trying to help a friend with two problems.

[Gene Murphy]

Hi All...gosh darn early to be asking for help but here goes and thanks in
advance for any replies!
Work most of the day trying to help a friend in a small business who's brand
new "emachine" started to run at a snails pace about 1 week ago. Windows XP
without any firewall the one that comes with XP and that was turned off, no
system restore for that was disabled(she said she didn't do that so her 16
year old son who uses the computer at night might have)Does have Norton
Anti-Virus that cames as OEM on the machine, that also not set up correctly
so I did run a scan on that came up with two "errors" that Norton could not
fix or quarantine located in C:\Program Files\Alset\Help
Express\Tena\Download\Client.Cab . I had to use the computer in safe mode
to even do anything for in regular boot up it was just to slow to get
anywhere. I was able to delete the two above files , we had no idea what
program it was, i didn't no either,so i just deleted them. Computer still
acting the same. Next went and downloaded a free version of AVG. This time
on scan came up with 6 new virus which avg was successful at putting in
virus vault ,all with the exception of one...Internet Optimizer , there is a
Trojan in that program but AVG could neither Vault it or delete it. I was
unable to delete the program itself even though i did remove it under add
and remove programs the folder still exists and I could not delete or more
likely do not know the proper technique to delete an .exe folder and its
contents. Yes I did make a new restore point before doing all of this for my
friend. On the second scan with AVG , it came up with more problems that it
fixed ( her son evidently has been going to many porn sites and downloading
"dialers" up the Kazoo...(no pun intended) and the computer is just full of
maleware , addware and etc. I don't know if that is making the machine run
so slow (it runs fine in safe mode (network mode)) and as AVG did pick up
another uncleanable , unfixable ..Trojan Horse Dowloader Dyfica.G...I am at
a lost as what to do for her next. I hate to do a clean install of windows ,
naturally she has nothing backed up, no cd writer to back up anything on and
needs this computer of her small shipping business (running on a shoe string
budget) so she can not afford a real technician to fix the thing and the
computer bought at wall mart, well you know how much help she is going to
get there, except to be told to put in the recovery disk??Any and all
suggestion would be highly appreciated at this the season .P.S. I did also
download free Zone Alarm for her so that may also prevent some future
attacks.
Respectfully
Gene Murphy

 

[Jim Macklin]

Without a firewall the computer is subject to many possible
threats, such as Blaster (but that doesn't seem to be your
problem).
Her son may have downloaded many dialers and other stuff,
many porn sites will place byte-verify Trojans and other
programs such as keyloggers. They also will try to place
servers on the computer, check the services to see what is
running. Set Zone Alarm to ask for every program access for
a while, to see what is asking to penetrate the firewall.

He may also have been downloading music P2P which puts a
server on-line which will use a lot of cycles.

A clean install really may be the best and easiest way to
fix the computer. Be sure the system administrator account
has a secure password and create another administrator
account with a different password (this will hide the
default admin account). Then make limited accounts, with
different passwords for day to day use for each authorized
user. Do not tell the son what any of the other passwords
are, just his own. Even better, and for tax purposes (IRS
could deny business deductions if the computer is used for
games) get the kid his own computer and if he's under age,
limited his use of that one too.


Install SpyBot Search and Destroy www.security.kolla.de and
use the "immunize" feature to block about 600 (currently)
evil ware.


