Author Topic: Please help! Computer infected! This one's a doozy.  (Read 2836 times)

Offline Pigslilspaz

  • Gold Member
  • *****
  • Posts: 3378
Please help! Computer infected! This one's a doozy.
« on: June 18, 2012, 03:16:27 AM »
Tonight my computer got hit with a small virus that quickly took down MSE and was one of those "your computer may be infected gimme gimme gimme" virus's. I got it taken care of and was happy, and Then it happened. After booting it up to just browse the web, a short while after booting, I got a message saying "Error Windows has encountered a critical problem and will restart automatically in one minute" and then after a minute it shutoff and started back up again. trying to figure out what it is, I booted in safe mode where it STILL HAPPENED. I'm able to be on long enough to find out that there is a new Trojan that is now here called sirefef.y

what should I do if I can do anything? also, since I had already ordered a new HDD could I possibly put windows on that and then just transfer files to it (since was going to be storage and is larger than my other two drives combined) and then wipe the main one?
« Last Edit: June 18, 2012, 03:39:21 AM by Pigslilspaz »

Quote from: Superfly
The rules are simple: Don't be a dick.
Quote from: hitech
It was skuzzy's <----- fault.
Quote from: Pyro
We just witnessed a miracle and I want you to @#$%^& acknowledge it!

Offline MrRiplEy[H]

  • Persona Non Grata
  • Plutonium Member
  • *******
  • Posts: 11633
Re: Please help! Computer infected! This one's a doozy.
« Reply #1 on: June 18, 2012, 07:31:55 AM »
Tonight my computer got hit with a small virus that quickly took down MSE and was one of those "your computer may be infected gimme gimme gimme" virus's. I got it taken care of and was happy, and Then it happened. After booting it up to just browse the web, a short while after booting, I got a message saying "Error Windows has encountered a critical problem and will restart automatically in one minute" and then after a minute it shutoff and started back up again. trying to figure out what it is, I booted in safe mode where it STILL HAPPENED. I'm able to be on long enough to find out that there is a new Trojan that is now here called sirefef.y

what should I do if I can do anything? also, since I had already ordered a new HDD could I possibly put windows on that and then just transfer files to it (since was going to be storage and is larger than my other two drives combined) and then wipe the main one?

Try a linux based antivirus scanner which lets you boot from dvd and then scan windows without even starting it i.e. no virus can activate either. http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/

I would be VERY cautious transfering any files from the infected computer. The virus may have injected dlls and exes with its payload so you can't essentially trust anything on your hdd anymore. But if you must, do a full scan on the infected drive from boot-dvd before you install your new hdd and windows.
Definiteness of purpose is the starting point of all achievement. –W. Clement Stone

Offline Pigslilspaz

  • Gold Member
  • *****
  • Posts: 3378
Re: Please help! Computer infected! This one's a doozy.
« Reply #2 on: June 18, 2012, 08:50:55 AM »
Try a linux based antivirus scanner which lets you boot from dvd and then scan windows without even starting it i.e. no virus can activate either. http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/

I would be VERY cautious transfering any files from the infected computer. The virus may have injected dlls and exes with its payload so you can't essentially trust anything on your hdd anymore. But if you must, do a full scan on the infected drive from boot-dvd before you install your new hdd and windows.

Great idea with the Linux except one small problem, I have 0 Linux experience and would probably need help. Also with transferring files, I transfer files individuallly so as to avoid that. There shouldn't be a problem with that, right?

Quote from: Superfly
The rules are simple: Don't be a dick.
Quote from: hitech
It was skuzzy's <----- fault.
Quote from: Pyro
We just witnessed a miracle and I want you to @#$%^& acknowledge it!

Offline Skuzzy

  • Support Member
  • Administrator
  • *****
  • Posts: 31462
      • HiTech Creations Home Page
Re: Please help! Computer infected! This one's a doozy.
« Reply #3 on: June 18, 2012, 09:26:39 AM »
Does not matter how you transfer the files.  If a file is infected, the virus goes with it.

