Stupid Virus troubles (redux) (Read 1511 times)

  • The Shatmaster
  • Pip
  • Group: Premium Member
  • Joined: May 23, 2005
  • Posts: 168
At five this morning I came home trashed and got on the internet. Somehow, I seriously do not know how or remember wtf I did but somehow now I have a trojan and some other shit floating around on my computer; I was probably thinking "I'm too bad ass to be afraid of a little virus; in fact, lets expose myself and build up an immunity!" God damnit.

Anyway, I have no idea what to do. I am not attached at all to anything on the computer; it's pretty much a new installation of windows and all my stuff is backed up. What is the easiest way and what is the cheapest way of solving this problem. I don't mind junking the hardrive but I don't know what the deal with re-installing windows is; do I have to unregister my infected computer in order to re-register with the same CD-Key? Getting a new copy of windows is very cheap for me; 30$ but it takes time and I would prefer to be able to use what I already have. I also have a version of Windows XP x64 that I could replace my current x32 but they came packaged together although they have different CD-Keys. Are they really seperate or will windows not let me install a version of x64 and x32 on different computers because they were packaged together?

Also, is there a 'SURE-FIRE FREE' way to get rid of all of the viruses on my computer without having to wipe my hardrive?
Last Edit: October 31, 2007, 06:35:43 am by Fahrenheit Jr, Mr
  • BAA2U
  • PipPipPipPipPipPipPip
  • Group: Premium Member
  • Joined: Aug 7, 2007
  • Posts: 1403
formatting pretty much IS the sure-fire free way to do it. if you're not attached to anything on the computer, and backed up all your files, whats the problem?

you should be able to re register with the same CD key, so that shouldn't be an issue.
  • Avatar of JohnnyCasil
  • Comrade!
  • PipPipPipPip
  • Group: Premium Member
  • Joined: Jan 5, 2005
  • Posts: 453
How long have you had that copy of Windows installed, and what type of install is it?  Many OEM Windows discs allow you to install it multiple times without any trouble because they have so many 'keys' allowed.  Also, Microsoft's activation service only keeps your information in its databases for about 6 months IIRC, after that you can reinstall without worry.
  • Avatar of goldenratio
  • now das fresh
  • PipPipPipPipPipPipPipPipPipPip
  • Group: Member
  • Joined: Jun 27, 2002
  • Posts: 4550
Also, Microsoft's activation service only keeps your information in its databases for about 6 months IIRC, after that you can reinstall without worry.
Wait is this true? Do you have a reference for this? (im just curious)
Last Edit: October 29, 2007, 01:26:15 am by GoldenRatio
yes coulombs are "germaine", did you learn that word at talk like a dick school?
  • The Shatmaster
  • Pip
  • Group: Premium Member
  • Joined: May 23, 2005
  • Posts: 168
How long have you had that copy of Windows installed, and what type of install is it?  Many OEM Windows discs allow you to install it multiple times without any trouble because they have so many 'keys' allowed.  Also, Microsoft's activation service only keeps your information in its databases for about 6 months IIRC, after that you can reinstall without worry.

It's Windows XP Pro with Service Pack 2. I just received it, 2 maybe 3 weeks ago. My natural assumption would be that it would work but I only ask because I tried to use the disk I used to install XP from old computer on my current comp and it didn't work.

Quote
formatting pretty much IS the sure-fire free way to do it

This may seem like a stupid question, but I'm an idiot when it comes to hardware... when you reformat isn't the old data still there but the computer just flags it as free space so it can be overridden? So couldn't a virus be resistant to reformatting?
  • Avatar of JohnnyCasil
  • Comrade!
  • PipPipPipPip
  • Group: Premium Member
  • Joined: Jan 5, 2005
  • Posts: 453
Wait is this true? Do you have a reference for this? (im just curious)

I can't find the source I had for that, but I remember the person that said it was a credible source (I believe he was a Microsoft MVP).  I believe it to be true.

This may seem like a stupid question, but I'm an idiot when it comes to hardware... when you reformat isn't the old data still there but the computer just flags it as free space so it can be overridden? So couldn't a virus be resistant to reformatting?

If you do a quick format, the old data will technically be there, but the HD controller will return it as free space, so the virus couldn't rise from the dead.  If you are really concerned you could do a full format, which is do a more complete formatting of the data.
  • Avatar of losc
  • Also known as Pinecone
  • Pip
  • Group: Member
  • Joined: Aug 9, 2005
  • Posts: 177
Quote
I also have a version of Windows XP x64 that I could replace my current x32 but they came packaged together although they have different CD-Keys.

Unless you have a 64 bit processor the 64 bit edition of xp won't work.
  • The Shatmaster
  • Pip
  • Group: Premium Member
  • Joined: May 23, 2005
  • Posts: 168
how do I know if I have a 64 bit processor? All I know about my processor is it's a PIV; 2.2GHZ.
  • Avatar of losc
  • Also known as Pinecone
  • Pip
  • Group: Member
  • Joined: Aug 9, 2005
  • Posts: 177
Dont worry about doing that, the 32 bit edition should work anyway.
  • BAA2U
  • PipPipPipPipPipPipPip
  • Group: Premium Member
  • Joined: Aug 7, 2007
  • Posts: 1403
your processor isnt 64 bit, and the 64 bit version of xp isnt worth it anyways. especially not with vista out now.
  • "BOOSH"
  • PipPip
  • Group: Member
  • Joined: Aug 14, 2007
  • Posts: 284
Before doing anything 'drastic,' install and run these programs:



http://www.zshare.net/download/45362332424c38/
http://www.snapfiles.com/reviews/Ad-Aware/adaware.html
http://spybot.com/en/mirrors/index.html

Run AVG first, then the other 2.
If that doesn't work... You have one fucked up virus.
I'd suggest AVG over Norton or anything else.

