April 8th, 2011, 09:35 PM | #1 |
ninjette.org certified postwhore
Name: Scott
Location: Carlise Ohio
Join Date: Apr 2010 Motorcycle(s): Yahama v star 650 classic Posts: A lot.
|
computer help..
So, I know nothing about computers..That said, I need some advice. I was just on my laptop checking my Facebook and my XP Home Security pops up saying I have 27 infections. I click "Remove" and I wants me to spend money. Worried I might have someone draining my back accunt, I just simply disable my wireless on it. I open up my Norton AntiVirus to do a full system scan. So far it has not detected anything. Mean while this XP Home Security screen keeps comming up, even when I exit out of it.
I don't remember even using this XP once on my laptop. I have owned it for like 5 years now. lol Should I just trust my Norton and go about my stuff? I hate my wife's laptop. It's super slow.
__________________________________________________
|
|
April 8th, 2011, 09:38 PM | #2 |
Long Time Rider
Name: Blue
Location: Charlotte, NC
Join Date: Sep 2010 Motorcycle(s): 2009 Kawasaki Ninja 250R Posts: A lot.
|
Have you tried Malwarebytes?
http://download.cnet.com/Malwarebyte...-10804572.html |
|
April 8th, 2011, 09:42 PM | #3 |
ninjette.org certified postwhore
Name: Scott
Location: Carlise Ohio
Join Date: Apr 2010 Motorcycle(s): Yahama v star 650 classic Posts: A lot.
|
I don't know what that is, but I will download it!
__________________________________________________
|
|
April 8th, 2011, 09:52 PM | #4 |
ninjette.org member
Name: Adam
Location: Medford, Oregon
Join Date: Aug 2009 Motorcycle(s): EX250-E2 Posts: 12
|
sounds like a standard variant of a "FakeAV" infection
Basically you get a virus that pretends that it's an anti-virus, getting you to click on it (even just closing the window can do bad things) and even getting you to pay for the product to remove whatever infections it found. Of course it doesn' fix anything and they have your $. VERY FRUSTRATING!
If you can, get any important files off your computer and onto a USB drive. If you have System Restore turned on you may try restoring to a point before you were first notified of all the "infections." Then download and run "Malwarebytes Antimalware" and "SuperAntiSpyware" for starters. Hopefully this will take care of your problem. Good luck! |
|
April 8th, 2011, 09:55 PM | #5 |
YEAH! Custom name tag.
Name: Jon
Location: CT
Join Date: Jul 2010 Motorcycle(s): 2010 Ninja 250R SE- SOLD to maverick9611 Posts: 525
|
__________________________________________________
Don't touch it. Don't even look at it. Go on, get out, you heard me. Don't look at me either. Yeah, you better walk on. I'll hit an old man in public. |
|
April 8th, 2011, 10:05 PM | #6 | |
ninjette.org certified postwhore
Name: Scott
Location: Carlise Ohio
Join Date: Apr 2010 Motorcycle(s): Yahama v star 650 classic Posts: A lot.
|
Quote:
__________________________________________________
|
|
|
April 8th, 2011, 10:22 PM | #7 |
ninjette.org member
Name: Jeremy
Location: Hawaii
Join Date: Feb 2010 Motorcycle(s): None yet Posts: 108
|
That bogus security software popup is itself malware. It's fairly common to see bogus security warnings pop up and tell you that you need to do this, that, and the other thing. However, by doing this, that, and the other thing, you're actually installing a virus.
