Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 629
  • Last Modified:

HP Vista infected and practically nothing works except https:/g

Practically all functionality is shut down: firefox, chrome , Word, Adobe Acrobat reader, etc.

I can do https://, mostly just gmail.

Somehow "Security Suite" got in the PC. It scans as an eval copy but you have to purchase, and its expensive ($50 for 3 months ). Plus the site to purchase this comes up ok in IE.

I think the virus got on there via online games or something like that.

I can probably re
store to store-bought condition, them reload software. Plus make sure I have adequate protection this time. But if there's something quick I can do, I'll give it a shot.
0
Alaska Cowboy
Asked:
Alaska Cowboy
  • 11
  • 5
  • 2
  • +5
10 Solutions
 
sagiamarCommented:
try to run malwarebytes and combofix

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html


http://www.combofix.org/


also when downloading the files change the file name... some viruses block the files by name..
0
 
Da_PirateCommented:
Nothing you can do ( id you have a Ubunto CD you can log on from it and collect all your important files )
then you will have to reinstall windows or use the Recovery DVD's
0
 
Alaska CowboyAuthor Commented:
Thanks, I inadvertently posted this twice from mobile device. I will review and try to get this solved.
0
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

 
rknetworkCommented:
This free utility should definetely help you:
http://www.freedrweb.com/download+cureit/?lng=en
you may download it to a flash drive, then start VISTA in a Safe Mode and launch it.
0
 
nobusCommented:
i think  you're best and safest going the way you thought : restore it to factory settings.
0
 
Sudeep SharmaTechnical DesignerCommented:
Try HitManPro:


32 bit:
http://dl.surfright.nl/HitmanPro35.exe

64bit:
http://dl.surfright.nl/HitmanPro35_x64.exe

If that fails then try Combofix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post the logs for further analysis

Sudeep
0
 
Marc ZCommented:
I'm with nobus on this one as you indicated previously you didn't know how to start WindOws inSafe Mode, However I would confirm you Have Good Backups of your important data Before you start restoring to Factory condition.
Some things you might not want to lose,  Favorites or Bookmarks, Emails and the settings,  My Documents, My Pictures (don't lose the pics!!!!)
0
 
nltechCommented:
That is a ROGUE APP -- DO NOT BUY IT.

If it's the "Security Suite" rogue app that's been spreading lately, you will likely need a combination of ComboFix, MBRcheck, TDSSkiller and Malwarebytes (and then some) to get rid of it.

A full, destructive factory restore would be a lot simpler.
0
 
Alaska CowboyAuthor Commented:
All, thank you for the tips, I apologize for not posting updates.
Right after the computer in question got infected, I brought home a similar computer from the repair shop, it had lost its hard drive and they re-installed original Windows Vista, which I'm on now, and things are happy there (which is what I'm on now0
On the infected computer, it was a nuisance type virus, it walked through all applications bit by bit and shut them down, even notepad. For a while Opera browser was working but then it couldn't get to the internet.
So I plan on just restoring, but a couple of questions:
- what about the files, should I assume they are (or are not) infected ?
- what about files on an external hard drive that I had connected and was mostly turned on ?
- is there any way to determine what exactly is the virus ?
0
 
nobusCommented:
the best is to connect this disk to a protected pc, and scan it with these :
    Spybot :        http://www.download.com/3000-8022-10122137.html
http://www.malwarebytes.org/mbam.php                         MBAM
http://download.bleepingcomputer.com/sUBs/ComboFix.exe            Combofix
http://www.spychecker.com/program/hijackthis.html                                       download
http://www.hijackthis.de/index.php?langselect=english              check the log
0
 
Alaska CowboyAuthor Commented:
nobus, thanks, I'll give it a try.
0
 
Marc ZCommented:
Are you comfortable taking the hard drive out of the computer?  If yes, then you could remove it, connect it to the clean machine AFTER installing all the software you want to run on it to see if you can scan and clean it.

