Another tech bleg

My son is home from law school, which is terrific. He brought his laptop, which apparently has a good, or a series of good, malware programs.

The combo has it so his IE won’t go to windows update, other addresses get hijacked in the browser, and it seems to prevent Spybot Search and Destroy from launching. Likewise Adaware.

I tried running Spybot from a copy on USB, no luck. The antivirus cannot find it, let alone fix it.

Ideas?


Comments

  1. Try to do it in safemode. Press F8 after the BIOS, before entering the bootscreen.

  2. Dare I say (unproductively)?
    Consider a Mac…

    I have nothing productive to add.

  3. aParamedicwhoknows says:

    Try windows ultimate boot cd ( http://www.ubcd4win.com/ ) You will need a copy of windows to make the full cd, if you don’t have it I could always send you a copy I made myself (but it is like 600mbs). It basically boots the computer into a linux setup like windows and has tools installed that allow you to do all sorts of fun stuff. Email me if you need anything.

  4. aParamedicwhoknows says:

    I should mention it only works with xp…if he has vista let me know and I’ve got something else for that.

  5. Before you do anything, be sure to update spybot. Then, as mentioned above, boot into safe mode WITHOUT networking. Run Spybot. You may have to run it multiple times (it usually will know to do it and will say something like run again upon restart or some such).

    Turn off Adaware while you do this. In some systems, it and Spybot “clash”.

    Got to run (in a hurry) but will check in later.

  6. Another quick thought… If spybot won’t update, try these options: Boot into safe mode WITH networking and try. If that won’t work, download the update file on another computer and then update. Which version of Windows? (XP or Vista, and which version of it?)

  7. Remove all antivirus programs. Search the web for tools to finish the removal and finish the removal. Go to http://www.clamwin.com and install clamav. Run the update. Scan.

    Otherwise, download a linux recovery CD, burn to disk. Boot off of it. Attach an external drive. Remove all critical documents. Format. Reinstall. Install Firefox for marginally safer browsing.

  8. Flighterdoc says:

    Install firefox, run spybot and adaware from it…Then, uninstall IE

  9. Sounds like your son got a Trojan which is hiding in his system. Best and easiest advice (read: no boot cd required) is to download a trojan removal program from another computer and run it on your son’s computer via USB.

    My personal recommendation would be Trojan Remover by Simply Super Software. Best part- it’s free to try for 30 days, and he should only need it for about 20 minutes to fix the problem. Download at http://www.simplysup.com/

  10. Zone alarm makes some free programs, and some available at nominal cost. I’ve used it to untangle the mess my son made of my one Windows computer at home.

  11. Any chance it’s a Dell with a recovery partition? While a drastic step, I’m quite fond of pulling off the documents/media to an external HD and letting the restore program clean things up to factory freshness. The downside is that software license keys/the software itself/etc gets completely wiped out, but with Microsoft Update and some time, it’s pretty easy to patch the OS back to freshness, and then you just reinstall the stuff you really want. Slide the media/documents back on after the software is installed, et voila.

    It also serves as an object lesson in the perils of what happens when you install software from untrustable sources. ;0)

  12. There is a good online FREE site which cleans and fixes, too… Housecall at trendmicro’s site.

    Yes, sounds like a trojan and the cleaner is another good idea. If you boot into safe mode, you won’t need to turn off /uninstall antivirus.

  13. When I am not dealing with diabetes, I’m the campus technologist at my school.

    The best thing to do is pull all the documents all of the computers and completely reload the OS from scratch.

  14. I always forget this — and it works like a champ.

    Do a system restore, I recommend pick a point BEFORE he went to campus.

    Yes, it works. I once did a system restore from 6 months ago, and the computer was fine once it picked up all the Windows Updates.

  15. Hope you have it fixed already. System restore will only fix any system files that the trojan(s)/virus(es) have modified. It won’t get rid of the perpetrator.

    If backing up files prior to restoring an OS, then restoring, you run the risk of putting the bugger(s) back on. The best thing is a good cleaning. And that might take some system files and/or some program files which may have to be reinstalled, but typically it doesn’t.

    You WILL want to make sure you have a restore point which is a “clean point” after you get it cleaned. Get rid of the ambiguous restore points.

    If you know the name of the trojan/virus(es) you are trying to get rid of, antivirus.com has great instructions with downloads to help.

    Hope things are ok now.