Don't give it your C.C. details. The fact that Norton isn't picking it up makes me wonder a few things, but not likely questions you would be able to answer. Although I am curious which version of Nortons you have installed and whether or not you have an active subscription. As far as XP is concerned, scrap it. Your personal preference is irrelevant since XP is no longer supported and being specifically targeted due to its unsupported status. If your laptop can handle Win 7, get it. If not, don't enter any credentials into that system, ever. You can use it for basic web browsing that doesn't require you to log into the website, but beyond that, you're running a major risk. I would suggest turning it into a Linux box, but that's a little outside of the "novice" category. Linux is fairly simple and straight forward, but does take a little getting used to. Before this turns into a "Which AV software is best" debate, you made a good choice in AV software. Unless someone arguing can provide solid credentials as to their personal level of expertise, everything they are saying is an opinion, not fact. Symmantic is a major player in the IT security industry, not some random company pushing a product they know nothing about. Norton Internet Security has been ranked in the top 5, if not number 1, by many reputable PC websites for several years. The "Norton is a resource hog" argument died several years ago. 5 minutes of Google research can easily verify these things. Don't take my word for it, check it. Personally, I use Norton 360 on all three of my systems as well as Norton Mobile Security on my droid. As far as Malwarebytes, it's a good secondary tool, but don't rely on it as your primary scanner. |
|
April 8th, 2011, 11:42 PM | #8 |
Climb to Glory!
Name: Charlie
Location: Las Vegas
Join Date: Mar 2011 Motorcycle(s): 2011 Kawasaki Ninja 250R White (sold) Posts: 234
|
Before anything else, that virus is called Anti-Spyware 2010. I've had clients get that virus, some of them actually put their card information in. A few days later they see a charge coming from the UK being wire transferred next to a bank account in south Africa.
Anyway, what you need to do first is download ComboFix, preferably from another computer saved into a thumbdrive or burned into a CD (too much hassle though). Also download Microsoft Security Essentials and as what otehr people said earlier MalwareBytes. They're free and are ranked pretty well on Maximum PC's best anti-spyware programs of 2011. Next, boot your PC into Safe Mode. Restart your system and as it comes up repeatedly press the F8 key. It will give you a list of choices, pick Safe Mode with Networking. Safe mode only loads processes essential for Windows to boot up, some people call it Simple mode. Next insert that thumbdrive or CD and run ComboFix. Just say yes to all prompts and it will then start scanning. Let the scan finish, depending on your storage space and actual used storage, it may take an hour or more for scanning. After scanning with ComboFix is done, install MSE and then do an update then do a Full Scan. DO the same thing with Malware-Bytes. I run through these filters just to make sure that nothing is left behind. One scanner just ain't good enough. For me, it's best to physically take the drive out and connect it to a separate computer via some adapters or using an external hard drive enclosure. You can then plug that drive into another computer's USB port and you can use it as an external drive. You can do your scans from that computer just don't ever open any file even if it's something you recognize. Opening an infected file with activate the virus. Re-contamination occurs.
__________________________________________________
I wanted to become Kamen Rider as a kid. |
|
April 9th, 2011, 12:11 AM | #9 |
ninjette.org certified postwhore
Name: Colin
Location: Bay Area
Join Date: Feb 2011 Motorcycle(s): '96 EX250 Posts: A lot.
|
eh yeah you've got some spyware. Once you get it all squared away, ditch nortons and get microsoft security essentials. It's free, lightweight and it works best.
|
|
April 9th, 2011, 01:33 AM | #10 |
noob motovlogger
Name: Gareth
Location: Austin, TX
Join Date: Dec 2009 Motorcycle(s): Black 2009 250r Posts: 328
|
Malwarebytes is a good program. I have twice had very similar problems that you are having and both times a nice little program called SmitFraudFix by S!RI fixed it for me.
http://siri.geekstogo.com/SmitfraudFix.php It's a very basic program that runs in command prompt but it works wonders.
__________________________________________________
My Motovlog "Damn, either shimming the needles fixes 90% of any problems with the 250Rs, or kkim owns stock in a washer manufacturer." -DmbShn41 |
|
April 9th, 2011, 07:34 AM | #11 | |
ninjette.org guru
Name: Jesse
Location: Ann arbor mi
Join Date: Mar 2011 Motorcycle(s): 2007 ninja 250r Posts: 374
|
Quote:
You shouldn't recommended users to run combofix. |
|
|
April 9th, 2011, 08:00 AM | #12 |
Long Time Rider
Name: Blue
Location: Charlotte, NC
Join Date: Sep 2010 Motorcycle(s): 2009 Kawasaki Ninja 250R Posts: A lot.
|
If you have had a bogus pop up for a while, chances are that same bogus info is stored in your System Restore as well. Using Malwarebytes will remove it. However, after you you use it, set a new restore point and as good practice, back up your most important files.