The real nightmare is even using a virus scanner it may not fix/detect an infected file.  All you can do is improve the odds.
Roy "Skuzzy" Neese
support@hitechcreations.com

Offline Nathan60

  • Platinum Member
  • ******
  • Posts: 4573
Re: Please help! Computer infected! This one's a doozy.
« Reply #4 on: June 18, 2012, 10:16:29 AM »
run a boot time scan if you can, and good luck getting of this ransomware.
HamHawk
Wing III-- Pigs on The Wing
FSO--JG54
CHUGGA-CHUGGA, CHOO-CHOO
Pigs go wing deep

Offline Pigslilspaz

  • Gold Member
  • *****
  • Posts: 3378
Re: Please help! Computer infected! This one's a doozy.
« Reply #5 on: June 18, 2012, 10:19:53 AM »
Does not matter how you transfer the files.  If a file is infected, the virus goes with it.

The real nightmare is even using a virus scanner it may not fix/detect an infected file.  All you can do is improve the odds.
That's what I was afraid of.  :(. Thankfully MSE does pick it up, problem is that it can't kill it before it shuts down the computer.


Also, if worst comes to worst and I can't beat this thing, does Geek Squad actually work on these sort of problems or are they just a ripoff that can't do real work?


« Last Edit: June 18, 2012, 10:33:22 AM by Pigslilspaz »

Quote from: Superfly
The rules are simple: Don't be a dick.
Quote from: hitech
It was skuzzy's <----- fault.
Quote from: Pyro
We just witnessed a miracle and I want you to @#$%^& acknowledge it!

Offline Nathan60

  • Platinum Member
  • ******
  • Posts: 4573
Re: Please help! Computer infected! This one's a doozy.
« Reply #6 on: June 18, 2012, 10:33:30 AM »
That's what I was afraid of.  :(


Also, if worst comes to worst and I can't beat this thing, does Geek Squad actually work on these sort of problems or are they just a ripoff that can't do real work?




Just wipe and resotre of worse comes to worse, and if is still a problem yeah you're gonnaa have to get a pro to help
« Last Edit: June 18, 2012, 10:35:25 AM by Nathan60 »
HamHawk
Wing III-- Pigs on The Wing
FSO--JG54
CHUGGA-CHUGGA, CHOO-CHOO
Pigs go wing deep

Offline Pigslilspaz

  • Gold Member
  • *****
  • Posts: 3378
Re: Please help! Computer infected! This one's a doozy.
« Reply #7 on: June 18, 2012, 11:09:27 AM »
Just wipe and resotre of worse comes to worse, and if is still a problem yeah you're gonnaa have to get a pro to help


I'd rather not lose 700GB+ of stuff,

Quote from: Superfly
The rules are simple: Don't be a dick.
Quote from: hitech
It was skuzzy's <----- fault.
Quote from: Pyro
We just witnessed a miracle and I want you to @#$%^& acknowledge it!

Offline Skuzzy

  • Support Member
  • Administrator
  • *****
  • Posts: 31462
      • HiTech Creations Home Page
Re: Please help! Computer infected! This one's a doozy.
« Reply #8 on: June 18, 2012, 11:11:59 AM »
"Denial" is one of the steps in realizing you should have done more to protect your data.  Don't worry as "acceptance" is only a few steps away.
Roy "Skuzzy" Neese
support@hitechcreations.com

Offline Pigslilspaz

  • Gold Member
  • *****
  • Posts: 3378
Re: Please help! Computer infected! This one's a doozy.
« Reply #9 on: June 18, 2012, 11:23:17 AM »
"Denial" is one of the steps in realizing you should have done more to protect your data.  Don't worry as "acceptance" is only a few steps away.

The HDD I ordered to use as a backup just arrived this morning  :cry. Talk about horrible timing. I feel acceptance coming. Sadly I'm not back in the dorms with their rediculously fast DL speeds.

Quote from: Superfly
The rules are simple: Don't be a dick.
Quote from: hitech
It was skuzzy's <----- fault.
Quote from: Pyro
We just witnessed a miracle and I want you to @#$%^& acknowledge it!

