Where to begin waves of pain (any suggestions)

The Way Out

The Way Out

Wilds Pathfinder

Join Date: Aug 2007

In my peanut brain

Zomg Zombies [OMG]

Mo/E

04 Jun 2008 at 18:11 - 41
Quote:
Originally Posted by Painbringer
I will try this again I save the important stuff to a CD before the initial recovery

What if when I am done I still have the problem with the internet
Run the Winsock tool?
I was assuming you trying the Winsock fix already!

IslandHermet

Wilds Pathfinder

Join Date: Aug 2007

04 Jun 2008 at 18:58 - 42
Quote:
Originally Posted by Painbringer
popped in restore windows disk shut off and turned it on there was two options. Maybe i should do it again ?

I have done other ones and remeber a reformat process that takes a bit of time don't remember one this last time

Is the disk a (repair/restore) or a (full copy of windows xp home or pro)

If the disk is repair/restore only DO NOT REFORMAT because this is not a full install disk.
Most premade computers like the e-machines come with a green or blue windows disk that looks nothing like a full install disk you should be able to tell the difference.
If it is you can not do a full reinstall if this is the case I am sorry but you will have to buy a full install disk of windows xp home or pro. When you buy this make sure you get a FULL INSTALL and not the upgrade version (which costs around 100 bucks for the upgrade version) the full install last time I checked was 299$ could have gone up or down (since microsoft is trying to force us to use vista the price is iffy)


On a slow computer the reformat and formating the partition will take hours plus the hour or 2 it will take to install windows.

on a faster computer you can get it to take a hour or less.
just pop in a movie and check in on it every 30 mins or so.

Chthon

Grotto Attendant

Join Date: Apr 2007

04 Jun 2008 at 22:29 - 43
Quote:
Originally Posted by Painbringer
When I saw D marked as recover I am questioning myself as well. (Would it not say D: Drive Just like C: Drive) But I have never done one in XP May have clicked hasty i was in a bad mood at the time
Easy way to tell. If ANY of your old files is still there -- anything at all -- then you merely reinstalled, and did not reformat. If everything is gone, then you reformatted.

Painbringer

Painbringer

Furnace Stoker

Join Date: Jun 2006

Minnesota

Black Widows of Death

W/Mo

06 Jun 2008 at 15:17 - 44
I ran a win sock tool

I can now access the interent but it takes forever still to load ( I have to refresh and refresh and refresh) to pull up a page. I tried to down load Spy bot "search and destroy" to get a second opinion for my system. Well it went from a 4 minute download to a 5 hour 40 min one. K byte rate is so slow that it is slower than my old dial up. 5 - 7 maybe 9 bytes at a time when I am really lucky. Most downloads time out on me. My system on the other hand runs great when it is off the internet. I have a recovery disk not a restore disk so IDK if reinstalling will change anything

Sent a response to my Norton who knows

Have scanned my system and find no virus as of yet

Not sure what to do anymore..........maybe mow lawns for money to buy a new system

Tarun

Tarun

Technician's Corner Moderator

Join Date: Jan 2006

The TARDIS

http://www.lunarsoft.net/ http://forums.lunarsoft.net/

06 Jun 2008 at 15:41 - 45
If you're on a router, reboot that and your modem too.

Painbringer

Painbringer

Furnace Stoker

Join Date: Jun 2006

Minnesota

Black Widows of Death

W/Mo

06 Jun 2008 at 15:57 - 46
Quote:
Originally Posted by Tarun
If you're on a router, reboot that and your modem too.
Cable from wall spliced with a standard cable one to three for some tv's straight to a Cable modem then to a single computer no network of any kind

Reboot

1. As in turn off the power wait 5 minutes and turn back on (Actually unplug it)

or

2. Call the cable provider and wipe out the settings and start over with new from scratch reboot? (Under advanced there is a return to factory settings) This can be viewed when you visit the modems "Internet page" from Motorola

Beren985

Beren985

Academy Page

Join Date: Dec 2006

Spain

Caminantes de los Planos

Me/

06 Jun 2008 at 17:08 - 47
If you have completely reformated your system and the problem still persists, the answer is clear: your malware is in the bios . Just check what bios is your computer running, and download the newest version from the official site. Then install that new version and reformat your system, hope this clears your problem. It happened once to me and it is a pain but finally I solved it this way.

