Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Strange Update Behavior [Solved]


  • This topic is locked This topic is locked

#16
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hello,

I then went to the my computer menu on my start menu, right clicked on the e drive and selected format. I unchecked the quick format box and hit start. It took a couple of hours to format.

That should work. Given the time it took it sounds like it did. Is that what you did the first time?

Then I opened up the vaccine program and vaccinated the e drive.

OK. When you open up the E:\ drive now do you see any files or folders on it?

This second time around when I scanned it with my anti virus, I noticed it said it was scanning almost entirely files in the c drive.

Yep, unless you tell it to only scan the removable drive, it will scan everything.

Both the anti virus and malware bytes detected the same infected files.

Were the files found on the internal hard drive or the external hard drive?
  • 0

Advertisements


#17
Meathook

Meathook

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Oh, and I forgot to mention this in my last response, but after all of the steps above I did not see any files in the HDD. I also went to the view menu to reveal hidden files. Still nothing.
  • 0

#18
Meathook

Meathook

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Okay, so I'm about to make things confusing by accident here. Bear with me. My last response, where I indicated that I saw no files on the HDD, was posted before I saw your last response, where you were asking about my second attempt to format the HDD. Hopefully, that helps my posts make sense.

Now, to respond to your last message.

I then went to the my computer menu on my start menu, right clicked on the e drive and selected format. I unchecked the quick format box and hit start. It took a couple of hours to format.

That should work. Given the time it took it sounds like it did. Is that what you did the first time?


Yes, I did the same thing, with one difference. The format was exFAT initially and I used this same format when I reformatted the first time. After formating I tried to use the USB vaccine on the hdd, and the program said it was not compatible with exFAT. So on the second time formatting I used NTSF. Otherwise all the settings were the same.


Then I opened up the vaccine program and vaccinated the e drive.


OK. When you open up the E:\ drive now do you see any files or folders on it?


I did not open up the E drive and look for files until after I ran the AV and Malwarebytes programs. Seems like a bonehead move now. Maybe I should go for a third formatting and take a look before I scan?



This second time around when I scanned it with my anti virus, I noticed it said it was scanning almost entirely files in the c drive.

Yep, unless you tell it to only scan the removable drive, it will scan everything.


I set both programs to scan only the E drive. MB looked like it looked at the E drive only, but the AV looked at some of the C drive also. It did not scan the whole thing though. The whole scan took maybe a minute or 2, tops.

Both the anti virus and malware bytes detected the same infected files.

Were the files found on the internal hard drive or the external hard drive?


I looked for that too, but I couldn't find the location anywhere in the report. I also could not find an option to save any kind of a log, similar to the other programs we've been using so far. I'm using Symantec Endpoint Protection. Maybe you know where I can find that info with this program.

Okay! Thanks, again.
  • 0

#19
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hi, :)

I did not open up the E drive and look for files until after I ran the AV and Malwarebytes programs. Seems like a bonehead move now. Maybe I should go for a third formatting and take a look before I scan?

I don't see a need to format again....just plug the external hard drive into the computer, click the Start Orb and click on Computer. On the page that opens up, double click on the external drive to open it. Once it's open, do you see any files or folders on the drive?

I looked for that too, but I couldn't find the location anywhere in the report. I also could not find an option to save any kind of a log, similar to the other programs we've been using so far. I'm using Symantec Endpoint Protection. Maybe you know where I can find that info with this program.

The log file for MalwareBytes can be found by opening the program and clicking the Logs tab. It should be the last, or next to last .txt file in the list. Click it to highlight it and click the Open button. You should be able to see what file it found.
As for Symantic Endpoint Protection, I've never used a Symantic or Norton product so I don't know where the logs are kept. Most antivirus programs have a Settings menu item or tab, or a logs item or tab. The documentation that came with the program should tell you.

Have you made the MyBackups folder on the computer and copied all files you want to keep into it yet?
Once you do that, don't forget to right click on the MyBackups folder and click Scan with Symantic Endpoint Protection to make sure nothing is found in it.
Then right click on the folder again and click Scan with MalwareBytes to scan the folder with MalwareBytes.
After that you can copy the folder to the external hard drive...then you should be ready to reformat and reinstall Windows using the method you decided on.
  • 0

#20
Meathook

Meathook

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Hello,


I don't see a need to format again....just plug the external hard drive into the computer, click the Start Orb and click on Computer. On the page that opens up, double click on the external drive to open it. Once it's open, do you see any files or folders on the drive?


So I did reformat, and saw no files in the E drive immediately afterwards. After looking, I scanned with AV and MB, with the same result as before.


Have you made the MyBackups folder on the computer and copied all files you want to keep into it yet?
Once you do that, don't forget to right click on the MyBackups folder and click Scan with Symantic Endpoint Protection to make sure nothing is found in it.
Then right click on the folder again and click Scan with MalwareBytes to scan the folder with MalwareBytes.
After that you can copy the folder to the external hard drive...then you should be ready to reformat and reinstall Windows using the method you decided on.


After the reformat, I scanned the mybackups folder with AV and MB, and it was clean. Then I moved it onto the hdd and scanned the e drive again. The AV was not a problem, but MB keeps becoming stuck and then becomes unresponsive. I restarted my computer and tried again, but the scan will not complete.