Like someone mentioned, Norton is a good program, but like most AV programs it may miss a thing or two every now and then. Malwarebytes will help supplement it. On some older under memoried XP machines, Norton can still be a resource hog. If you have not maximized you memory capacity it still may run a little slow. If you are a novice, I do not recommend you using Combofix or Smithfraud. |
|
April 9th, 2011, 08:11 AM | #13 |
ninjette.org certified postwhore
Name: Cody
Location: NoVa
Join Date: Jan 2011 Motorcycle(s): 06 yzf r6r previously: 09 ninja 250r, black 07 zx6r Posts: A lot.
|
I had my bosses computer at work have a very similar virus (ie. one posing as an anti virus). The fastest, easiest and best way to get rid of the virus is to enable safe mode command prompt, find the bugger and delete it back to hell where it came from. Unfortunately you have to be computer savvy to know how to do it. I'd help you if I were there but honestly if you have any computer savvy friends that you could ask to come over they should be able to fix it in a jiffy.
__________________________________________________
|
|
April 9th, 2011, 09:14 AM | #15 |
ninjette.org guru
Name: Jesse
Location: Ann arbor mi
Join Date: Mar 2011 Motorcycle(s): 2007 ninja 250r Posts: 374
|
Best forum for virus issues
http://www.bleepingcomputer.com/forums/ Btw Ive been a manager of a computer repair store since I was 18 |
|
April 11th, 2011, 01:00 PM | #16 |
ModMy250.com
Name: Tri
Location: St, Louis
Join Date: Sep 2010 Motorcycle(s): 2009 Ninja 250R, 2005 R6 Posts: A lot.
|
Stop looking at porn sites
__________________________________________________
The www.ModMy250.com guy |
|
April 11th, 2011, 01:07 PM | #17 |
CPT Falcon
Name: J.Emmett Turner
Location: Newnan, GA
Join Date: Apr 2009 Motorcycle(s): '08 CP Blue EX250J, '97 unpainted EX250F, 2nd '97 unpainted EX250F (no engine), '07 black EX250F Posts: A lot.
|
This stuff was a big problem in the late 90s as well, though they didn't always exploit your computer. They usually just convinced you to download something malicious. I remember when my friend's dad would get a new porn dialer installed on their PC every week. They'd turn off your modem's speaker and dial a 1-900 number to get you on the Internet and access the... umm... err... "info" you wanted while leaving the user unaware of the switch. From then on, any time you went online you were being billed at an exorbitantly high 1-900 rate. Sneaky sneaky.
Heck, some of the porn dialers weren't technically "malicious" because they spelled out what they were going to do in the terms that no one reads and didn't hijack your default connection to the Internet. They preyed on user ignorance. |
|
April 11th, 2011, 01:24 PM | #18 | |
ninjette.org guru
Name: Jesse
Location: Ann arbor mi
Join Date: Mar 2011 Motorcycle(s): 2007 ninja 250r Posts: 374
|
Quote:
|
|
|
April 11th, 2011, 01:39 PM | #19 |
IC2(SW)
Name: Kerry
Location: Pensacola
Join Date: Nov 2008 Motorcycle(s): . Posts: A lot.
|
Dont know if you fixed that virus "XP 2011 Anti Virus" yet. I got it off greggscustoms.com the other day. Adobe poped up, and then that crap loaded.
