+- Tendo City (https://www.tendocity.net)
+-- Forum: Tendo City: Metropolitan District (https://www.tendocity.net/forumdisplay.php?fid=4)
+--- Forum: Tendo City (https://www.tendocity.net/forumdisplay.php?fid=42)
+--- Thread: More Free Tech Support (/showthread.php?tid=5863)
More Free Tech Support - Darunia - 15th July 2010
Your next mission: Tell me which of these things that is running in the back of my computer shouldn't be there. These all boot up with the computer, and I suspect that many of them are malware.
![[Image: Shiznit.jpg]](http://i990.photobucket.com/albums/af30/Fwigglemuck/Shiznit.jpg)
More Free Tech Support - Great Rumbler - 15th July 2010
There might be one or two malicious programs in there, but most of them aren't. They're just regular programs that you've picked along the way or system programs.
If you're not having any problems [lots of pop ups, programs that won't run, computer runs really slowly when it shouldn't, or similar issues], then you're probably okay. Wouldn't hurt to run some antivirus programs and do a little Google searching, but most of the time if you're computer's been infected you'll know it.
More Free Tech Support - A Black Falcon - 15th July 2010
My computer really is infected with something, and has been for a few weeks now. Symantec antivirus didn't stop whatever it was from getting in. I've used various programs and have managed to get rid of everything bad that they could find, but I'm definitely still infected with something and they don't seem to be finding anything useful anymore, so I'm definitely starting to worry about how deep this infection is...
Most all of the remaining symptoms (there was some worse stuff, but it's been found and removed) are internet-related -- redirecting search results, popping up Google or Yahoo search boxes when you click on things (or sometimes other pages that I close before anything seems to load in them), making it so when you try to go to websites it "fails" the first time and I have to reload several times to get the page to work, blocking Windows Update, Windows Messenger, and some other things from seeing their servers (AIM is fine), etc... these problems were all worse earlier, before I removed some stuff that has been found, but they're still there. Yes, definitely still infected. (Note that all the problems relate to the internet; when not plugged in to the internet, or when not using the web, there are no signs of problems.)
Oh, I had none of these symptoms before the first or second week of June this year, so if I had this infection before then, there was no sign of it. I assume it somehow got through around then.
I got rid of Symantec because it obviously wasn't working (and the version was a few years old anyway, though I did keep it updated), but managed to get another antivirus program installed, and also (for something less likely to be compromised) also have used AVG's free rescue CD; that latter one has been quite helpful... but obviously not comprehensive in finding things.
Oh yeah, as a side note, my old WinME computer has never gotten a virus infection worth mentioning in all of the 9 1/2 years that I have owned it. I've been using that computer some recently, in fact, to get a non-messed-up internet connection (to download and burn the AVG rescue CD, for instance)... one more reason to like the machine. :)
More Free Tech Support - Weltall - 15th July 2010
Quote:Tell me which of these things that is running in the back of my computer shouldn't be there.
INTERNET EXPLORER
jesus h get a real browser, man. Get Chrome. Get Firefox. Anything but Internet Explorer. If you have malware, that's probably the door which most of it came through.
Most of those processes are legit items. There are only a handful I don't recognize.
More Free Tech Support - etoven - 16th July 2010
I suggest you download WinPatrol, its a free download...
You can get it: here
With winpatrol you can see what's running and kill it if you want. A simple google search of the exe will tell you if it's malware or not. If you find out it's malware you can right click in winpatrol and select delete on next reboot --> Restart Machine..
Just be careful what you kill you can destroy your OS if you kill the wrong thing. I suggest you make a restore point before hand and look up the process on Google before you kill anything.
More Free Tech Support - A Black Falcon - 17th July 2010
Well that's the problem, I don't see anything that obviously looks bad anymore, but as I described it's very obviously infected...
More Free Tech Support - etoven - 17th July 2010
A Black Falcon Wrote:Well that's the problem, I don't see anything that obviously looks bad anymore, but as I described it's very obviously infected...Get WinPatrol. It shows you a lot of other things.. Task manager doesn't.
More Free Tech Support - A Black Falcon - 18th July 2010
I know, that's what I was talking about. I'll post some pics or something later...
More Free Tech Support - A Black Falcon - 23rd July 2010
... Is there any way to get around this virus or whatever's blocking of certain websites? It makes finding the problem hard...
More Free Tech Support - EdenMaster - 23rd July 2010
A Black Falcon Wrote:... Is there any way to get around this virus or whatever's blocking of certain websites? It makes finding the problem hard...
That's kinda what it's trying to do. It doesn't want to be removed.
You said you have another computer? Look up fixes on that one. You might have to go in and carve the little bastard out of the registry, the problem is finding where it would be. Do you have a name of the virus or anything?
More Free Tech Support - A Black Falcon - 23rd July 2010
That was the problem, everything the antivirus programs could actually find, they'd removed... so I had no idea what was still there.
So I managed to download, via download.cnet.com because the program's official site was of course blocked by the virus, Malwarebytes' anti-malware program... and it actually found what appears to have been the virus messing up the internet! Hopefully I'm finally virus-free... it's been like three weeks now (or a little more, maybe a month?), and it's been a huge pain. Tried a bunch of different things, some of which found some things, but never all of the infection... wish I'd heard of this one before, that actually found what was left. :)
The honorable mention would go to AVG's free rescue CD, because the most bothersome virus was one of those stupid fake antivirus ones, which pretty much made running anything on the computer impossible for a day or two before I burned the rescue CD on my other computer and ran a full scan. That scan got rid of that, and at least one other thing too, making the computer usable again... but missed several other things. Another AVG scan several days later found another thing, and then there was this other file that took a while to get rid of, but that and Avira (which I managed to get installed, despite attempts of course to not let me download it) didn't find this trojan that the Malwarebytes program did...
Where did it come from? Who knows, it's so easy to get infected these days, I don't think it even takes clicking on anything anymore, with properly infected web pages... it is annoying that Symantec Antivirus, which I did have running, did nothing to stop it from getting in, though. Oh well. (Yes, I've gotten rid of that. Hopefully I can find something that will work better... or AVG at least, that seems to be decent if not perfect and is free.)
Finally managed to run Windows Update for the first time in a month. :)
More Free Tech Support - etoven - 23rd July 2010
You might have a nasty little entree in your hosts file... Left behind by a virus..
Check your hosts file.
More Free Tech Support - A Black Falcon - 23rd July 2010
I checked the hosts file weeks ago, it's got nothing in it. I could check again, though... bah, where do they hide that file...
More Free Tech Support - A Black Falcon - 23rd July 2010
Yeah, nothing unusual.
127.0.0.1 localhost
::1 localhost