So, I didn't even realize I had a virus when I was on my campus network - I had occasional lag spikes in games but they weren't very bad or frequent and I thought they were just a quirk of the network. However, when Spring Semester ended and I took my computer home and it was on a router with other computers, I started noticing a few things.
Websites like Facebook that use a lot of upstream have difficulty loading. Often, I'd press login on a site and it would load for a couple of seconds before giving me a "Connection Lost" 404. I thought this was just the router being shite, so I recut and reterminated my homemade CAT5 as well as I could and switched the modem-to-router connection to more reliable USB, and the problems persisted.
It was about this time I got a message from TWC/RoadRunner (my ISP) telling me that I had a bulk e-mailer virus lodged in one of the computers on the network, and I figured it was mine.
Well, HijackThis (which now only opens - safe mode or not - if I change the filename to something ridiculous like "Bubbles") turned up some suspicious )4 entries like "niludesa.exe" and "tejatomi.exe", which ran under a rundll32 process, or under a Windows Services umbrella. I removed the entries in safe mode and they're gone from the list but the timeouts are still coming. I've also done full scans with Spybot-S&D, AVG, and Ad-Aware SE.
No luck yet... any help with how to remove this stubborn effing virus?
try running malwarebytes, but i would do so on a clean install that hasn't been networked yet.
the safest thing to do if you found a virus that had been there that you didnt know about is to reformat
if it was running before without you knowing, how would you know if you got it all.
windows system restore!!! it works wonders
and everyone always forgets about it
(07-09-2009, 01:49 PM)SAVAGE-0 link Wrote: [ -> ]windows system restore!!! it works wonders and everyone always forgets about it
Except more than half the time, the virus is in your restore files because it's been there long enough to get saved in a system restore update.
Just reformat. It's seriously the only way to be sure.
(07-09-2009, 03:25 PM)zaneyard link Wrote: [ -> ][quote author=at0m link=topic=3237.msg96000#msg96000 date=1247165534]
Just don't look at child porn
[/quote]
Listen, there was grass on the field... : X
Well, I'm averse to reformatting because I don't have anywhere to back up all the things I have that were gained... er, less than legitimately. As a last resort, well.. you do what you gotta do. But are there other options?
(07-09-2009, 10:22 PM)peaches link Wrote: [ -> ][quote author=zaneyard link=topic=3237.msg96013#msg96013 date=1247171128]
[quote author=at0m link=topic=3237.msg96000#msg96000 date=1247165534]
Just don't look at child porn
[/quote]
Listen, there was grass on the field... : X
Well, I'm averse to reformatting because I don't have anywhere to back up all the things I have that were gained... er, less than legitimately. As a last resort, well.. you do what you gotta do. But are there other options?
[/quote]Realistically? No. There isn't anything you can do short of reformatting that will _guarantee_ that you're virus-free at this point. And if you can't guarantee it there's no point in doing it. Go out and snag an external HDD, back your stuff up onto that. How much data are we talking about that you actually want to keep?
Probably about 150GB.
Ahem. Sorry, there are some men in snappy suits on my doorstep and they look unhappy. : X
(07-10-2009, 05:35 PM)peaches link Wrote: [ -> ]Probably about 150GB.
Ahem. Sorry, there are some men in snappy suits on my doorstep and they look unhappy. : X
About your bandwidth usage? Or ebola?
Also, I can lend you an external (or even just an enclosure) if you need one for the interim, although the one I have spare is 80GB iirc.
(07-10-2009, 05:45 PM)at0m link Wrote: [ -> ][quote author=peaches link=topic=3237.msg96461#msg96461 date=1247265326]
Probably about 150GB.
Ahem. Sorry, there are some men in snappy suits on my doorstep and they look unhappy. : X
About your bandwidth usage? Or ebola?
Also, I can lend you an external (or even just an enclosure) if you need one for the interim, although the one I have spare is 80GB iirc.
[/quote]
Ah, but S&H would be a bitch, yes? I can probably borrow one from a friend. I was just wondering if there was an alternative to backing up and reformatting.
(07-11-2009, 12:25 PM)peaches link Wrote: [ -> ][quote author=at0m link=topic=3237.msg96469#msg96469 date=1247265959]
[quote author=peaches link=topic=3237.msg96461#msg96461 date=1247265326]
Probably about 150GB.
Ahem. Sorry, there are some men in snappy suits on my doorstep and they look unhappy. : X
About your bandwidth usage? Or ebola?
Also, I can lend you an external (or even just an enclosure) if you need one for the interim, although the one I have spare is 80GB iirc.
[/quote]
Ah, but S&H would be a bitch, yes? I can probably borrow one from a friend. I was just wondering if there was an alternative to backing up and reformatting.
[/quote]well I don't charge handling, and dep on where you live shipping wouldn't be terrible. the local option would be better, however, especially since the drive I have isn't large enough for all of your data.
just buy a 500 gig HDD. Hell, even a 250 is pretty cheap these days.
Quote:Karrde link=topic=3237.msg98304#msg98304 date=1247703794]
just buy a 500 gig HDD. Hell, even a 250 is pretty cheap these days.
You can get a terabyte for $100
(07-15-2009, 07:46 PM)Caffeine link Wrote: [ -> ][quote author=[fr31ns]Karrde link=topic=3237.msg98304#msg98304 date=1247703794]
just buy a 500 gig HDD. Hell, even a 250 is pretty cheap these days.
You can get a terabyte for $100
[/quote]$89 for a WD caviar green this week. I might pick up another one for myself.
(07-15-2009, 08:17 PM)HeK link Wrote: [ -> ]You could try following this knowledge base article and reset your TCP/IP stack: http://support.microsoft.com/kb/299357
Otherwise you are best to follow previous suggestions.
Wow. I don't know how repairing what seems to be a purely networking-related problem could remedy something that got derailed by a virus, but good suggestion. It seems to be working very well now. Thanks, Hek! +1!
(07-17-2009, 12:34 AM)peaches link Wrote: [ -> ][quote author=HeK link=topic=3237.msg98319#msg98319 date=1247707046]
You could try following this knowledge base article and reset your TCP/IP stack: http://support.microsoft.com/kb/299357
Otherwise you are best to follow previous suggestions.
Wow. I don't know how repairing what seems to be a purely networking-related problem could remedy something that got derailed by a virus, but good suggestion. It seems to be working very well now. Thanks, Hek! +1!
[/quote]
I've seen it in the past. The offending application tries to insert a portion of it's self into your communications stack. That way it can monitor all traffic and gleam bits of important information. Can often by-pass useless 'software firewalls' and 'security tools'. Side effect of borking network traffic if removed.
Glad that helped, I'm going to add it to my little book.