooted. I know 
how it got in, I was stupid and trusted a file I shouldn't. It wasn't 
communicating out on it's own, so the fire wall never saw it.

Not saying that's what got to your PC, but the symptoms sound very 
similar.

Post a reply to this message

Sabrina Kilian <ykg### [at] SUCKSvtedu> wrote:
> I got a similar problem caused by the latest version of Vundo, Vundo.D.
> Nasty little trojan horse, I realized it was there when normally sane
> sites opened several pop-ups. AVG missed it, Trend Micro's Housecall
> found 2 dlls it was using but it recreated those when I rebooted. I know
> how it got in, I was stupid and trusted a file I shouldn't. It wasn't
> communicating out on it's own, so the fire wall never saw it.
>
> Not saying that's what got to your PC, but the symptoms sound very
> similar.

How did you remove it?

....Chambers
www.pacificwebguy.com

Post a reply to this message

"Chambers" <bdc### [at] yahoocom> wrote:
> How did you remove it?
>
> ....Chambers
> www.pacificwebguy.com

Never mind, I think I've fixed the problem.  After trying several products, AVG
8 seems to have finally killed the infestation.

Definitely not a good advertisement for AVG 7, though, letting the virus on to
begin with.

Now I'm *definitely* thinking of switching OSs permanently.

....Chambers
www.pacificwebguy.com

Post a reply to this message

On Mon, 28 Apr 2008 22:46:37 -0400, Chambers wrote:

> "Chambers" <bdc### [at] yahoocom> wrote:
>> How did you remove it?
>>
>> ....Chambers
>> www.pacificwebguy.com
> 
> Never mind, I think I've fixed the problem.  After trying several
> products, AVG 8 seems to have finally killed the infestation.
> 
> Definitely not a good advertisement for AVG 7, though, letting the virus
> on to begin with.
> 
> Now I'm *definitely* thinking of switching OSs permanently.
> 
> ....Chambers
> www.pacificwebguy.com

I didn't remove it, I can't find the third (or forth or eighth) dll that 
keeps recreating the first two. I'm backing everything up, since I duel 
boot Linux it isn't that difficult, and then wiping that partition out.

I made the mistake of rebooting to safe mode when I found the first two, 
removing them, then rebooting. Now it's registered as my proxy and 
prevents me from updating AVG or getting to Housecall.

Eh, I needed to clean this windows install anyways.

Post a reply to this message

Chambers wrote:
> If anybody here could help me with some advice, I'd appreciate it.
> 
> Lately, I've been getting crashes when Windows starts*, and something has been
> interfering with my web browsing.
> 
> Searching with Google or Yahoo never finishes** (it just loads the page for
> several minutes, and then quits).  Other functions of Google and Yahoo (ie,
> Google Webmaster Tools, or My Yahoo) work fine.
> 
> Downloading files in Firefox gets interrupted (it asks me where to save the
> file, but never actually saves - or even begins downloading - it).  Downloading
> in IE sometimes works, and sometimes doesn't.
> 
> I get random popup ads and new tabs opened in both IE7 and Firefox 2, most of
> them advertising antimalware software (which I've never heard of, and don't
> trust).
> 
> I *do* have Safari installed (just to try it out), but I haven't tested for
> these symptoms in it yet.

Then try it, and see what comes up.

The symptom of unwanted windows and new tabs is a classic malware sign. 
  I had an infection which would take me to certain sites at five minute 
intervals.  If IE was not open at the time, the malware would start it.

A complete reinstall of WinXP got rid of the beastie.  A complete 
install of Ubuntu probably would have gotten rid of it as well.

Regards,
John

Post a reply to this message

John VanSickle <evi### [at] hotmailcom> wrote:
> Chambers wrote:
> > I *do* have Safari installed (just to try it out), but I haven't tested for
> > these symptoms in it yet.
>
> Then try it, and see what comes up.

Safari worked fine.  So the malware writers were specifically targeting both IE
and Firefox.

However, it appears that I still wasn't able to clean it completely.  I was
still getting random virus detections.

....Chambers
www.pacificwebguy.com

Post a reply to this message