None of the removal programs would load. Renaming/loading from another computer didnt work. Really no programs would work, would ask "what do you want to open with?" Same with system restore.... any program..^ I got 1 removal tool to load in "safe mode with networking" from pc tools. spydoctor, it scanned and wanted money. I paid it didnt work. Got a refund a week later. MacAfee wanted 90 dollars to remove! it was there dam **** that that didnt catch it Anyway, was lucky to get into system restore via safe mode with networking. Restored to earliest point. fixed everything......I dont know if that crap is still hiding in there... what a mess.. took 10 hours of screwing around.! |
|
April 11th, 2011, 01:47 PM | #20 | |
ninjette.org guru
Name: Jesse
Location: Ann arbor mi
Join Date: Mar 2011 Motorcycle(s): 2007 ninja 250r Posts: 374
|
Quote:
|
|
|
April 11th, 2011, 08:12 PM | #21 | |
ninjette.org guru
Name: Jonathan
Location: Ottawa, Ontario
Join Date: Mar 2011 Motorcycle(s): 2009 Ninja 250 Posts: 398
|
Quote:
There are also a ton of free anti-virus software out there. Many large companies will have free consumer versions. I've been recommending Microsoft Security Essentials to friends and family. It's free from Microsoft and very quite good.
__________________________________________________
From here...to everywhere! |
|
|
April 11th, 2011, 08:32 PM | #22 |
Climb to Glory!
Name: Charlie
Location: Las Vegas
Join Date: Mar 2011 Motorcycle(s): 2011 Kawasaki Ninja 250R White (sold) Posts: 234
|
__________________________________________________
I wanted to become Kamen Rider as a kid. |
|
April 12th, 2011, 07:59 AM | #23 |
ninjette.org guru
Name: Jesse
Location: Ann arbor mi
Join Date: Mar 2011 Motorcycle(s): 2007 ninja 250r Posts: 374
|
|
|
April 12th, 2011, 08:58 AM | #24 |
ninjette.org certified postwhore
Name: Scott
Location: Carlise Ohio
Join Date: Apr 2010 Motorcycle(s): Yahama v star 650 classic Posts: A lot.
|
What am I supposed to do all day now?!?
I've tried everything, system restore, ran a scan, and I tried to delete it. This XP thing is nowhere to be found beside on my front screen. I went into the add/remove programs and it wasn't there. I have a few friends that are smart with computers, I am going to call them up to see what they can do.
__________________________________________________
|
|
April 12th, 2011, 09:18 AM | #25 | |
ModMy250.com
Name: Tri
Location: St, Louis
Join Date: Sep 2010 Motorcycle(s): 2009 Ninja 250R, 2005 R6 Posts: A lot.
|
Quote:
__________________________________________________
The www.ModMy250.com guy |
|
|
April 12th, 2011, 09:22 AM | #26 | |
Long Time Rider
Name: Blue
Location: Charlotte, NC
Join Date: Sep 2010 Motorcycle(s): 2009 Kawasaki Ninja 250R Posts: A lot.
|
Quote:
|
|
|
April 12th, 2011, 11:06 PM | #27 |
ninjette.org certified postwhore
Name: Scott
Location: Carlise Ohio
Join Date: Apr 2010 Motorcycle(s): Yahama v star 650 classic Posts: A lot.
|
Okay, i'm getting somewhere, and learning new stuff! I am now in "safe" mode. When I open my Task Manager, I see my problems. So far I confermed 5 viruses. The name of them are, "svchost.exe" There are more i'm sure, still looking them up on google. How do I delet them? I ran my Nortan scan, but on scaned 1 file. lol. Even in safe mode, the XP is jumping up.
__________________________________________________
|
|
April 12th, 2011, 11:11 PM | #28 |
ninjette.org certified postwhore
Name: Cuong
Location: San Diego
Join Date: Jul 2010 Motorcycle(s): 2008 Ninja 250r, 2007 Daytona 675 Posts: A lot.
|
Safe mode and malwarebytes generally works for me. You might have to download malwarebytes onto a flash drive on another computer if the virus doesn't let you download anything.
|
|
April 12th, 2011, 11:11 PM | #29 |
ninjette.org certified postwhore
Name: Scott
Location: Carlise Ohio
Join Date: Apr 2010 Motorcycle(s): Yahama v star 650 classic Posts: A lot.
|
csrss.exe, is anther one. Thats the bad one I think. Yahoo said its a virus that alows locals to steal passwords, ect.