You should also be scanning that external drive.
I would also recommend grabbing an antivirus as I haven't seen one recommended or listed as installed.
These three, AVG and Avast and Avira have free versions, MS has their free Security Essentials.  You need to have something on that clean Vista machine.  I would hope your repair shop sold, gave, installed something on that machine.

http://free.avg.com/us-en/download-avg-anti-virus-free
http://www.avast.com/free-antivirus-download
http://www.free-av.com/en/download/index.html
https://www.microsoft.com/security_essentials/
0
 
Alaska CowboyAuthor Commented:
mtz1of4, thanks a lot
great idea on removing, yes I can do that, I already have an external drive that is just a case on a HD.
I just went with Norton (internet security, v 16.0.0.125), it was on my other machine that was just cleaned with restore disks (it's not bad either, $60 a year for 3 machines and now I'm on a 60-day trial).
so I connect the external drive to my clean machine with Norton, via USB. The machine recognizes it as a device and such, and then Norton says, "oh look, I better do my thing on this new device, let's roll !"
and with this method, would it clean the bad drive from the machine in question such that I wouldn't have to wipe it clean with the restore disks ?
0
 
Marc ZCommented:
Possibly.
What I do is NOT RUN just ONE AV program on an infected hard drive.  These viruses can be tricky and there isn't just One Antivirus program that can catch them all, that is why we have been listing multiple programs.    Disable Autorun on your USB drives before connecting the infected hard drive.  Go to http://support.microsoft.com/kb/967715 , scroll down to FixIt for Disable Autorun.

You will definitely want to install MalwareBytes as sagimar first offered. I would also recommend SuperAntiSpyware.  


Here's a page for cleaning windows machines.  http://securitytango.com/windows.php

It can be tedious, but you'll learn a lot.  I would recommend downloading, installing any updates, before attaching the hard drive to the clean computer, then disconnect from the Internet, just as a precaution, however, if Autorun has been disabled, the external should not be able to activate any software automatically.

If you know you have a good backup, reinstalling might be faster.
0
 
Alaska CowboyAuthor Commented:
Ok, thanks again. I have to mull this over.
Is there any way I can determine what virus I was hit with and try to read up on it ? That might help me decide which way to go.
0
 
Marc ZCommented:
not really,  the different AV companies call them different things sometimes, so even if Norton told you it was a beagle virus, AVG might call it a trojan worm.  

Have you Googled "Security Suite" to see what it tells you about IT being a virus?
The key at this point in time is to not let your clean machine get infected, so no sharing USB thumb drives if you can't physically lock them to Read Only.  Most thumb drives do not have this switch, however some Memory cards for cameras (SD cards anyways) do have them.  
I turn them on in the clean machine, put my AV programs and updates on them, then remove them from clean machine, Lock to Read Only, then I can install those programs on bad machine, IF the virus lets me install.
I typically remove the hard drives and attach them to the clean machine though, but the above is a workaround if you're not comfortable.

Consider it a learning experience.  You have a clean machine, so if you run into issues, you can always Google the exact error message, or come right back here.  Keep good notes though, screenshots, digital camera even.
Exact Error Messages are crucial to finding fixes.
0
 
Alaska CowboyAuthor Commented:
mtz, ok, good, thanks so much. I need to do something to at a minimum recover the pics and make sure the external that was connected to infected machine is ok. I'll have to pick this up later today.
0
 
Alaska CowboyAuthor Commented:
Ok, one more question and then I think I'll close this out, as you've really answered my question. I think it's going to be awhile before I get around to this, as having the PC is not critical for the moment (my son is away at school).
so, what happens if I copy a couple of files from infected computer to flash drive and then put them on clean computer that has Norton running ? Will Norton say, "oh look, here's a new file, let's run it through the virus-checker "?
I know that sounds like a dumb question . . . although I work as a software developer (in a larger organization), I still am kind of puzzled at how anti-virus software works, from a user perspective.
So, when I put the flash drive in a USB port, would Norton immediately check everything on the drive ? If so, then Norton recognizes a "foreign object" and then does its thing ?
0
 
Alaska CowboyAuthor Commented:
closing this out now, sorry for the delay. Most likely I will just re-install Vista, I have the Recovery Disks.
still looking for an answer to above comment, "so, what happens if I copy a couple of files from infected computer to flash drive and then put them on clean computer that has Norton running ? Will Norton say, "oh look, here's a new file, let's run it through the virus-checker "?
I know it might be risky, but my sense is this virus was a nuisance one and didn't infect the data files, only the executables.
Thanks.
0
 
Alaska CowboyAuthor Commented:
not sure why this didn't close out properly, I assigned points. Checking with moderator.
0
 
Marc ZCommented:
yes, Norton should scan those files just fine. you could even have Norton scan them while on the flash drive.
0
 
Alaska CowboyAuthor Commented:
mtz, ok, good, thanks, I'll start with that.
still not sure why this question didn't close out cleanly, I awarded points in the normal manner, as far I as can tell.
0
 
Alaska CowboyAuthor Commented:
Thank you, _alias99
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

  • 11
  • 5
  • 2
  • +5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now