loumeinhart 0 #1 August 11, 2010 Also can only run .exe's from ctrl-right click -run-as (unchecking admin box) I don't have any backups or restore points. I can run regedit from \windows with the right click trick. IE works but is only useful in safemode. The computer websites suck so I'm trying skydivers Quote Share this post Link to post Share on other sites
airricks 0 #2 August 11, 2010 Have you tried downloading malwarebytes and running a scan? That seems to get rid of a lot of stuff. Although I've seen times where the malware won't let you download malwarebytes, or even install it if you download on another PC and move it over. Worth a shot though. Sometimes the least time consuming thing I've found is formatting and starting fresh, sucks without a backup though. Quote Share this post Link to post Share on other sites
DigitalDave 0 #3 August 11, 2010 D/L Malware Bytes onto a thumb drive on a different computer or something and install it in Safe Mode. Run it in Safe Mode, then boot up in normal mode, update Malware Bytes, then re-run it. I've had success doing it that way on three computers. Quote Share this post Link to post Share on other sites
masterrigger1 2 #4 August 11, 2010 Go to microsoft.com and download the malware stuff they have. Then down load Microsoft Essentials. It's free and works great! MELSkyworks Parachute Service, LLC www.Skyworksparachuteservice.com Quote Share this post Link to post Share on other sites
PhreeZone 20 #5 August 11, 2010 Where is the malware redirecting you to and is it creating popup IE windows? If you search on google are all results redirected??If you do a reboot is it REALLLLY slow to start up? If so try TDSSKiller.http://support.kaspersky.com/viruses/solutions?qid=208280684Yesterday is history And tomorrow is a mystery Parachutemanuals.com Quote Share this post Link to post Share on other sites
buff 0 #6 August 11, 2010 Boot into safe mode Run - Regedit Look in HKLM-Software-Microsoft-Windows-Current Version- Run Look for a key that does not look right. Something random with tssd in it or sitting in a \Local Settings folder. That will probably be your malware. Note the path and then search the registery for every instance and get rid of the keys. Then go delete the program itself. If you don't feel comfortable doing this, pay someone or get a MAC.It's called the Hillbilly Hop N Pop dude. If you're gonna be stupid, you better be tough. That's fucked up. Watermelons do not grow on trees! ~Skymama Quote Share this post Link to post Share on other sites
ifall 0 #7 August 11, 2010 Malware Bytes is a good one to use but I've found it will not run with a lot of the latest viruses. Another I like is Housecall by Trend Micro. I found some root kit viruses on someone's computer last week that housecall was actually able to remove. Restart into safe mode with networking then go here http://housecall.trendmicro.com/ Run a full scan not the quick one. edit to add: After you run once do the fixes reboot back into safe mode download housecall and repeat until you have 0 threats found, then do it one more time. Quote Share this post Link to post Share on other sites
muff528 3 #8 August 11, 2010 QuoteBoot into safe mode Run - Regedit Look in HKLM-Software-Microsoft-Windows-Current Version- Run Look for a key that does not look right. Something random with tssd in it or sitting in a \Local Settings folder. That will probably be your malware. Note the path and then search the registery for every instance and get rid of the keys. Then go delete the program itself. If you don't feel comfortable doing this, pay someone or get a MAC. Yes, we had one computer at work become afflicted with a nasty hijacker called webantispy. It took over the browser and blocked exe files from being run. It also falsely reported trojan infections. It put stuff all over the registry. That's exactly how we fixed it. Found instructions on the internet to remove it manually. (at least I hope it's fixed) This sounds like something very similar. Quote Share this post Link to post Share on other sites
loumeinhart 0 #9 August 11, 2010 thanks everyone I'm going to try this stuff when I get home tomorrow. IE works in safemode so I will first try to get/run malwarebytes there. Now I also know what to look for in regedit. I found spybot on the system so that is running currently in safemode but had to leave the house. Ill let you all know how I fare..if you care Quote Share this post Link to post Share on other sites
Guest #10 August 12, 2010 Geez, why are you using IE at all? Why try to patch something to fix a vulnerability that shouldn't be there in the first place? Download and install Firefox, then add the "No-Script" plugin. Drive-bys will be in your rear-view mirror. Or just run Linux. End of story. mh ."The mouse does not know life until it is in the mouth of the cat." Quote Share this post Link to post Share on other sites
PhreeZone 20 #11 August 12, 2010 Mark, even Firefox can be hijacked with the NoScript plugin. I know for a fact that TDSS hooks at the Atapi driver during preboot and intercepts all calls so if it sees a call to any browser it will hijack it and poison all Google search results. Its nice and will try to mask the hash of the sys driver to make it appear untouched. Linux and Mac are not immune either, its just they are not profitable enough to dedicate all the time towards like Windows is right now. You get Linus on 60% of the desktops out there and you'll see the same volume of malware targeting it.Yesterday is history And tomorrow is a mystery Parachutemanuals.com Quote Share this post Link to post Share on other sites
loumeinhart 0 #12 August 12, 2010 QuoteOr just run Linux. End of story When I have some free time I'd like to throw redhat on an old machine to setup a router for my house. Can I do that with cable internet? Quote Share this post Link to post Share on other sites
theonlyski 8 #13 August 12, 2010 format c: /q /s /autotest Atleast, that was the easiest way back in the day! (dont actually run it... really!)"I may be a dirty pirate hooker...but I'm not about to go stand on the corner." iluvtofly DPH -7, TDS 578, Muff 5153, SCR 14890 I'm an asshole, and I approve this message Quote Share this post Link to post Share on other sites
theonlyski 8 #14 August 12, 2010 QuoteQuoteOr just run Linux. End of story When I have some free time I'd like to throw redhat on an old machine to setup a router for my house. Can I do that with cable internet? You can do just about _anything_ with linux. Hell, a Windows box can do internet connection sharing, routing and remote access isnt too terribly difficult to set up on the server systems. Great thing about redhat is... well, all you have to do is google something like 'use redhat as nat router' and bam! 500 sets of instructions."I may be a dirty pirate hooker...but I'm not about to go stand on the corner." iluvtofly DPH -7, TDS 578, Muff 5153, SCR 14890 I'm an asshole, and I approve this message Quote Share this post Link to post Share on other sites
DigitalDave 0 #15 August 13, 2010 Don't use Red Hat Linux. They stopped supporting and making updates to it years ago. Quote Share this post Link to post Share on other sites
loumeinhart 0 #16 August 13, 2010 IE connects in safemode only. No connection in normal windows environment... Quote Share this post Link to post Share on other sites
PhreeZone 20 #17 August 13, 2010 Have you been able to run a virus scanner on the system that is updated? Did it find anything? Did you happen to run the tool I linked earlier?Yesterday is history And tomorrow is a mystery Parachutemanuals.com Quote Share this post Link to post Share on other sites