| Hi All...gosh darn early to be asking for help but here
goes and thanks in
| advance for any replies!
| Work most of the day trying to help a friend in a small
business who's brand
| new "emachine" started to run at a snails pace about 1
week ago. Windows XP
| without any firewall the one that comes with XP and that
was turned off, no
| system restore for that was disabled(she said she didn't
do that so her 16
| year old son who uses the computer at night might
have)Does have Norton
| Anti-Virus that cames as OEM on the machine, that also not
set up correctly
| so I did run a scan on that came up with two "errors" that
Norton could not
| fix or quarantine located in C:\Program Files\Alset\Help
| Express\Tena\Download\Client.Cab . I had to use the
computer in safe mode
| to even do anything for in regular boot up it was just to
slow to get
| anywhere. I was able to delete the two above files , we
had no idea what
| program it was, i didn't no either,so i just deleted them.
Computer still
| acting the same. Next went and downloaded a free version
of AVG. This time
| on scan came up with 6 new virus which avg was successful
at putting in
| virus vault ,all with the exception of one...Internet
Optimizer , there is a
| Trojan in that program but AVG could neither Vault it or
delete it. I was
| unable to delete the program itself even though i did
remove it under add
| and remove programs the folder still exists and I could
not delete or more
| likely do not know the proper technique to delete an .exe
folder and its
| contents. Yes I did make a new restore point before doing
all of this for my
| friend. On the second scan with AVG , it came up with more
problems that it
| fixed ( her son evidently has been going to many porn
sites and downloading
| "dialers" up the Kazoo...(no pun intended) and the
computer is just full of
| maleware , addware and etc. I don't know if that is making
the machine run
| so slow (it runs fine in safe mode (network mode)) and as
AVG did pick up
| another uncleanable , unfixable ..Trojan Horse Dowloader
Dyfica.G...I am at
| a lost as what to do for her next. I hate to do a clean
install of windows ,
| naturally she has nothing backed up, no cd writer to back
up anything on and
| needs this computer of her small shipping business
(running on a shoe string
| budget) so she can not afford a real technician to fix the
thing and the
| computer bought at wall mart, well you know how much help
she is going to
| get there, except to be told to put in the recovery
disk??Any and all
| suggestion would be highly appreciated at this the season
..P.S. I did also
| download free Zone Alarm for her so that may also prevent
some future
| attacks.
| Respectfully
| Gene Murphy
|
| --
|
|
| ----------------------------------------------------
| This mailbox protected from junk email by Matador
| from MailFrontier, Inc. http://info.mailfrontier.com
|
|

 

[Gene Murphy]

Thanks so much for your help Jim! Everything went fine. She was really
hesitant and to tell you the truth so was I, for the computer was even worse
today than yesterday. It was just full of virus, Trojan, adware,
maleware...I could only get it to run in safe mode. Did a clean install as
you suggested. Got her back on the internet after some trouble with Comcast
, well I guess not Comcast for she had lost the software for the cable
modem, Luckily we are both on the same server so I just used mine and it
worked. Password Protected the computer as you said setting up administrator
with password. Everything went fine I think , just don't know how to keep
that boy of hers from going back to the porn sites and starting this whole
process again. But as she is just a friend i was trying to help , and it is
her child, I told her she needed to practice some "tough Love" with this
boy, or her computer was going to be in the same shape again. Even though I
installed the free version of zone alarm for her, the only thing i suggested
to her was ...he can use the computer during the day while she is at work(it
is a workplace computer) and then when she leaves at night, to password
protect the whole computer using a screensaver password, so he can't come
into the shop at night and do his thing.

Anyway just wanted to let you and others how much appreciated the help and
advice you offer here. Knowledge someone said Is True Power...but the real
Power only comes when you are willing to share your knowledge with others.
Thanks!
Respectfully
Gene Murphy

 

[Jim Macklin]

Glad I was of some help, mostly just encouragement, you seem
to have done the work.

I like SpyBot Search and Destroy because it has the feature,
immunize, included in the free version. It will block a lot
of the bad stuff. AdAware also has a similar feature, but
only on the paid version.

I would be concerned with any "non-employee" using a company
computer. It would raise issues with the IRS and it would
likely get an employee fired for many reasons, from stealing
company assets to security of company data. Because of the
Trojans you removed, possibly all the data that was on the
computer (and any network-LAN) was exposed to the outside
world.


