malware crisis

[timOleary]

my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.

I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped
<>

 

[Bruce Hagen]

my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.

I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped
<>

Since you can access the Internet on your machine, download and Save the
free version of this tool.

Malwarebytes Anti-Malware
http://malwarebytes.org/

Copy it to CD and install it on your daughter's machine. Run a Full Scan.
It may take about 2 hours, but this is one good free Malware removal tool.

 

[Peter Foldes]

Tim

Do exactly as Bruce posted but also use SAS after Malwarebytes just to make sure we
get everything

Bruce already gave you this
MalwareBytes
http://www.malwarebytes.com/

After the above use this one also
SuperAntiSpyware
http://www.superantispyware.com/

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.
http://www.microsoft.com/protect

 

[Daave]

my daughter's dell optiplex gx620 WXPpro
malware attack has rendered her PC un useable. IE keeps trying to
connect to the ISP but can't. three popups frozen on the screen.
security warnings
she has norton av but ran it and it did nothing but see two threats.
no can fix
i was able to transfer her most valued data over to an external hdd.
but now short of reformatting and reinstalling windows, i am at a
loss.
Maybe there is a bootable solution? on my pc i got verizon internet
security suite and i bought superantispyware, and have yet to
experience a hit.

I know this email will elicit a bunch of crackpots spoofing legit
advice.
But i need to get some help for her.
that she can no longer connect to the i-net has me stumped

First off, in the event that your daughter's PC is severely compromised,
the easiest, quickest, and best solution *is* to perform a Clean
Install.

It is important to determine just how bad the malware is. It is possible
that although the Web browser cannot connect, that Internet connectivity
still exists. Bring up a command prompt and ping the following address
to check:

72.14.204.103 (one of Google's addresses)

Also, post back with exact symptoms, including the complete text of all
the popup messages you see on the screen. I like the idea posted by
others to use your PC to download MBAM and install it onto hers (it may
not work, but it's certainly worth a try). It might be necessary to boot
to Safe Mode.

Depending on the malware, there may be specific strategies for it. For
example, often MBAM needs to be renamed or otherwise altered.

This site has a wealth of information:

http://www.bleepingcomputer.com/

On the left, you'll see a box containing "Latest Malware Removal
Guides." Again, when you give us specific information with regard to
which malware she has, we can help guide you to the correct guide to
use. Just so you get an idea what one looks like, see this one:

http://www.bleepingcomputer.com/virus-removal/remove-av-security-suite

 

[timOleary]

Depending on which malware is involved and how long ago the PC was
infected, you might want to try using System Restore (SR) to restore the
system to before the infection occurred.  Some malware prevent you from
invoking SR so you may have to do it from safe mode.

Also, some malware will remove/corrupt the restore points preventing SR
from working, but I'd give it a try before doing a reinstall.

Gary Richtmeyer

Thanks for all the feedback.
I tried F8 and to go back to the last known good configuration which
did not work.
Safe mode was also infected.
We will do a test ping and a screen shot and report back.
v/r
timO
<>

 

[timOleary]

Thanks for all the feedback.
I tried F8 and to go back to the last known good configuration which
did not work.
Safe mode was also infected.
We will do a test ping and a screen shot and report back.
v/r
timO
<>

She used the AVG rescue download to burn a CD, ran it, and the crap
disappeared. Now she says the PC is unable to find the router.
But she's working on it

 

[timOleary]

She used the AVG rescue download to burn a CD, ran it, and the crap
disappeared. Now she says the PC is unable to find the router.
But she's working on it

Have her look in the Device Manager for problems, such as exclamation
points, etc.

Here are a few things to try:

Open Internet Options, Connections tab, click "Lan Settings" button,
deselect all.

Flush DNS

Click Start, Run, type CMD and click the [OK] button.  Type each of the
following:

IPConfig /FlushDNS  [Press Enter key]
ipconfig /release        [Press Enter key]
ipconfig /renew           [Press Enter key]
ipconfig /registerdns [Press Enter key]

my son-in-law took over on the PC and decided to reload Windows.
I am saving these replies for the next crisis.
thanks 2 all 4 the responses
<>