__________________________________________________
|
|
April 12th, 2011, 11:13 PM | #30 |
ninjette.org certified postwhore
Name: Scott
Location: Carlise Ohio
Join Date: Apr 2010 Motorcycle(s): Yahama v star 650 classic Posts: A lot.
|
Yeah, it has gotten way worse. When i'm not messing with it, I turn it completly off and take out the battery. When I started it up normal, I coulnt open anything. My screen was just blue.
__________________________________________________
|
|
April 12th, 2011, 11:28 PM | #31 |
ninjette.org certified postwhore
Name: Brian
Location: Detroit, MI
Join Date: Jun 2010 Motorcycle(s): 2009 Ninja 250R Green Posts: A lot.
|
Everybody has different ways of fixing this. My personal advice is to transfer ALL your important stuff (documents, music, photos, bookmarks, all of it) to a USB stick or External harddrive or even burn it on a CD. Once you have everything backed up, I highly recommend a reformat/reinstall of the ENTIRE OS. It is the ONLY surefire way that ALL viruses/trojans are removed/deleted.
Creators of viruses are very clever and there will never be a piece of software that can remove it completely without causing you to spend hours upon hours scanning and booting and removing stuff. Reformatting and reinstalling will take at most 3 hours and you'll have a fresh computer for which you know is clean. If you need more details on how to go about it, PM me and I'll try to help. IMHO, no faster or cleaner way of being sure you're safe. |
|
April 13th, 2011, 05:58 AM | #32 | |
Long Time Rider
Name: Blue
Location: Charlotte, NC
Join Date: Sep 2010 Motorcycle(s): 2009 Kawasaki Ninja 250R Posts: A lot.
|
Quote:
Not unless your computer is completely over run by infections and you are totally unable to execute any commands or programs, an XP in place repair or fresh install should be your last resort. Just make sure you have an original install disc. Because you said you know nothing about computers, I would recommend you let a pro look at it for you. I have had to remove the HDD from computers many times, place them in a clean unit, and scan them (to remove infections which other wise rendered the original computer useless ) with no data loss. As I mentioned before back up your data if possible. if you choose to reformat. Understand doing either an XP repair or reinstall. All Services Pack and MS updates will have to be updated again. With an XP reinstall you will have to reinstall all programs that you had previously. There are a couple of programs you can use to temporally disable unwanted programs from operating so you can use your AV, SW, MW programs. It is recommended you download them to and run from a USB and use them in safe mode. TDSS killer http://support.kaspersky.com/viruses...?qid=208280684 RKill http://www.bleepingcomputer.com/down...ti-virus/rkill Last futzed with by DaBlue1; April 13th, 2011 at 08:50 AM. |
|
|
April 13th, 2011, 01:13 PM | #33 | |
ninjette.org member
Name: Jeremy
Location: Hawaii
Join Date: Feb 2010 Motorcycle(s): None yet Posts: 108
|
Quote:
It's common to have multiple svchost.exe running at the same time, I think I've counted 11 before. If you've run multiple scans without any results, it's possible you have a rootkit, which isn't easy to detect or get rid of. It usually involves some very powerful tools or actually going in and adjusting the registry manually, both of which can kill the OS permanently if you make a mistake. Hijackthis is one such tool which I personally recommend, although since you're not an expert I strongly suggest you just create a report and have an expert go over it. Hijackthis does not differentiate between safe and unsafe files. You tell it to remove something and it's gone, whether it's system critical or not. http://download.cnet.com/Trend-Micro...-10227353.html Use it at your own risk. Messing with the registry is the fastest way to destroy your system. |
|
|
April 13th, 2011, 01:44 PM | #34 |
Ninja Dog
Name: Brady
Location: Sunset, UT
Join Date: Dec 2010 Motorcycle(s): 2011 Kawasaki Ninja ZX-14 Posts: 186
|
Sounds like the Antivirus Virus. It is a PITA to remove manually. Took me roughly 5 hours when I got it on my PC 2-3 years ago. As someone else has already stated, backup all your important personal files and reinstall Windows. It's the fastest and easiest way to get rid of it unless you have the know how and patience to get rid of it yourself!
