View Full Version : Computer possessed, please help!
Sexyredhead
06-01-2004, 11:15 AM
My
office computer is completely insane today. I've run Symantec, Ad-Aware, and Spy-Bot, and there's STILL something
on my computer that keeps loading a bunch of pop-ups and weird programs. And today, I can't get IE to stay open. It
will open, then I get an "illegal operation" and it closes. :\ I can open Netscape, but I can only read. If I try
to PM/email someone, or download anything (such as Opera so I've got a new browser), I get an "illegal operation"
and it closes.
Can anyone suggest anything? I'm at home now for lunch. I've been working on that computer
all morning. I uninstalled IE, then installed it again. That didn't work. I'm about out of ideas, with the
exception of taking out my lower window panel and shoving the whole thing out into the parking lot. >:\
JustPeachy
06-01-2004, 11:26 AM
Download a copy of hijackThis.
It's free, and will show you where the registry entries are that got left on your computer.
Sexyredhead
06-01-2004, 11:31 AM
Thanks, but I can't run it
on my office computer. I have ancient W95, and just about nothing works on it. :\ (I hate school!!!!!)
I'm
gonna download it for home though, thanks! :)
I'm wondering if maybe I deleted a file in my righteous
adware-destroying zeal and now I've screwed something up? :confused:
DZorro
06-01-2004, 11:56 AM
Thanks, but I
can't run it on my office computer. I have ancient W95, and just about nothing works on it. :\ (I hate
school!!!!!)
I'm gonna download it for home though, thanks! :)
I'm wondering if maybe I deleted a
file in my righteous adware-destroying zeal and now I've screwed something up? :confused:
I
doubt that, ad-aware only deletes, spyware in the registry, so it might be either a virus, or a worm, messing with
your computer.
The best thing to do , start the computer with a clean boot disk, and then use a antivirus
software, and see if your antivirus software, detects what kind of virus is on your computer and remove
it.
Dorro,
beachboy
06-01-2004, 11:56 AM
What about installing Windows XP
:D
DZorro
06-01-2004, 11:57 AM
oh and make sure your clean
bootdisk is write protected, or the virus could infect the clean bootdisk as well.
DZorro,
DZorro
06-01-2004, 11:58 AM
What about
installing Windows XP :D
That is a bit drastic. You could always try my idea first , if that
doesn't work.
You could always reinstall windows.
DZorro,
JustPeachy
06-01-2004, 12:04 PM
That is a bit
drastic. You could always try my idea first , if that doesn't work.
You could always reinstall windows.
DZorro,
IIRC, reinstalling Windows 95 won't clean up the registry. If you've powered the machine down
for a couple of minutes and still see the same stuff when you power up again, then I'm pretty sure that's where
the problem lies. You don't want to dump the registry as anything but a last resort, as you'll have to reinstall
all your other software as well.
DZorro
06-01-2004, 12:12 PM
IIRC,
reinstalling Windows 95 won't clean up the registry. If you've powered the machine down for a couple of minutes
and still see the same stuff when you power up again, then I'm pretty sure that's where the problem lies. You
don't want to dump the registry as anything but a last resort, as you'll have to reinstall all your other software
as well.
your right, it won't. could regcleaner help in a situation like this ???
We don't now
if it's a virus, worm or registry malfunction. But hearing at the problem, i still think it's a virus that's
causing this it's screwing up her registry on her computer, that's why she's getting illigal operation and that.
So a clean bootdisk could help, and then use an antivirus software. To remove any virus who's on her
coputer.
DZorro,
JustPeachy
06-01-2004, 12:54 PM
your right, it
won't. could regcleaner help in a situation like this ???
We don't now if it's a virus, worm or registry
malfunction. But hearing at the problem, i still think it's a virus that's causing this it's screwing up her
registry on her computer, that's why she's getting illigal operation and that. So a clean bootdisk could help, and
then use an antivirus software. To remove any virus who's on her coputer.
DZorro,
Possible. But
regcleaner is more built to clean up dirty linkages inside the registry than to get rid of any nasty additions. And
the antivirus stuff won't clean up spyware. I've seen the illegal operation message with some spyware before -
that's what makes me think it's spyware. But even a bug in a program can cause that error. But, heck - we're
talking Win95 here. It's old, slow, funky, and it's not well supported any more. It has a bunch of limits of file
sizes, disk limits, and registry size (regclean might help with that) that don't exist any more.
