locked
Serious malware problems

    السؤال

  • My son is home from college for the summer and he is having trouble with serious malware issues on his laptop.  He gets official looking security warnings claiming Trojan Downloader.XS has been found and telling him to click here (which he was smart enough to not do).  But things kept getting worse and worse - many many pop-ups with these security warnings.  It got to the point that it took over the background with a blue warning screen, and the screen saver was converted to a bunch of black bugs crawling around - complete with droppings.
    We were able to run Spybot Search & Destroy (which was already on the machine)

    and it found 80 - 90 items and said it deleted them.  But if we immediately reran Spybot it still found 80 - 90 again.   No matter how many times we ran it.  And, the IE still would not run some sites.
    We then tried to go to other malware sites -- like Malwarebytes, Hijackthis, etc. and they appear to be "blocked".  After I type in the URL and hit return, the hourglass comes up and then goes away.  The status line on the bottom of the screen also changes from "Opening page & the URL", to "Connecting to 127.0.0.1", which goes nowhere.  Even if we trick it and get the program to the desktop, when we click on it, the hour glass comes up for a minute and then goes away - and nothing happens.  Things deteriorated to the point Internet Explorer would not even load up.  I thought that I added my Microsoft OneCare to his machine, but as I look at it closer it would seem I started another 90 day trial.  In any event, it ran, found & deleted lots of stuff.  Things were noticely better, but still not good.  We had to run the PC in safe mode to get IE up and get on the internet. Sometimes it will load up in regular mode, but there are still serious problems: - many websites still appear to be blocked.  Anyone that is remotely related to malware fixes. - the malware programs that we do get to the desktop still won't run.
    Do you have any suggestions as to how to fix this?
    Thanks
    Terry Keating

     

    16/جمادى الأولى/1429 10:11 م

الإجابات

  • If you have a subscription to OneCare, you need to activate the copy on your son's laptop using the *same* LiveID that is on your PC for the subscription - Help/About in OneCare.

     

    If the PC is very badly infected, it may be worth biting the bullet, as it were, and restoring it to factory condition with the manufacturer's restore process - either a key combination at startup to invoke the restore, or a set of CDs or DVDs to boot from. Of course, all data will be lost, so copy the data off to an external disk and do a full virus scan of the data files.

     

    If you don't want to do that and want help with cleaning up the malware, as a OneCare subscriber, you can contact OneCare support. (This is also available to trial users via email.)

    How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

    If you are in North America, you can call 866-727-2338 for help with virus and spyware infections. See http://www.microsoft.com/protect/support/default.mspx  for details.  For international information, see your local subsidiary Support site.

     

    If you'd rather work through community support, you may want to try the forums here: 

    http://aumha.net/

     

    -steve

    17/جمادى الأولى/1429 12:37 م
    المشرف

جميع الردود

  • You can get phone support for malware removal - 1-866-727-2338 . You could also use One Care support but with limited connectivity phone support is a better option.

     

    17/جمادى الأولى/1429 12:35 م
    المشرف
  • If you have a subscription to OneCare, you need to activate the copy on your son's laptop using the *same* LiveID that is on your PC for the subscription - Help/About in OneCare.

     

    If the PC is very badly infected, it may be worth biting the bullet, as it were, and restoring it to factory condition with the manufacturer's restore process - either a key combination at startup to invoke the restore, or a set of CDs or DVDs to boot from. Of course, all data will be lost, so copy the data off to an external disk and do a full virus scan of the data files.

     

    If you don't want to do that and want help with cleaning up the malware, as a OneCare subscriber, you can contact OneCare support. (This is also available to trial users via email.)

    How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

    If you are in North America, you can call 866-727-2338 for help with virus and spyware infections. See http://www.microsoft.com/protect/support/default.mspx  for details.  For international information, see your local subsidiary Support site.

     

    If you'd rather work through community support, you may want to try the forums here: 

    http://aumha.net/

     

    -steve

    17/جمادى الأولى/1429 12:37 م
    المشرف
  • Steve:

     

    Thanks for the info!  I did open a case with an online chat last night.  They worked through a couple of attempts to get the online scan to run - but to no avail yet.  I am getting less and less optimistic that we can fix this laptop without reloading.  But we still have a couple things to try!

     

    I am not too much of a computer jock, but I have to tell you that navigating around these Microsoft sites is confusing.  I never seem to know where I am nor where I've been.  The link above to the automated online help area is particularly frustrating as the topics listed never seem to match "my" problem.  And the additional link to get specific help are burried and not very intuitive.  Just my $.02 - full well admitting that I am not very computer literate!

     

    Thanks again for the help ad advice!

     

    Terry

     

    17/جمادى الأولى/1429 03:21 م
  • You're welcome, Terry, and best of luck to you. I fully agree with your assessment that navigating the Microsoft help site is sometimes a less than satisfactory experience!

    -steve

     

    17/جمادى الأولى/1429 03:25 م
    المشرف
  • I had to take my computer down and have it wiped as the bugs ate through everything and it couldn't even load up. I am vulnerable now as I had them save some files for me and my computer isn't the same anymore. I don't know what this is and it seems to be coming back. Deborah

     

    26/جمادى الثانية/1429 08:00 م
  •  Deborah Dimmick wrote:
    I had to take my computer down and have it wiped as the bugs ate through everything and it couldn't even load up. I am vulnerable now as I had them save some files for me and my computer isn't the same anymore. I don't know what this is and it seems to be coming back. Deborah

     

    Deborah,

    If you are using Windows Live OneCare and you have been infected, but OneCare did not detect or cannot remove the malware, please contact support to report this and for help with removal.

    How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

     

    If  you are not using Windows Live OneCare, you are off topic for this forum. This is not a general forum for viruses, spyware, or Windows Help. For help with spyware issues, you may want to try the forums here: 

    http://aumha.net/ For help with virus removal, contact the maker of your Antivirus program.

    If you are in North America, you can call 866-727-2338 for help with virus and spyware infections. See http://www.microsoft.com/protect/support/default.mspx for details. For international information, see your local subsidiary Support site.

     

    -steve

    27/جمادى الثانية/1429 01:27 م
    المشرف