Good luck!
__________________________________________________
ALL YOUR NINJA ARE BELONG TO US! |
|
April 14th, 2011, 07:38 AM | #35 | |
ninjette.org certified postwhore
Name: Scott
Location: Carlise Ohio
Join Date: Apr 2010 Motorcycle(s): Yahama v star 650 classic Posts: A lot.
|
Quote:
__________________________________________________
|
|
|
April 14th, 2011, 08:02 AM | #36 |
ninjette.org certified postwhore
Name: Cuong
Location: San Diego
Join Date: Jul 2010 Motorcycle(s): 2008 Ninja 250r, 2007 Daytona 675 Posts: A lot.
|
Scotty, before resorting to that, have you tried malwarebytes in safe mode yet? XP Home Security virus is an easy Trojan to remove. Re-installing windows will take quite awhile especially having to backup everything.
http://www.virusremovalguru.com/?p=6813 |
|
April 14th, 2011, 08:08 AM | #37 | |
Long Time Rider
Name: Blue
Location: Charlotte, NC
Join Date: Sep 2010 Motorcycle(s): 2009 Kawasaki Ninja 250R Posts: A lot.
|
Quote:
TDSS Killer http://support.kaspersky.com/viruses...?qid=208280684 RKill http://www.bleepingcomputer.com/down...ti-virus/rkill Give them a try, it's easier than you think. |
|
|
April 14th, 2011, 08:12 AM | #38 | |
ninjette.org certified postwhore
Name: Scott
Location: Carlise Ohio
Join Date: Apr 2010 Motorcycle(s): Yahama v star 650 classic Posts: A lot.
|
Quote:
This whole thing is weird. I never had any problems with my laptop untill I move to where i'm living now. When I'm on my laptop, Norton will have a small box pop up about once an hour saying, "a recent attake was attepted and blocked" When I used my laptop anywhere ealse, that never happend. Not sure if that has anything to do with this or not.
__________________________________________________
|
|
|
April 14th, 2011, 08:24 AM | #39 |
ninjette.org certified postwhore
Name: Cuong
Location: San Diego
Join Date: Jul 2010 Motorcycle(s): 2008 Ninja 250r, 2007 Daytona 675 Posts: A lot.
|
Yea, easiest way to remove those popup viruses is to run an antivirus program in safe mode which prevents the virus from loading in the first place. Download malwarebytes onto a USB drive on your computer, load your wife's laptop in safe mode and run the program from the USB drive. This should honestly do the trick for you.
|
|
April 14th, 2011, 08:27 AM | #40 | |
Long Time Rider
Name: Blue
Location: Charlotte, NC
Join Date: Sep 2010 Motorcycle(s): 2009 Kawasaki Ninja 250R Posts: A lot.
|
Quote:
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Any Computer Geeks out There? | Scattcatt | Off-Topic | 17 | January 11th, 2013 06:57 PM |
Computer Weirdness | Jiggles | Off-Topic | 36 | August 15th, 2012 04:40 PM |
Computer issues | Jiggles | Off-Topic | 4 | March 8th, 2012 02:33 PM |
Question for you computer geeks… I mean… computer experts | THE BIG SITT | Off-Topic | 10 | January 28th, 2012 12:18 AM |
How to fix a computer | Alex | Off-Topic | 2 | April 20th, 2011 05:57 PM |
|
|