ForumGarden

argh!

my kid ended up with "xp anti-spyware" malware on her computer and I had to do a complete reinstall which ended up unwell.

Sound isn't working, can't use windows update or any other useful tool. I managed to get service pack 2 on it but it ultimately hasn't done me any good. I'm thinking that computer will become my first experiment in ubuntu

thankfully I had a backup computer and another new one is on the way but... who comes up with these horrid viruses? I don't believe it's just for fun. I always follow the money and figure it has to be the people who sell the fixes for them. I couldn't find a free fix for this one and it prevented avg from running.

As for who constructs and sells at least some of these spyware backdoor trojans and zero-day exploit lists, US firms on government contracts do. HBGary did, incontrovertably. Black ops: how HBGary wrote backdoors for the government goes into detail and it's the best read of the year. Greg Hoglund, he's your man - the Ollie North of Washington spyware.

I clawed a Win7 laptop back a couple of weeks ago from the same state that XP machine got into, for the same reason, and I'm not going to install AVG again for quite a while, it's that which prevented the machine from booting. I've taken to Avast for the time being. If you do end up with an experimental Ubuntu machine between the two of you it'll be interesting to hear how you both get on.

My guess is within a few days you'll be asking yourself why it took so long to make the switch. Since it's your daughter's computer, you may want to permit her do the actual installation to get a hands-on feel from the get go, that might peak her interest too. Just go with the defaults during the install. Now you'll find out what it feels like to finally own your system yourself.

The two of you will do fine. There's plenty of assistance all around the internet.

Next time this happens and it will with kids and sites they visit Don't panic logoff and back on administrator, or in safe mode with network. Go to hard wired Ethernet cable wireless useless when this happens can't use wireless or download in safe mode. Download "MALWAREBYTES" do the updates it needs then run FULL SCAN. It will pick up the malware in question and allow you to run again when you can log on as yourself. No need to reformat your hard drive it is just a trojan fake on one desktop.

Now that you reformatted your are without your correct drivers. Get a thumb drive and Google your machine type on your other machine and download drivers needed. FIRST get your Ethernet driver and your wireless software and drivers, and move forward from there. If you machine came with a RESOURCE CD use it for drivers. Also generic drivers will work as well.

Until you get your ETHERNET drive installed you can't use the internet obviously or your wireless if it is connected through your ETHERNET with a modem.

I do at least 4 or more machines a month to get this lovely trojan off PC's. Always happens when the kids are using the PC and when they visit GAME SITES or sites that kids are drawn to.

MALWARE is ugly they sit waiting for people to logon to sites and BAM they hijack your toolbar, desktop, control panel and every other function. The Hijack is for the desktop top it happened on, not any others. From the others you can begin to remove it from your PC.

How much do you get for that these day's, Carla?

I'm cheap as it is usually family, friends or co-workers but it can happen to anyone. $75.00 an hour and if caught quickly that is all it takes me. They more than happy to pay me much more just to get rid of it. The key is to do nothing when it happen shut down and logon as administrator or in safe mode with network and go to wired internet connection and work from the desktop that hasn't been hit.

It's a peculiarly ugly problem, Carla. The combination of the particular infection and AVG results in a PC which won't boot in either normal or safe mode. Either you have the recovery disks to run a rescue from, or a live non-Microsoft utility CD to edit out AVG from the startup, or you're simply forced back to a factory reset.

This is true Spot sometimes I admit I have had to reformat one machine so far as I couldn't sneak in anywhere. The key is to shut down the minute it shows up on the screen to stop the damage. It is a step step process that takes time. Once you can get it into safe mode or administrator even then it can limp along until you can get malwarebytes to run. Being a DOS dinosaur come in handy if you can get to a command line. I keep a thumb drive always on me with the tools I need to hopefully get rid of the nasty devil.

Would we both like to mention "take regular backups" at this stage in the thread?

My motto "backup then backup the backup daily or at least weekly" Backup can save a lot of misery I even put drivers on backup as well.

This was definitely beyond repair for my level of experience as the machine was bought by her dad from a gamer with an illegal copy of windows, no recovery disks and completely built out of random pieces none of which had installation disks provided with purchase. It had an administrator account set to govern the whole system with a password also not handed over at time of purchase. The only thing that gave me hope was that I actually found the wireless device installation disk so we managed to get online to locate a service pack 2 download.

I'd rather install ubuntu on it than try to maintain an illegal copy of windows.

Look like your choices were ZERO once online it should update drivers in windows update or at least you can look at the devices in my computer and see what that are like the sound card and download the software.

That computer will probably become the household backup system, which is a really good thing. And I'm rather keen to find out what Ubuntu is like. I didn't have any luck using device manager to update drivers but that could be because there are no drivers for the problematic devices installed at all. I didn't take the time to thoroughly search for all the hardware as it was ticking towards midnight really fast and I wanted her to have a working system for today. Hence unplugging it and putting my old laptop in it's place. At least her monitor etc plugged into the laptop efficiently.

I hear you sometime its just easier to remove the problem luckily you had an extra Laptop. It will make a good backup PC.

spot;1355454 wrote: As for who constructs and sells at least some of these spyware backdoor trojans and zero-day exploit lists, US firms on government contracts do. HBGary did, incontrovertably. Black ops: how HBGary wrote backdoors for the government goes into detail and it's the best read of the year. Greg Hoglund, he's your man - the Ollie North of Washington spyware.

I clawed a Win7 laptop back a couple of weeks ago from the same state that XP machine got into, for the same reason, and I'm not going to install AVG again for quite a while, it's that which prevented the machine from booting. I've taken to Avast for the time being. If you do end up with an experimental Ubuntu machine between the two of you it'll be interesting to hear how you both get on.


I'm reading that link right now, btw. I am quite concerned with where these problems are coming from and how they might be part of a marketing ploy.

That's exactly what they are. They figure you will panic click on their link and buy their product as they have effectively locked you your desktop and for most their is nothing else to do.

part of a marketing ploy.

Here you are - a bit more on "who writes these things", from Forbes magazine. Rootkit viruses are central to what's being discussed by Congressman (or should I write Representative? I can never guess right) Hank Johnson.When those contractors using that kind of technology, developed pursuant to government contract and utilising American tax payer dollars, then turn the tools into domestic surveillance and marketing to business organizations, with the goal of discrediting and disrupting and actually destroying organizations that disagree with their clients, doing that domestically is like turning spying tools on the very people who paid for them. You should not use tools developed to get at foreign terrorist agents on American citizens who are choosing to exercise their first amendment rights.

Congressman Probing HBGary Scandal Fears ‘Domestic Surveillance’ - Parmy Olson - Disruptors - Forbes