Tarun

Tarun

Technician's Corner Moderator

Join Date: Jan 2006

The TARDIS

http://www.lunarsoft.net/ http://forums.lunarsoft.net/

06 Jun 2008 at 17:25 - 48
Quote:
Originally Posted by Painbringer
Cable from wall spliced with a standard cable one to three for some tv's straight to a Cable modem then to a single computer no network of any kind

Reboot

1. As in turn off the power wait 5 minutes and turn back on (Actually unplug it)

or

2. Call the cable provider and wipe out the settings and start over with new from scratch reboot? (Under advanced there is a return to factory settings) This can be viewed when you visit the modems "Internet page" from Motorola
Generally you unplug each for about 30 seconds. No need to call your ISP.

Chthon

Grotto Attendant

Join Date: Apr 2007

06 Jun 2008 at 17:36 - 49
Quote:
Originally Posted by Beren985
If you have completely reformated your system and the problem still persists, the answer is clear: your malware is in the bios .
I very much doubt that.

Snograt

Snograt

rattus rattus

Join Date: Jan 2006

London, UK GMT??0 ??1hr DST

[GURU]GW [wiki]GW2

R/

06 Jun 2008 at 17:51 - 50
BIOS malware? I remember those rumours back in Win95 days.

Exist in the BIOS - no.

Affect BIOS settings - unlikely.

Painbringer

Painbringer

Furnace Stoker

Join Date: Jun 2006

Minnesota

Black Widows of Death

W/Mo

06 Jun 2008 at 18:03 - 51
Norton Forum is asking for my to try this scan and send Malware link which when i get home I will do ASAP.

My Bios last time I touched it was when I installed my X1550 Graphics Card a long time ago. Anyway I can't remember if it shows a last modified date on it anywhere in bios. (I will check next time i power on) When I reinstalled after recovery it did not reactivate the onboard graphics, so the order in which to boot up is still the same... not that that even matters but thought I would mention it.

fusa

fusa

Krytan Explorer

Join Date: Mar 2007

06 Jun 2008 at 19:18 - 52
Quote:
Originally Posted by Painbringer
Cable from wall spliced with a standard cable one to three for some tv's straight to a Cable modem then to a single computer no network of any kind
Have you tried using one cable directly from the wall to modem? I know theres some cable on the market that can't carry a video single, so might not be able to carry a single for internet.

Also try switch DNS servers, 208.67.222.222 and 208.67.220.220 or 4.2.2.1 and 4.2.2.2 are decent.

lakatz

lakatz

Wilds Pathfinder

Join Date: Jun 2006

06 Jun 2008 at 21:15 - 53
Quote:
Originally Posted by Chthon
I very much doubt that.
But he's probably still got malware anyway. "Slow internet connection" is a typical symptom for malware. Of course, it can be other things as well. Has anyone advised him to check how many processes he has running yet? That's a sure sign of malware.

Painbringer

Painbringer

Furnace Stoker

Join Date: Jun 2006

Minnesota

Black Widows of Death

W/Mo

10 Jun 2008 at 15:16 - 54
OK you are correct at least I think

I had a friend at work download Ad aware 2008 / spybot search and destroy/ CC Clean sweep

Needless to say Ad aware caught 40 items that nothing else did mostly cookies but one thing that did look different (fixed it and reset restore)

Spybot caught a windows security issue (fixed)

CC clean sweep (registry cleaner) I could be wrong on the name of it
Cleaned the system (Cleaned it)

Not even 90% sure it is gone but I am back and running on the internet and was pleased to be able to download the 17K files for Guild wars to load again (still have my Toons unaffected in anyway )

The Winsock tool I ran I think set up my Fireport (or the virus did) as a connection once I disabled my internet got alot faster. (still getting a little waves of bad to good pings while playing)

Got a free trial From Norton on "antibot" have it running to see if the nasty bug shows its face again.

