Shit shit shit.

[hazliya]

Posting from elenuial's computer. Mine is useless.

Some stupid virus/spyware got into my computer last night somehow. It started by changing my background and taking out the option to change said background, then made it so that whenever I booted up, five seconds in to moving around on my desktop, the desktop freezes. Anything else that is running gets frozen, and an installation tool pops up for something I've never heard of.

*sigh*

What are my options here, people? I really don't want to have to wipe it. There's a lot on that hard drive that I haven't backed up yet.

Anyone got any ideas?

-H

Comments

[londo.livejournal.com]

There are ways of dealing with this. They can take several hours of walking over to the computer, hitting a few buttons, and walking away for 90 minutes, but they usually restore your computer pretty effectively, and the worst-case scenario is that all your documents/data/etc can be recovered, but you'll have to reinstall all your programs and re-twiddle settings.

I have the know-how but am probably not your guy logistically speaking.

[laurion]

What he said.

[dncingmalkavian.livejournal.com]

Try AVG Free Edition, and especially SpyBot S&D (Search and Destroy). I was having the same problem recently, and as long as you keep SpyBot updated, you shouldn't have any problems after installing it and running a check. It also lets you immunize your files, and recovery after changes to your system.

I was considering wiping mine, too, until someone shoved that program at me. It's also free.

[laurion]

Also Lavasoft's Ad-aware.

[dncingmalkavian.livejournal.com]

Yes, Ad-aware is also fabulous.

[mariaklob.livejournal.com]

I would try booting in Safe mode (hitting F8 somewhere in the boot process, I forget exactly where). That cuts out a lot of startup programs and services, which may give you the wiggle room you need to install Spybot - S&D or whatever other tool is available.

[dncingmalkavian.livejournal.com]

Seconded. It might be F2 or F12, it'll tell you what key to hit on one of your loading screens in DOS for the Boot Menu.

[draike.livejournal.com]

Thirding this one. And while you're in safe mode- back up as much of your hard drive as you can, just in case you end up needed to wipe the drive anyway.

[purple-dj.livejournal.com]

There are ways of safely copying your stuff off before you wipe it. You need a spare drive big enough to hold whatever you want to save, and the patience to go through the whole drive and cherry-pick just the files you want to back up. If you just copy everything, you'll probably end up copying the virus as well. External USB drives are easiest to backup to, but regular internal hard drives can do the job faster if you're willing to open the computer to temporarily install one.

Anyways, short version, you need a clean rescue boot disk. Hook up the backup drive to the computer, boot up from the rescue disk, and then you should be able to copy files between the two drives in a virus-free way. I recommend SystemRescue CD (http://www.sysresccd.org/) if you're comfortable with Linux.

The long version is a bit more annoying since you need to know which drive is which, how to access them from a non-standard bootup, and how to search for and copy files between them in a non-sucky way.

Any veteran Linux user should be able to help walk you through it if you decide to try this with SystemRescue CD.

Of course, you may be able to find non-Linux rescue disks as well, but I don't know any personally. I happen to like the Linux one. :)

[ecmyers.livejournal.com]

It isn't trying to install "Antivirus XP 2008" by any chance, is it? This thing is all over the place. If so, there are lots of directions to remove it online, including here: http://www.bleepingcomputer.com/malware-removal/remove-antivirus-xp-2008

You probably need to start in Safe Mode, stop the application from running, then start deleting it and strip it from your registry. You also should run some spyware removing software: Malwarebytes' Anti-Malware is recommended.

Good luck! These things suck.

[relique.livejournal.com]

I had to deal with that one REMOTELY, it got on my parent's computer. Damn that was annoying.

[hazliya.livejournal.com]

THAT'S THE FUCKER.

Man, I'm so glad someone else has dealt with this crap too. I finally managed to get it so that I could run in safe mode, and started running a full system scan with norton. I'll see what else I have to do from the article.

You're a lifesaver! =D

[ecmyers.livejournal.com]

Good luck! It happened to my work computer, and I did a lot of research to try to take it off myself. While I was fixing it, the IT guy came over and saved the day. It's a really pernicious program, and hides itself on really innocuous sites, even if you're using Firefox to prevent 99% of this crap from infecting your system.