If, after
powering all the way off and back up again with a clean boot disk, you still see problems, run the antivirus stuff.
Then do it again, only this time, check the Startup folder for any unrecognized programs as well. Delete anything
you don't recognize as legit. Barring any bad news there, we can still assume virus. If you see the problems only
when you fire up IE, assume spyware. (It's not a perfect predictor, but those are your best bets).
belgareth
06-01-2004, 02:42 PM
My office
computer is completely insane today. I've run Symantec, Ad-Aware, and Spy-Bot, and there's STILL something on my
computer that keeps loading a bunch of pop-ups and weird programs. And today, I can't get IE to stay open. It will
open, then I get an "illegal operation" and it closes. :\ I can open Netscape, but I can only read. If I try to
PM/email someone, or download anything (such as Opera so I've got a new browser), I get an "illegal operation" and
it closes.
Can anyone suggest anything? I'm at home now for lunch. I've been working on that computer all
morning. I uninstalled IE, then installed it again. That didn't work. I'm about out of ideas, with the exception
of taking out my lower window panel and shoving the whole thing out into the parking lot. >:\There are a
couple things that you can try. First thing to try is click Start, Run and type in
www.yahoo.com (http://www.yahoo.com/) or any other common site. Sometimes that gets around. It's nnot a
fix but can sometimes make the machine workable until more drastic solutions can be used. Otherwise you can try the
other items listed below.
Run MSCONFIG and see what is running in Startup and Services. Turn off anything you
don't want running. If you are comfortable running regedit, you can do a search for the word RUN. Have it look at
Keys only and show exact matches. You can delete most entries under run, runonce and runexe without causing any
problems. However, BE VERY CAREFUL!!!!!!! you can blow your OS up really well if you goof. Also do a search in the
registry for MSBB. That's a really common pop-up source. If you find it, delete it then do a search of your hard
drive for it and delete it there too.
Brian
06-01-2004, 04:56 PM
Restart your computer in safe mode
and then run your spyware removal program. Many adware programs will write themselves somewhere else on your
computer when removed. I wouldn't recommend messing around with your registry files as you can do a lot of damage
to your pc if you delete the wrong thing. Information from viruses, and adware, rarely write anything recognizable
to the registry, therefore, it will be impossible to find the registry file, or files, that are causing the problem.
If you are using a company pc, don't format the drive and reinstall windows. Most IT's frown on that. I'm an IT
and believe me, I sure would frown on it. The above solution should take care of the problem. Be sure to reboot your
pc and run the software as described above as many times as needed. e.g. run it until the software says that no
adware has been found.
Brian
Restart your computer in
safe mode and then run your spyware removal program. Many adware programs will write themselves somewhere else on
your computer when removed. I wouldn't recommend messing around with your registry files as you can do a lot of
damage to your pc if you delete the wrong thing. Information from viruses, and adware, rarely write anything
recognizable to the registry, therefore, it will be impossible to find the registry file, or files, that are causing
the problem. If you are using a company pc, don't format the drive and reinstall windows. Most IT's frown on that.
I'm an IT and believe me, I sure would frown on it. The above solution should take care of the problem. Be sure to
reboot your pc and run the software as described above as many times as needed. e.g. run it until the software says
that no adware has been found.
BrianMan, you sooooooo smaaaarrrrrrt!;) Now if I can just understand all
that.
JustPeachy
06-01-2004, 05:16 PM
Information from
viruses, and adware, rarely write anything recognizable to the registry, therefore, it will be impossible to find
the registry file, or files, that are causing the problem.
Not true at all. Peachy <==Engineer, clueful,
cleans 'em up manually all the time.
(However, if you have access to tech support, SRH, then by all mean use
it! Why waste your time messing with something that's somebody else's job - and somebody else's a**?)