Offline Skuzzy

  • Support Member
  • Administrator
  • *****
  • Posts: 31462
      • HiTech Creations Home Page
Re: Please help! Computer infected! This one's a doozy.
« Reply #10 on: June 18, 2012, 11:33:09 AM »
Backups do not help as a virus does not care where the files are.  It is worse if the backup device is a USB base device as most of the modern day viruses hook the USB routines which activate when you plug in a USB device.
Roy "Skuzzy" Neese
support@hitechcreations.com

Offline Nathan60

  • Platinum Member
  • ******
  • Posts: 4573
Re: Please help! Computer infected! This one's a doozy.
« Reply #11 on: June 18, 2012, 11:33:47 AM »
The HDD I ordered to use as a backup just arrived this morning  :cry. Talk about horrible timing. I feel acceptance coming. Sadly I'm not back in the dorms with their rediculously fast DL speeds.

Unless you can get a boottime scan ran AND it finds the issue  you most likely SOL. Shoulda  looked at that porn in a  non admin  account.
HamHawk
Wing III-- Pigs on The Wing
FSO--JG54
CHUGGA-CHUGGA, CHOO-CHOO
Pigs go wing deep

Offline Pigslilspaz

  • Gold Member
  • *****
  • Posts: 3378
Re: Please help! Computer infected! This one's a doozy.
« Reply #12 on: June 18, 2012, 11:46:10 AM »
Backups do not help as a virus does not care where the files are.  It is worse if the backup device is a USB base device as most of the modern day viruses hook the USB routines which activate when you plug in a USB device.
Wouldn't making a copy of your C: periodically (like once a month) on a separate HDD and then using that to re copy everything once you completely wipe the main? Would obviously disconnect the backup when not in use to keep that from being hit.

Also, thank you for your patience with me, I know a lot about computers compared to the average person (which isn't saying much) but I don't know jack compared to you guys. Always willing to learn though.
Shoulda  looked at that porn in a  non admin  account.
I wouldn't be as pissed off it was because of that. It would have just meant I had it coming, but I don't use this computer for that seeing as my girlfriend uses it quite often for FB and yahoo and whatnot (all safe sites)

I wish I could swear in just this one thread. Can't accurately convey my feelings without it lol. But I'd rather not get banned.

Quote from: Superfly
The rules are simple: Don't be a dick.
Quote from: hitech
It was skuzzy's <----- fault.
Quote from: Pyro
We just witnessed a miracle and I want you to @#$%^& acknowledge it!

Offline The Fugitive

  • Plutonium Member
  • *******
  • Posts: 17934
      • Fugi's Aces Help
Re: Please help! Computer infected! This one's a doozy.
« Reply #13 on: June 18, 2012, 12:25:34 PM »
It isn't possible to use the words "all safe sites" and Facebook and yahoo all in one sentance. It just doesn't make any sense. Facebook and it's links are horrible with yahoo not far behind.

Offline gyrene81

  • Plutonium Member
  • *******
  • Posts: 11629
Re: Please help! Computer infected! This one's a doozy.
« Reply #14 on: June 18, 2012, 12:44:41 PM »
Wouldn't making a copy of your C: periodically (like once a month) on a separate HDD and then using that to re copy everything once you completely wipe the main? Would obviously disconnect the backup when not in use to keep that from being hit.

Also, thank you for your patience with me, I know a lot about computers compared to the average person (which isn't saying much) but I don't know jack compared to you guys. Always willing to learn though. I wouldn't be as pissed off it was because of that. It would have just meant I had it coming, but I don't use this computer for that seeing as my girlfriend uses it quite often for FB and yahoo and whatnot (all safe sites)

I wish I could swear in just this one thread. Can't accurately convey my feelings without it lol. But I'd rather not get banned.
like fugitive said, no such thing as "safe sites". follow a link and you're taking a huge chance. last 4 infections i've cleaned came from links on facebook, 2 adverts and 2 posts. microsoft security essentials stinks against malware droppers.

if that's one of the <blah blah> 2012 variants it may have installed a rootkit along with everything else, get on another computer and grab either the bitdefender rescue disk iso http://download.bitdefender.com/rescue_cd/ or the kaspersky rescue disc http://support.kaspersky.com/viruses/rescuedisk. once you can get back on the computer, save your stuff and reload that drive completely.
jarhed  
Build a man a fire and he'll be warm for a day...
Set a man on fire and he'll be warm for the rest of his life. - Terry Pratchett