Thanks for the help and suggestions

lakatz

lakatz

Wilds Pathfinder

Join Date: Jun 2006

10 Jun 2008 at 17:22 - 55
Quote:
Originally Posted by Painbringer
OK you are correct at least I think

I had a friend at work download Ad aware 2008 / spybot search and destroy/ CC Clean sweep

Needless to say Ad aware caught 40 items that nothing else did mostly cookies but one thing that did look different (fixed it and reset restore)

Spybot caught a windows security issue (fixed)

CC clean sweep (registry cleaner) I could be wrong on the name of it
Cleaned the system (Cleaned it)

Not even 90% sure it is gone but I am back and running on the internet and was pleased to be able to download the 17K files for Guild wars to load again (still have my Toons unaffected in anyway )

The Winsock tool I ran I think set up my Fireport (or the virus did) as a connection once I disabled my internet got alot faster. (still getting a little waves of bad to good pings while playing)

Got a free trial From Norton on "antibot" have it running to see if the nasty bug shows its face again.

Thanks for the help and suggestions
Great news! Thanks for the update.

The Way Out

The Way Out

Wilds Pathfinder

Join Date: Aug 2007

In my peanut brain

Zomg Zombies [OMG]

Mo/E

10 Jun 2008 at 17:32 - 56
Quote:
Originally Posted by Snograt
BIOS malware? I remember those rumours back in Win95 days.

Exist in the BIOS - no.

Affect BIOS settings - unlikely.
Hate to break the news to you, however, there are viruses that can target your BIOS.

Painbringer

Painbringer

Furnace Stoker

Join Date: Jun 2006

Minnesota

Black Widows of Death

W/Mo

10 Jun 2008 at 17:37 - 57
Does anyone know how to set the Task Manager back to default?

Somehow mine is only showing network connection just the graph. No other options other then close when it on

Let me know the bread crumb trail to get to the option to change back to default.

The Way Out

The Way Out

Wilds Pathfinder

Join Date: Aug 2007

In my peanut brain

Zomg Zombies [OMG]

Mo/E

10 Jun 2008 at 17:44 - 58
Quote:
Originally Posted by Painbringer
Does anyone know how to set the Task Manager back to default?

Somehow mine is only showing network connection just the graph. No other options other then close when it on

Let me know the bread crumb trail to get to the option to change back to default.
XP or Vista? Double-click the space between the frame and the box.

Painbringer

Painbringer

Furnace Stoker

Join Date: Jun 2006

Minnesota

Black Widows of Death

W/Mo

10 Jun 2008 at 17:53 - 59
Quote:
Originally Posted by The Way Out
XP or Vista? Double-click the space between the frame and the box.
XP

I will give it a shot next time I am on thanks

The Way Out

The Way Out

Wilds Pathfinder

Join Date: Aug 2007

In my peanut brain

Zomg Zombies [OMG]

Mo/E

10 Jun 2008 at 17:57 - 60
Quote:
Originally Posted by Painbringer
XP

I will give it a shot next time I am on thanks
No problem. I do this for a living. hehe

Grenths Ire

Grenths Ire

Academy Page

Join Date: Feb 2007

Lexington, Ky

N/

14 Aug 2008 at 00:24 - 61
I am curious, did you even try my advice?


I would be interested in knowing what the people at bleepingcomputer had to say about your log.

I am, however, probably wrong.

GL

Divinus Stella

Divinus Stella

Desert Nomad

Join Date: Nov 2005

Wales

Steel Phoenix

14 Aug 2008 at 01:12 - 62
I've had vundo before, (snip)

What i found was that it took a dump on my HOSTS file, so when i tried the usual google search for a fix it would often re-direct me to sites pretending to fix it but instead just offering more malware to download, basically all the problems you have are the same as what i experienced.

If you can try using a friends PC thats not infected and search for Vundofix in google, try find an at least half-reputable source and download it and use it on your infected machine, it worked for me to some extent but as with all of those malware programs they seem to have lasting damage even after removal so if possible you should do a fresh install.

In future keep Spybot installed and use its resident malware blocking, that seems to keep away all malware provided you update it, it works for me and i dont bother with anti-virus. (snip)


you know what I deleted and why - we do not condone what was contained in the deleted portions of this post. --Snograt