I have
spoken.
belgareth
06-01-2004, 05:27 PM
Restart your
computer in safe mode and then run your spyware removal program. Many adware programs will write themselves
somewhere else on your computer when removed. I wouldn't recommend messing around with your registry files as you
can do a lot of damage to your pc if you delete the wrong thing. Information from viruses, and adware, rarely write
anything recognizable to the registry, therefore, it will be impossible to find the registry file, or files, that
are causing the problem. If you are using a company pc, don't format the drive and reinstall windows. Most IT's
frown on that. I'm an IT and believe me, I sure would frown on it. The above solution should take care of the
problem. Be sure to reboot your pc and run the software as described above as many times as needed. e.g. run it
until the software says that no adware has been found.
Brian
Brian,
You'd be surprised how often
we find crap like she described loading in the registry, especially on computers with older OS's like 95. At least
half of the problems SRH describes at least partially come from there. We developed a standardized procedure for
when we get that type of complaint that includes all the things I suggested to SRH and several others.
I worked
in, then managed a large IT department for years before starting my company. It's a completely different world when
you don't have network security, anti-virus and firewalls protecting the equipment. The uses and and issues of a
corporate computer and a home or small business system aren't even on the same world. If I hadn't had some really
good people working for me, I would have fallen flat on my face the first year.
Belgareth
Brian
06-01-2004, 06:58 PM
Brian,
You'd be surprised how often we find crap like she described loading in the registry, especially on computers
with older OS's like 95. At least half of the problems SRH describes at least partially come from there. We
developed a standardized procedure for when we get that type of complaint that includes all the things I suggested
to SRH and several others.
I worked in, then managed a large IT department for years before starting my
company. It's a completely different world when you don't have network security, anti-virus and firewalls
protecting the equipment. The uses and and issues of a corporate computer and a home or small business system
aren't even on the same world. If I hadn't had some really good people working for me, I would have fallen flat on
my face the first year.
Belgareth
I agree with what you said Bel. I know that's where
spyware is written. I never said that the entries weren't in the registry. I was suggesting that it's best not to
be messing with the registry files as someone without the knowledge can and almost certainly will, do damage. Any
decent spyware software will remove the files from the registry for her, provided that she runs it in safe mode. As
I said before, regardless what others have said in previous posts here. It is almost impossible to manually sift
through the thousands of entries in the registry for the keys that are creating the problem. Even if you were to run
a search, what would you put in the search field? The keys will not contain the name of the spyware/adware file or
folder. In my experience, it hasn't. I've dealt with adware/spyware many times and I know what I suggested is the
way to correct the problem.
belgareth
06-02-2004, 09:02 AM
I agree with what
you said Bel. I know that's where spyware is written. I never said that the entries weren't in the registry. I was
suggesting that it's best not to be messing with the registry files as someone without the knowledge can and almost
certainly will, do damage. Any decent spyware software will remove the files from the registry for her, provided
that she runs it in safe mode. As I said before, regardless what others have said in previous posts here. It is
almost impossible to manually sift through the thousands of entries in the registry for the keys that are creating
the problem. Even if you were to run a search, what would you put in the search field? The keys will not contain the
name of the spyware/adware file or folder. In my experience, it hasn't. I've dealt with adware/spyware many times
and I know what I suggested is the way to correct the problem.
In most case, I agree. There are some that
cannot be removed that way though. A few good examples are precision time, shopping.com and MSBB. There are others
but those three are very common. If you delete their entry in the run keys you effectively stop them though. One of
the ploys that has been popping up latley is to reload the spyware through the runonce key so it comes back as soon
as you restart your computer. Spyware tools miss those a lot too.
I am curious about your opinion on something.
We use Ad Aware and Spybot more than anything else. Between the two they seem to cover most of the bases. Is there
something you use that you feel is a better tool?
Brian
06-02-2004, 10:12 AM
I use Bulletproof Spyware Remover.
It's the best I've found. It is very thorough. Most spyware/adware programs only search the most common places
that most adware is wriiten. The problem is that the people who are writing new adware to write to your pc know this
and are writing it anywhere on your pc. You could still have thousands on your computer and not know it. Bulletproof
scans your entire pc, including network drives. There is certain adware which can only be removed while in safe
mode. Here's the link to the bulletproof site.
http://www.bulletproofsoft.com
The price of
the software is $29. You can download it for free to try it out.
belgareth
06-02-2004, 10:21 AM
I use Bulletproof
Spyware Remover. It's the best I've found. It is very thorough. Most spyware/adware programs only search the most
common places that most adware is wriiten. The problem is that the people who are writing new adware to write to
your pc know this and are writing it anywhere on your pc. You could still have thousands on your computer and not
know it. Bulletproof scans your entire pc, including network drives. There is certain adware which can only be
removed while in safe mode. Here's the link to the bulletproof site.
http://www.bulletproofsoft.com (http://www.bulletproofsoft.com/)
The price of the software is $29.
