Nasty little virus

[Regs]

My friend has AOL online and a dial up connection. He does not know how to perform proper maintenance. He let his subscription to Norton Anti Virus expire so now his computer is infested with spyware and virus's.

This virus is a little tricky. It designates the dial-up connection to 555-5555 so it can't connect to the internet and it will also not let me simply change the number through the control panel; properties on that connection has been disabled. I booted into safe mode where only the Network adapter is shown and not the dial-up connection.

So I can't run a updated virus scanner nor can I change the properties of the dial up connection in either safe mode or normal mode. I haven't tried deleting the connection all together yet, but I wonder if that's possible. I haven't used dial up in years, even more so AOL. So I'm kind of stumped in resolving this. Hopefully this description rings a bell to some one so they could point me in the right direction.

 

[n0cmonkey]

Format, reinstall.

 

[Regs]

Originally posted by: n0cmonkey
Format, reinstall.

That has crossed my mind. It would be a simple decision if it was my computer, however I'm trying to figure out something less drastic for my friend.

 

[n0cmonkey]

Nuke them from orbit (format), it's the only way to be sure.

 

[mechBgon]

*you have... malware!* :music:

I would nuke them from orbit too but if you can't do that... does your friend have any way to reach the Internet to download stuff? Or is he local, so that you can download stuff and go over there with it, or take his drive out, put it in your computer as a secondary drive, and scan it there?

 

[mechBgon]

Well, I gotta go to bed but here are some ideas. From your first post, it sounded as if your pal was local. You might have him go buy Norton Antivirus 2005, and you download the daily Intelligent Updater for him, to give it up-to-date definitions without going online. Disable System Restore so there's nowhere to hide, then start up in Safe Mode and do an exhaustive scan using maximum heuristics, scanning within compressed files, the works. Like this. In the Threat Categories, make sure it's got all the extras enabled (I think it does by default).

You can also take along the Spybot Search & Destroy installer and its offline updater, and ditto for Ad-Aware SE Personal. Again, I'd run the scans in Safe Mode after disabling System Restore.

 

[Regs]

Originally posted by: mechBgon
*you have... malware!* :music:

I would nuke them from orbit too but if you can't do that... does your friend have any way to reach the Internet to download stuff? Or is he local, so that you can download stuff and go over there with it, or take his drive out, put it in your computer as a secondary drive, and scan it there?

Yes he is local. Im actually afraid to stick his hard drive anywhere near my PC at the moment. So I can use the link you gave me to update the engine and copy it to a disc? I wondered about this before, because I always thought once you installed nortan your only way to update it was via the net while it was installed on the computer.

Edit - BTW- Thanks Mech! I smell those SCSI's burning up again.

 

[Twista]

burn a updated copy of AVG to a cd and install on his computer and hopefully datll help

 

[Regs]

Originally posted by: Twista
burn a updated copy of AVG to a cd and install on his computer and hopefully datll help

How can you update it without it being all ready extracted outside its excutables? I never used AVG before.

 

[n0cmonkey]

Norton utilities has a nice bootable setup, maybe their antivirus has a similar feature...

 

[redbeard1]

You can download Antivir and burn it to a cd and install it on his system while it it in safe mode. This will make a dent in the spyware trojans and viruses on his system and possibly let him make a connection. The file you download contains the latest definitions already.

 

[crobusa]

Is there a way to use Norton's Boot from CD with the updates?
Never figured out how to do that.

 

[Philippine Mango]

Chase the Virus down in the registry, I had a virus that was very tricky in a way. Every time I would enter the registry it would delete Regedit.exe So I copied it many times and knew my time limit so I would race agianst the clock and ended up removing the virus! Took me about 20 times to open regedit before I could fully remove it from the registry.

 

[gwag]

download stinger.exe from macafee burn it, usb drive it, dump it on a camera what ever. then run it on the system see if it fixes it?