Good Luck
  • The Shatmaster
  • Pip
  • Group: Premium Member
  • Joined: May 23, 2005
  • Posts: 168
First, thanks for all the help so far, guys.

I've decided to wipe my drive and reinstall - I don't think it's necessary to take any risks (in case an anti-virus doesn't get the whole thing or skips some of the viruses (there are, like, 7 of them)) especially since I don't care about the contents of my hard drive. Hopefully my CD-Key will work again - I suppose I'm about to find out...

EDIT - Well apparently it worked. I'm now posting from a virus-free computer...
Last Edit: October 30, 2007, 03:56:24 am by Fahrenheit Jr, Mr
  • The Shatmaster
  • Pip
  • Group: Premium Member
  • Joined: May 23, 2005
  • Posts: 168
Will shit, it's either still there or I got it again. Just a couple of minutes ago 'avast' told me that I have infected files. Is this likely that this is the same virus? My external hard drive was connected when I realized I had a virus. The first thing I did was copy an important folder to the external (containing only .java, .class, jpgs, pngs and .html - no .exes or anything, if that matters) then disconnected it from the computer until after I had reformatted. Is it possible that it jumped to my external hard drive or that the reformat didn't really wipe it out? When I first downloaded avast I ran a sweep of all of my hard drives including my external and it came up clean so I find it hard to believe that the same program which is now telling me my computer has viruses would have told me it didn't earlier unless this virus is actually new.

Any ideas or suggestions? I would just reformat; it's really no problem. But I don't want this happening again and again and again. Maybe I need to secure myself from internet shit some more?
  • "BOOSH"
  • PipPip
  • Group: Member
  • Joined: Aug 14, 2007
  • Posts: 284
Try those 3 files I posted. AVG is the best anti-virus program around.(In my opinion.) That should easily find and remove the virus.
Spybot will kill any spyware or any programs connecting to malicious sites, giving you more infections
And Ad-Aware will remove any leftover infections...

Good luck
  • The Shatmaster
  • Pip
  • Group: Premium Member
  • Joined: May 23, 2005
  • Posts: 168
Thanks, Killface. So far I've run AVG and it seems to be doing something... I'll try installing all three and then see where I'm at in a few days.
  • "BOOSH"
  • PipPip
  • Group: Member
  • Joined: Aug 14, 2007
  • Posts: 284
So, how's it going? Did they work, or did you still have do the unthinkable?
  • The Shatmaster
  • Pip
  • Group: Premium Member
  • Joined: May 23, 2005
  • Posts: 168
AVG says there's nothing for the past few times I've run it. I'm running Ad-Aware for the third time right now and so far it's found 4. I've run Spybot many times and it usually finds new things. There's one infected registry file that I can't delete; spybot find it and says it can't access it because it's running. It suggested I restart and have it run at start-up. I tried that a couple of times and it has the same problem - can't delete it. As I said, I'm still finding infected files every other time I run checks and this is after I reformatted.

Possibilities:
1) Didn't get wiped off the hard-drive. You guys tell me this is impossible and you're probably right.
2) It got onto my external hard drive before I reformatted and jumped back onto this computer after I reformatted. This is possible but when I ran a scan of the harddrive with AVG is says there's nothing wrong with it (but that may be wrong considering there are things the spybot and ad-aware have picked up that AVG hasn't).
3) The two virus problems are totally unrelated and I just happened to get reinfected when I connected back up to the internet.

Right now the noticable damage the virus(es) is doing is negligable; every now and then a blank Internet Explorer window pops up while I'm on the internet - this may be the virus trying to download crap, I'm not sure. But it's not too bad...

I want to get rid of this. I would just reformat if I thought it would help, but now I'm not sure. Am I just not protecting myself enough from the start, or what? I have no firewalls save the one that comes with Microsoft... I'm not downloading/running anything I'm not sure I can trust or ativating any ActiveX conrols.
  • "BOOSH"
  • PipPip
  • Group: Member
  • Joined: Aug 14, 2007
  • Posts: 284
It's Adware, I believe. Not as bad as a virus, but it can be extremely annoying. I had a Laptop that got infected with it, and everytime I had an Internet connection, countless blank pages would pop-up. They wouldn't stop until I ended the process...

Annoying, not damaging...Sometimes it can be. I think the problem is that registry entry. It detects your connection to the internet and downloads bullshit. Try running it without a connection, and find out what that registry entry is called. That way, you can end the process and erase it from there.
  • The Shatmaster
  • Pip
  • Group: Premium Member
  • Joined: May 23, 2005
  • Posts: 168
I don't know... I don't want to have to keep ending processes; I'de rather just reformat again but I'm hesitant to do that until I know what made the last reformat fail so I don't make the same mistake.
  • BAA2U
  • PipPipPipPipPipPipPip
  • Group: Premium Member
  • Joined: Aug 7, 2007
  • Posts: 1403
next time you format, update windows before connecting to the internet, also have a good firewall downloaded like zonealarm. and make sure that plus your antivirus are all set up before connecting to the internet