Nasty Computer Virus

[RyDogg66]

I have never had bad luck with computer viruses before, despite always using a PC and until a few years ago, always using IE. But this time, it's got me. I suspect it came in from an email. My wife is an English Professor and she gets boatloads of emails with attachments from her students, papers and the like.

 

So it started on Monday I believe, when I stupidly got caught by the "Think Point" virus, the bogus Windows virus protection thingy. I went on the internet in safe mode and downloaded MalwareBytes Anti-Malware and ran that and it caught a couple things and I got rid of them, but the problems didnt stop. I have since run more scans after more updates, it isnt picking anything up. so last night I downloaded AVG 11 and ran that on a full scan, and it found nothing.

 

The problems are as follows:

 

Cant open any programs, especially internet browsers, but it appears to affect Firefox the worst, although when it gets really bad I cant open ANYTHING.

 

Now it appears that my speakers dont work, they are internal (laptop), this is a new thing.

 

I am only connected through a secure online connection with my ATT 2wire router. Sometimes I notice that where it says "Wireless Connection" where is usually says "2wire526" it has a bunch of weird figures and the word "bogus" in the middle of them. That is concerning.

 

I appear to have a lot more problems coming out of hibernation.

 

Any tips? What is with the "bogus" wireless connection??

[1992casey]

My first choice would be to avoid a lot of fixing by restoring the entire hard drive from the last good backup created before the mess started. That way, you'd only have to isolate a few files that might have been modified since that date and run the scanners to make sure they're clean before putting them back.

 

You could go back to a restore point set before the problem occurred. You wouldn't actually remove the bum files, but they should be rendered inactive. That might make followup steps a whole lot easier.

[RyDogg66]

thanks for the tips casey. Being a non-tech guy, I of course do not have "backups" of my hard drive. I have attempted to do system restore, but the virus will not allow it. When I attempt to do anything it simply tells me the restore fails.

[1992casey]

Can you boot into Safe Mode and do a system restore from there?

[1992casey]

Take a look at these two links.

 

http://deletemalware.blog...hinkpoint-uninstall.html

http://www.myantispyware....-uninstall-instructions/

 

The instructions are very similar in the beginning. Both of them tell you to boot your computer and hit CTRL-ALT-DELETE quickly after the Think Point screen appears. That will bring up the task manager. From the task manager, you'd terminate hotfix.exe. At that point, you'd start up explorer.exe from the Task Manager. The first link offers a workaround to try if starting up explorer.exe fails.

 

Things differ at this point. The first link has you downloading and running an extra file (windows-shell.reg); the second link doesn't include that step. Also, the first link says one of several malware removal programs should be fine. The second one says to use MalwareBytes.

 

In addition to written instructions, the second link offers a video. I can't critique it because I didn't watch it. http://forum.brewerfan.net/images/smilies/smile.gif

 

My gut says that I'd download and run windows-shell.reg (mentioned in the first link) as part of the attempt to fix this issue. But I'd certainly have both sets of instructions handy. And I'd certainly watch the video.

[RyDogg66]

I sure do appreciate the help casey, unfortunately, nothing helps, so it looks like I am going to have to take it to get it looked at.

 

Two genuine questions.

 

What kind of place should I take it to get it fixed (I live in Oshkosh) and how much am I looking at for cost?

 

I know that was technically two questions above, but my second question, and I am serious about this, why do people write these viruses and then send them out into the world? What benefits do they derive from them?

[nate82]

You are going to have to run multiple virus, malware, and spyware software. I suggest start using these two: http://www.eset.com/ and http://usa.kaspersky.com/.

 

As for spyware and malware you already have one of the programs I would suggest. Spyware doctor is good for getting rid of some spyware on your computer http://download.cnet.com/...000-8022_4-10377263.html

 

The best option though is to reinstall Windows. I know it sucks that you are going to lose all of that information. If you need to make a backup of some important files I would place them on a CD or on an external hard drive if you have one. But the best option really is to just reinstall windows.

[1992casey]

Yeah, I'd recommend reformatting the hard drive and reinstalling Windows. Transfer your important documents to another volume. I'd recommend a key drive simply because it's writable: you can bombard it with anti-virus and anti-virus checks to make sure those files are clean.

 

I'd also recommend purchasing a backup hard drive and getting into a backup routine. Doing that is much less techie than attempting to remove malware. I'd start the backup routine before copying any of your files back to your hard drive... just in case there's an infection in there that you might miss.

[DKM4Boston]

I know that was technically two questions above, but my second question, and I am serious about this, why do people write these viruses and then send them out into the world? What benefits do they derive from them?

Mainly $$$. Spammers might pay big bucks for a virus that can get them a lot of 'zombie' computers out there to flood with spam or spread their spam to other computers. There are probably enough people out there to buy the crap the spammers are trying to get people to buy. Another obvious reason is identity theft. Also there are some people out there who just get a kick out of creating something and seeing it work on a big scale or who try to out-do others in their little underworld to see who can cause the most damage.

 

I don't know what exactly 'Think Point' does, but if it is like all those other fake antivirus programs, a pop-up might come up and say 'you have viruses, buy our software to get rid of them'. A lot of people probably fall for that...they buy the fake software and cha-ching! Mission accomplished. I've had calls at work and the person will say 'My computer says I have viruses and it is asking me to purchase this software to remove it. I don't want to do that, right?' The fact that they even ask that question tells me that a lot of people probably fall for it if they aren't really aware of these types of scams.

[greeg35]

I'm the ultimate conspiracy theorist; but if I were Norton I would have off the books people to create stuff just to put fear into the public and keep my product demand up. They probably employ hackers anyway to help them defend against viruses.

[cwolf2012]

"They probably employ hackers anyway to help them defend against viruses. "

 

My company has an entire security department dedicated to this. They are all essentially "white-hat" hackers. They go onsite, and attempt to break into everything they can and then fix the vulnerabilities before the bad guys find them.

 

Ethical hacking is a common term.

[greeg35]

now that sounds like a fun job!