Technical help, internet issues

Johnzaloog

Johnzaloog

DATS Yu-Gi-Oh! Official
Technical help, internet issues

Im having some problems with my internet at home (I'm on my mother's netbook ATM). I run on XP. Whenever I try to use internet explorer, a message comes up asking whether I want to install a virus protection program or to continue without (not recommended). When I click don't install, the thing closes. I have already installed it now, but it still won't let me use it. If I had the chance to install firefox or something, it may work, but I can't stay online long enough to download it. Anybody got any suggestions?
 
Zodiac

Zodiac

Gurren Brigade Member
Johnzaloog;85606 said:
Im having some problems with my internet at home (I'm on my mother's netbook ATM). I run on XP. Whenever I try to use internet explorer, a message comes up asking whether I want to install a virus protection program or to continue without (not recommended). When I click don't install, the thing closes. I have already installed it now, but it still won't let me use it. If I had the chance to install firefox or something, it may work, but I can't stay online long enough to download it. Anybody got any suggestions?
Click to expand...

You have a virus, then. If it asks you to install something and withholds the process, then it's definitely not a good thing. You should burn a real virus/spyware protection program to a CD (say, Spybot S&D or use Windows Defender [not recommended]), bring it over to your computer, and check for viruses.

BTW, just to make sure, does the virus give you another message after you say "Don't Install"? Like, "Your computer is not secure. Closing Internet Explorer to protect your computer"?

Afterwards, download Firefox like you suggested.
 
megumi

megumi

SPAM BOT
Staff member
WARNING WARNING
What is the name of the Virus Protection program that it asked you to install?
 
Johnzaloog

Johnzaloog

DATS Yu-Gi-Oh! Official
Zodiac;85608 said:
You have a virus, then. If it asks you to install something and withholds the process, then it's definitely not a good thing. You should burn a real virus/spyware protection program to a CD (say, Spybot S&D or use Windows Defender [not recommended]), bring it over to your computer, and check for viruses.

BTW, just to make sure, does the virus give you another message after you say "Don't Install"? Like, "Your computer is not secure. Closing Internet Explorer to protect your computer"?

Afterwards, download Firefox like you suggested.
Click to expand...

I'll have to try and get ahold of one, I have norton, but it's out of date (by about a week).

Download firefox afterwards? okay then.

And Mrgumi, I've just checked, the file that's riking my pc is called Win32.Zafi.B, a trojan virus that takes screenshots and recors key strokes, stealing personal data. That's what it says anyway.


EDIT: Does it have to be burnt to a CD? Could I use a data stick instead?
 
Futamaru

Futamaru

A Translator, Not So Diligent...
Staff member
Wow... Keylogger... That's bad!

Burn it to a CD. Because using a data stick may cause the anti-virus installation software get infected before it's installed into your computer.

Now you have the name of the virus, try Google search and maybe you can find some more specific solutions than installing another antivirus. Specific counter-measure towards a virus is often more useful than using a commercial antivirus software...
 
Kage

Kage

THE all-high-and-mighty
... all temporary measures. I'm not an expert but you should be able to use the internet while in safe mode.

Get an updated virus scanner (you can even use a free one like AVG and avast! as those two have been the ones I've heard the most about), Hijackthis, and Spybot. Spybot isn't even really an antivirus program so with either Hijackthis or Spybot you'd have to be careful.


Turn off System Restore if you’re using Windows ME or XP. When you make changes to your system, Windows does a restoration checkpoint. If it does this while the system is infected, it may come back to re-infect later.
Restart the computer in Safe Mode. Since the Zafi.B worm creates running processes, and Windows doesn’t allow you to delete files connected with running processes, restarting is necessary. Using Safe mode prevents Windows from loading drivers and auto run entries so your system boots relatively clean. In addition, Zafi.B blocks the use of Regedit which is required below.
Run a full system scan with an updated antivirus scanner (or one of the online scanners mentioned above). If your scanner does not remove everything, follow the next few steps.
IMPORTANT: Your antivirus software should, during detection, produce a list of files associated with the W32/Zafi.B or W32/Erkez virus (depends on scanner). The files will be copies of the worm stored in the Windows system folder and shared folders mentioned above. You should set your antivirus to delete them. If not, delete them manually.
Make a backup of the registry before you edit. Delete the Run entries associated with Zafi.B from the registry. These will be:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
and delete the key:
“_Hazafibb”=”%system%\<random file name>.exe”
Also delete the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\_Hazafibb
Exit the registry editor.
Re-enable System Restore, reboot machine.
Re-scan to be sure all files are clean.

If you can I think to begin with you can at least use safe mode. Restart in Safe Mode with Networking. And you can try to use Trend Micro Housecall the online scanner.

Make sure to get a good antivirus software, even some free one can work well. Do be careful when using the internet (and don't install anything you don't know).
 
Zodiac

Zodiac

Gurren Brigade Member
Ah yes, and to use a quicker method in case this ever happens again, try dual-booting Linux (Say, Ubuntu or Slackware, etc. one that has a graphical interface anyway) on another system. It helps me when I try to diagnose problems, plus it provides another system I can work with. It also works well with Futamaru's method, as most viruses that infect Windows systems are geared toward Windows systems.

With Linux, you can still access your Windows partition as a regular NTFS partition (but be extremely careful, as if you delete system files from there, they're gone for good) and the internet, so your system will be completely clean while you're trying to rid the virus. After the files are gone, boot into Safe Mode and clean the registry, because the registry is one thing you can't access properly in Linux.
 
megumi

megumi

SPAM BOT
Staff member
WARNING WARNING
Random note, but Norton fails as a antivirus program (I had it years ago, and it broke my computer instead of "protecting" it). So, like Kage said, get a good antivirus software. I heard Avast is pretty good out of the free ones.

Spybot isn't really going to do much. It doesn't scan all files, so it'd be quite pointless in this situation.
 
Johnzaloog

Johnzaloog

DATS Yu-Gi-Oh! Official
megumi;85735 said:
Random note, but Norton fails as a antivirus program (I had it years ago, and it broke my computer instead of "protecting" it). So, like Kage said, get a good antivirus software. I heard Avast is pretty good out of the free ones.

Spybot isn't really going to do much. It doesn't scan all files, so it'd be quite pointless in this situation.
Click to expand...

Believe me, I know.

It's fixed, got a free trial of Onecare and it cleared it right up. :)
 
You must log in or register to reply here.
Top