You can download it for free to try it out.
Great, thanks.
DZorro
06-02-2004, 10:26 AM
I use Bulletproof
Spyware Remover. It's the best I've found. It is very thorough. Most spyware/adware programs only search the most
common places that most adware is wriiten. The problem is that the people who are writing new adware to write to
your pc know this and are writing it anywhere on your pc. You could still have thousands on your computer and not
know it. Bulletproof scans your entire pc, including network drives. There is certain adware which can only be
removed while in safe mode. Here's the link to the bulletproof site.
http://www.bulletproofsoft.com (http://www.bulletproofsoft.com/)
The price of the software is $29.
You can download it for free to try it out.
Thanks, for the link.
DZorro,
EXIT63
06-02-2004, 10:27 AM
I use Bulletproof
Spyware Remover. It's the best I've found. It is very thorough. Most spyware/adware programs only search the most
common places that most adware is wriiten. The problem is that the people who are writing new adware to write to
your pc know this and are writing it anywhere on your pc. You could still have thousands on your computer and not
know it. Bulletproof scans your entire pc, including network drives. There is certain adware which can only be
removed while in safe mode. Here's the link to the bulletproof
site.
http://www.bulletproofsoft.com
The price of the software is $29. You can download it
for free to try it out.
If I uninstall my old free trial version, could I download a new free trial
version?
Brian
06-02-2004, 10:37 AM
If I uninstall my old
free trial version, could I download a new free trial version?
PM me Exit!
JustPeachy
06-02-2004, 11:19 AM
I use Bulletproof
Spyware Remover. It's the best I've found. It is very thorough. Most spyware/adware programs only search the most
common places that most adware is wriiten. The problem is that the people who are writing new adware to write to
your pc know this and are writing it anywhere on your pc. You could still have thousands on your computer and not
know it. Bulletproof scans your entire pc, including network drives. There is certain adware which can only be
removed while in safe mode. Here's the link to the bulletproof site.
http://www.bulletproofsoft.com (http://www.bulletproofsoft.com/)
The price of the software is $29.
You can download it for free to try it out.
Sounds decent. Thanks, Brian. I'll give a look, even though
I'm very happy with HijackThis! I usually kill the guilty running processes and unload those nasty little .dll's
by hand (just to watch 'em die), so no need for going into safe mode.
Sorry, SRH, but Brian is right. We're
just nitpicking the details like all self-respecting geeks are wont to do. (We certainly won't admit that we
can't help it! :p ) If you aren't at ease with all the techno-babble, then best to use a commercial tool as Brian
suggests.
DZorro
06-04-2004, 02:08 PM
My office
computer is completely insane today. I've run Symantec, Ad-Aware, and Spy-Bot, and there's STILL something on my
computer that keeps loading a bunch of pop-ups and weird programs. And today, I can't get IE to stay open. It will
open, then I get an "illegal operation" and it closes. :\ I can open Netscape, but I can only read. If I try to
PM/email someone, or download anything (such as Opera so I've got a new browser), I get an "illegal operation" and
it closes.
Can anyone suggest anything? I'm at home now for lunch. I've been working on that computer all
morning. I uninstalled IE, then installed it again. That didn't work. I'm about out of ideas, with the exception
of taking out my lower window panel and shoving the whole thing out into the parking lot. >:\
If you
still need help regarding this, check out this link.
http://forums.spywareinfo.com/
It can help you with anyting ,
regarding your pc, from spyware remover to virus remover.
If i need help with something, ussually check out this
site first.
Hopes this help.
DZorro,
Sexyredhead
06-04-2004, 02:17 PM
Well, I got my web browsers
working again, but I can't get rid of whatever is on my computer. Since it belongs to the school, ITS has been
called in. They should be by in about 2 weeks to see what's up. ;p :)
Thanks everybody for your help! :D
Powered by vBulletin® Version 4.2.2 Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.