| Thanks so much for your help Jim! Everything went fine.
She was really
| hesitant and to tell you the truth so was I, for the
computer was even worse
| today than yesterday. It was just full of virus, Trojan,
adware,
| maleware...I could only get it to run in safe mode. Did a
clean install as
| you suggested. Got her back on the internet after some
trouble with Comcast
| , well I guess not Comcast for she had lost the software
for the cable
| modem, Luckily we are both on the same server so I just
used mine and it
| worked. Password Protected the computer as you said
setting up administrator
| with password. Everything went fine I think , just don't
know how to keep
| that boy of hers from going back to the porn sites and
starting this whole
| process again. But as she is just a friend i was trying to
help , and it is
| her child, I told her she needed to practice some "tough
Love" with this
| boy, or her computer was going to be in the same shape
again. Even though I
| installed the free version of zone alarm for her, the only
thing i suggested
| to her was ...he can use the computer during the day while
she is at work(it
| is a workplace computer) and then when she leaves at
night, to password
| protect the whole computer using a screensaver password,
so he can't come
| into the shop at night and do his thing.
|
| Anyway just wanted to let you and others how much
appreciated the help and
| advice you offer here. Knowledge someone said Is True
Power...but the real
| Power only comes when you are willing to share your
knowledge with others.
| Thanks!
| Respectfully
| Gene Murphy
|
| --
|
|
| ----------------------------------------------------
| This mailbox protected from junk email by Matador
| from MailFrontier, Inc. http://info.mailfrontier.com
|
in message
| | > Without a firewall the computer is subject to many
possible
| > threats, such as Blaster (but that doesn't seem to be
your
| > problem).
| > Her son may have downloaded many dialers and other
stuff,
| > many porn sites will place byte-verify Trojans and other
| > programs such as keyloggers. They also will try to
place
| > servers on the computer, check the services to see what
is
| > running. Set Zone Alarm to ask for every program access
for
| > a while, to see what is asking to penetrate the
firewall.
| >
| > He may also have been downloading music P2P which puts a
| > server on-line which will use a lot of cycles.
| >
| > A clean install really may be the best and easiest way
to
| > fix the computer. Be sure the system administrator
account
| > has a secure password and create another administrator
| > account with a different password (this will hide the
| > default admin account). Then make limited accounts,
with
| > different passwords for day to day use for each
authorized
| > user. Do not tell the son what any of the other
passwords
| > are, just his own. Even better, and for tax purposes
(IRS
| > could deny business deductions if the computer is used
for
| > games) get the kid his own computer and if he's under
age,
| > limited his use of that one too.
| >
| >
| > Install SpyBot Search and Destroy www.security.kolla.de
and
| > use the "immunize" feature to block about 600
(currently)
| > evil ware.
| >
| >
| > | > | Hi All...gosh darn early to be asking for help but
here
| > goes and thanks in
| > | advance for any replies!
| > | Work most of the day trying to help a friend in a
small
| > business who's brand
| > | new "emachine" started to run at a snails pace about 1
| > week ago. Windows XP
| > | without any firewall the one that comes with XP and
that
| > was turned off, no
| > | system restore for that was disabled(she said she
didn't
| > do that so her 16
| > | year old son who uses the computer at night might
| > have)Does have Norton
| > | Anti-Virus that cames as OEM on the machine, that also
not
| > set up correctly
| > | so I did run a scan on that came up with two "errors"
that
| > Norton could not
| > | fix or quarantine located in C:\Program
Files\Alset\Help
| > | Express\Tena\Download\Client.Cab . I had to use the
| > computer in safe mode
| > | to even do anything for in regular boot up it was just
to
| > slow to get
| > | anywhere. I was able to delete the two above files ,
we
| > had no idea what
| > | program it was, i didn't no either,so i just deleted
them.
| > Computer still
| > | acting the same. Next went and downloaded a free
version
| > of AVG. This time
| > | on scan came up with 6 new virus which avg was
successful
| > at putting in
| > | virus vault ,all with the exception of one...Internet
| > Optimizer , there is a
| > | Trojan in that program but AVG could neither Vault it
or
| > delete it. I was
| > | unable to delete the program itself even though i did
| > remove it under add
| > | and remove programs the folder still exists and I
could
| > not delete or more
| > | likely do not know the proper technique to delete an
..exe
| > folder and its
| > | contents. Yes I did make a new restore point before
doing
| > all of this for my
| > | friend. On the second scan with AVG , it came up with
more
| > problems that it
| > | fixed ( her son evidently has been going to many porn
| > sites and downloading
| > | "dialers" up the Kazoo...(no pun intended) and the
| > computer is just full of
| > | maleware , addware and etc. I don't know if that is
making
| > the machine run
| > | so slow (it runs fine in safe mode (network mode)) and
as
| > AVG did pick up
| > | another uncleanable , unfixable ..Trojan Horse
Dowloader
| > Dyfica.G...I am at
| > | a lost as what to do for her next. I hate to do a
clean
| > install of windows ,
| > | naturally she has nothing backed up, no cd writer to
back
| > up anything on and
| > | needs this computer of her small shipping business
| > (running on a shoe string
| > | budget) so she can not afford a real technician to fix
the
| > thing and the
| > | computer bought at wall mart, well you know how much
help
| > she is going to
| > | get there, except to be told to put in the recovery
| > disk??Any and all
| > | suggestion would be highly appreciated at this the
season
| > .P.S. I did also
| > | download free Zone Alarm for her so that may also
prevent
| > some future
| > | attacks.
| > | Respectfully
| > | Gene Murphy
| > |
| > | --
| > |
| > |
| > | ----------------------------------------------------
| > | This mailbox protected from junk email by Matador
| > | from MailFrontier, Inc. http://info.mailfrontier.com
| > |
| > |
| >
| >
|
|