LocostBuilders - powered by XMB

Aargh laptop problem spyware

Paul TigerB6 - 5/5/08 at 05:52 PM

Hi all

Just after some help here as a bit of a computer numpty.

My laptop got infected with one of those rogue anti-spyware programmes and its not being picked up by Spybot S&D, Ad-aware etc etc. I have spent ages trying various trusted anti-spyware programmes but now have got to the point where my laptop is unbelievably slow and wont log onto the internet.

It seems that this spyware has turned off both Microsoft Security Centre and Task Manager despite me being the computer administrator.

Any suggestions on how i can get these back up and running at all?? I tried restoring to an earlier date but it wont let me.

RichardK - 5/5/08 at 06:01 PM

Have you tried doing a system restore in safe mode? If not would try that first. F8 key during boot up.

Rich

Paul TigerB6 - 5/5/08 at 06:07 PM

yep tried that and it was having none of it. Failed to restore to any previous restore point having tried 5 or 6 different dates in safe mode.

RichardK - 5/5/08 at 06:11 PM

What about going into msconfig (start button, Run box) and then unticking dubious start up items, on the services tab also tick the box to hide microsoft services then unticking starnge items to see if you can find out the process which is giving you trouble.

Rich

madmandegge - 5/5/08 at 06:17 PM

Tried running Spybot in safe mode? Not a definite cure but might help

[Edited on 5/5/08 by madmandegge]

Paul TigerB6 - 5/5/08 at 06:18 PM

quote:
Originally posted by RichardK
What about going into msconfig (start button, Run box) and then unticking dubious start up items, on the services tab also tick the box to hide microsoft services then unticking starnge items to see if you can find out the process which is giving you trouble.

Rich

I get a message box saying misconfig cannot be found!!!!

Just running Spybot again and its found 27 entries for smitfraud so i'll try and remove them using the fixes shown in the link (assuming i can get an internet connection to try Smitfraudfix)

Paul TigerB6 - 5/5/08 at 06:26 PM

Oh bugger!!!

linky

RichardK - 5/5/08 at 06:47 PM

it was msconfig but try the smitfraud util first if you can get it, I had a problem on a pc and had the to reformat to get any stability back to the system after smit, it's a nasty one, maybe nows a good time to get your data off and do a reinstall?

Rich

Paul TigerB6 - 5/5/08 at 07:15 PM

I really hope i dont have to do a reinstall Richard......but fear you may be right!!!

I'll try and manually try and get the Smitfraud virus off first and also try and get the internet connection back up and running with a reinstall.

mookaloid - 5/5/08 at 07:18 PM

This fixed it for me - it costs money though

Cheers

Mark

MikeRJ - 6/5/08 at 01:30 PM

quote:
Originally posted by Paul TigerB6
It seems that this spyware has turned off both Microsoft Security Centre and Task Manager despite me being the computer administrator.

Because of, not in spite of! The reason that Linux is so much less vulnerable to attacks is that the majority of users do not log in as Administrator unless they need to, whereas most home users run Windows as admin all the time which leaves the system wide open to any rogue applications.

[Edited on 6/5/08 by MikeRJ]

Paul TigerB6 - 6/5/08 at 02:19 PM

That makes sense then. I'm just running yet another anti-spyware programme and then will try running Smitfraudfix if i can copy it off this connection onto a CD and then onto my own laptop.

Failing that then i guess i will be doing a full reinstall of XP tonight. I have a recovery disk with my Toshiba laptop but not 100% sure that it is XP - it seems to be and comes with a warning about formatting the disk so can only hope. Failing that i'll be looking for some help with a copy in the local area i guess!!

Paul TigerB6 - 6/5/08 at 04:08 PM

well it got to the point where it would run in nothing but safe mode, wouldnt run any spyware, refused to allow me to load smitfraudfix off a CD, deleted me as a user just leaving an admin function and not allowing me any access to the loads of car pics i had (fortunately the ones i really wanted are in my photo archive!!).

Decided best thing was to just say sod it and have now used the recovery CD which did have Windows XP on it. So, just about to reload the broadband disk and then download spyware etc.

Any recommendations as to what software to download to hopefully prevent this happening again from the computer experts on here???

Cheers

britishtrident - 7/5/08 at 04:19 PM

You could have repaired Xp by running a virus checker from a rescue CD -- a few freeware ones around that have their own Linux boot system

http://www.inside-security.de/insert_en.html

or

http://trinityhome.org/Home/index.php?wpid=1&front_id=12

Down load the iso file and burn to a CD.

Top protect your rebuilt Xp install http://www.free-av.com/

Also download Hijackthis and run it immediately after install, use it to get rid of any stuff the restore disc put on that you don't want.
Then run Hijack this before and after installing anynew software to monitor any changes made to the windows registry.

http://www.merijn.org/index.php

[Edited on 7/5/08 by britishtrident]

Paul TigerB6 - 7/5/08 at 04:26 PM

I've already done a full reinstall using the recovery CD that came with my computer and its now working just fine (although i lost all my pics but never mind).

Are the above links recovery products or of use to me?? I've had a look at both and they go WAYYYYY over my head!!