Hardware Canucks

Hardware Canucks (http://www.hardwarecanucks.com/forum/)
-   O/S's, Drivers & General Software (http://www.hardwarecanucks.com/forum/o-ss-drivers-general-software/)
-   -   Virus problem...Help (http://www.hardwarecanucks.com/forum/o-ss-drivers-general-software/9523-virus-problem-help.html)

Kilauea August 21, 2008 07:23 AM

Virus problem...Help
 
Hello,

Yesterday I went to check the problem my father was complaining about on his computer. First I checked for spywares with ad-aware because there was a thing stating there was a spyware. Then, I ran Hijackthis and removed some Braviax.exe related things. Then I found and cleaned 81 virus(trojan related) with AVG. He doesn't keep it updated, so the database is probably a week old(last time I updated it). The problem is that the issue was not solved.

I continued to check it out, but the computer is acting in a more and more troublesome way. It freezes a lot, well on screen everything is fine, but the mouse and keyboard freeze. I tried to scan from USB, but it was hell cuz it was always freezing and when I went back to my computer, I had to clean my USB key cuz Avast was detecting a virus.

Anyway, many scans and attempts of scans later, the computer doesn't show as if it was infected by spyware, but there are still viruses and it still freezes a lot.

I am wondering if I could pop my HDD which is IDE in his computer(he has IDE cables) and set it as a master while I'd use his SATA HDD as a slave and then I could run my up to date Avast antivirus on his HDD.

Other than that I don't know what I can do. I am having lots of problem with my internet too, my router seems to be dead and that is the computer that was connecting through the router. And I hesitate to connect it to the Internet even tho I wished I could just run Kaspersky free trial or Trendmicro's online scan.

Right now, I am doing a third(or fourth) attempt at running AVG with oudated database. Actually to be very precise: I have 270.6.5/1620 when the latest would be 270.6.6/1625.
I actually downloaded those and tried to put them on his computer to update without Internet and I could not do it. Didn't even manage to get to the point where I could transfer from USB key to his computer.

CMetaphor August 21, 2008 07:32 AM

#1 - Your hard drive idea won't work unless your system is almost exactly the same as his, otherwise you'll have to reinstall windows.
#2 - Don't bother trying to clean a virus infection from regular windows. Go into safe mode and start from there (after you install/update an programs you plan on using).

I'd also recommend Spybot to try removing the remaining viruses, it's updated often.

Squeetard August 21, 2008 07:38 AM

Can you get on the internet with his computer?

If so, go here:

F-Secure Support pages: F-Secure Online Virus Scanner

Run the online scan tool. Best virus and spyware remover ever. gets stuff AVG and others miss.

Kilauea August 21, 2008 07:49 AM

I forgot to mention, I have gone in safe mode, but even there the computer would freeze regularly, but I admit I haven't tried running AVG for an entire computer scan there. All I did was try to update the Antivirus in order to then run it, but since updating failed, I stopped there.

As for Internet, I probably do have a connection, but I am unsure if the computer would just freeze or not, because that's usually what it does.

I'll attempt what you guys said after my scan is complete.

CMetaphor August 21, 2008 08:24 AM

In my experience, freezing in safe mode = hardware problem. It's possible his hard drive or ram is having issues. Safe mode should run smoothly without freezing even if there are viruses on the system.

Kilauea August 21, 2008 08:33 AM

Well for now the scan is going fairly well, its been 1 hour 23 minutes, it has not frozen yet and 53 infections hve been found.

As for the hardware problem, I would think you could be right. In the past 2 weeks, I was aware of the electricity being shut 3 times for maintenance and even tho this computer is on a surge protector, I guess you could be right. I mean, besides his issues, there is also the fact that in the past 5 days, my surge protector failed and my router seems to be failing too.

BrainEater August 21, 2008 08:34 AM

hmmm.

My first advice would be to stop trying now , save what data you can , and blow away windows (format/reinstall).I say this because it could take much much longer to clean what you have.

I'll give you a quick primer on trojans/virii since I've removed a few , and you'll see what I mean.

Now they don't all work this way , but a lot of the time the original 'Infection' is merely a 'downloader-installer' . It's this program your antivirus will find and clean , but if it's had a chance to do it's job , it's too late.You'll now have 5-10 smaller , unnamed programs running , the AV will not always get , and these are the ones that do the dirtywork.This group of smaller programs is also capable of a)preventing successful AV use , but b) detecting when bits of itself have been deleted/cleaned ,and promptly re-downloading them.

There's one last thing about the smaller downloaded bits that makes them difficult.A lot of these trojans are designed to make the host into a 'bot' . This means the smaller downloaded programs are dynamic (because the people running the 'botnet' can change them quickly), and that means your AV won't find them.

If you want to actually clean this , your going to have to do a lot of detective work.Many hours.Start by identifiying what processes are running that don't belong , then start hunting thru the registry for applicable entries to that process...This will lead you to others , etc.....

From the size of the infection you describe however , this might be a losing battle , as you probably have more than 1 species of bugs running around in there....

GL !

BrainEater August 21, 2008 08:40 AM

Unless you plan to run in safe mode forever , trying to hunt down a virus or trojan from there isn't gonna help.

Kilauea August 21, 2008 08:47 AM

Ya, that is something I fear, this is a store bought computer and I have never installed windows, but we'll see... The other problem is that the HDD on this computer is bigger than anything I own. Not that its hard to be bigger than my 40Gb HDD. However, I guess I would have to do as u said, but I will see what happens here. I don't want to touch too many things on the computer while the AV is running by fear of it freezing again.

BTW, the virus as named by AVG is Trojan horse Agent_r.G

khelben1979 August 21, 2008 08:54 AM

Try the Sophos Threat Detection Test. It's free! Hope it can remove some nasty things over there.


All times are GMT -7. The time now is 11:28 PM.