Think this is just a glitch?
  • 0

#21
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

Think this is just a glitch?

I don't know. I don't know where MalwareBytes got stuck. However, if you used Panda vaccine to vaccinate both the computer and the external HDD and then scanned both the HDD and the mybackups folder and they were clean, I don't see any way that simply copying the mybackups folder to the external HDD would transfer an infection.
Have you checked the external HDD to verify that the mybackups folder is there and the files you backed up are in it? If it is and they are you can simply right click on the mybackups folder on the external drive and click Scan with MalwareBytes to check it again if you think you need to.
Remember to disconnect your external drive form the computer before you do the factory restore or fresh reinstall of windows.
Once Windows has been restored/reinstalled you will need to start installing updates and any 3rd party software. This will give you an opportunity to check how the system is running before you restore the backups from the external drive.
  • 0

#22
Meathook

Meathook

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Hello,

So I restored my computer with the internal image. In the process I have lost my antivirus software. Can you recommend a free program?
  • 0

#23
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hi Meathook,

So I restored my computer with the internal image.

Good job. :thumbsup: Was it relatively painless? Most folks are a little apprehensive, especially if it's their first time.

In the process I have lost my antivirus software. Can you recommend a free program?

Sure I can ! :) And I will also give you some recommendations for safer computing.


Go to our Free Antivirus and Antispyware Software page here

Scroll down to the Free Antivirus Software heading. any of the first three are excellent choices. I personally use Microsoft Security Essentials. It integrates into the Windows operating system with less problems than some of the others have had, mainly because it seems to play better with the OS and other installed programs.
MSSE doesn't include a firewall, so either turn the Windows firewall on or download a free firewall from the Free Firewalls section.



Preventing Re-Infection


Below, I have included a number of recommendations for how to protect your computer against future malware infections.

:Keep Windows Updated:-Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically.

Vista and Windows 7 Users:
1. Click Start> All Programs, from the list find Windows Update and click it.

:Turn On Automatic Updates:

Vista and Windows 7
1. Click Start> Control Panel. Click Security. Under Windows Update, Click Turn automatic on or off.
2. On the next page, under Important Updates, Click the Drop down arrow on the right side of the box and Click Install Updates Automatically(recommended).
If you click this setting, click to select the day and time for scheduled updates to occur. You can schedule Automatic Updates for any time of day. Remember, your computer must be on at the scheduled time for updates to be installed. After you set this option, Windows recognizes when you are online and uses your Internet connection to find updates on the Windows Update Web site or on the Microsoft Update Web site that apply to your computer. Updates are downloaded automatically in the background, and you are not notified or interrupted during this process. An icon appears in the notification area of your task bar when the updates are being downloaded. You can point to the icon to view the download status. To pause or to resume the download, right-click the icon, and then click Pause or Resume. When the download is completed, another message appears in the notification area so that you can review the updates that are scheduled for installation. If you choose not to install at that time, Windows starts the installation on your set schedule.

: Keep Java Updated :
  • Click the Start button
  • Click Control Panel
  • Double Click Java - Looks like a coffee cup. You may have to switch to Classical View on the upper left of the Control Panel to see it.
  • Click the Update tab
  • Click Update Now
  • Allow any updates to be downloaded and installed
: Keep Adobe Reader Updated :
  • Open Adobe Reader
  • Click Help on the menu at the top
  • Click Check for Updates
  • Allow any updates to be downloaded and installed
NOTE: Whether you use Adobe Reader, Acrobat or Foxit Reader to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Click Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. Click OK Close program. It's the same for Foxit Reader except Preferences is under the Tools menu, and you uncheck Enable Javascript Actions.

:Web Browsers:

:Make your Internet Explorer more secure:
1. From within Internet Explorer click on the Tools menu and then click on Options.
2. Click once on the Security tab
3. Click once on the Internet icon so it becomes highlighted.
4. Click once on the Custom Level button.
5. Change the Download signed ActiveX controls to "Prompt"
6. Change the Download unsigned ActiveX controls to "Disable"
7. Change the Initialize and script ActiveX controls not marked as safe to "Disable"
8. Change the Installation of desktop items to "Prompt"
9. Change the Launching programs and files in an IFRAME to "Prompt"
10. When all these settings have been made, click on the OK button.
11. If it prompts you as to whether or not you want to save the settings, click the Yes button.
12. Next press the Apply button and then the OK to exit the Internet Properties page.

:Alternate Browsers:

Using an alternative web browser can help protect your PC from infections which exploit security holes within Internet Explorer. They can also be quicker to load pages and offer more tools and features such as Firefox's huge addon list.
Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has a great built-in pop up blocker. If you are interested, Click Here To Download Firefox

If you choose to use Firefox, I highly recommend these add-ons to keep your PC even more secure.
  • NoScript - for blocking ads and other potential website attacks
  • WebOfTrust - a safe surfing tool for your browser. Traffic-light rating symbols show which websites you can trust when you search, shop and surf on the Web.
  • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling
:Install the MVPs Hosts File:
  • MVPS Hosts file-replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.
  • You only need this if you use Firefox.

Preventative programs that will help to keep the nasties away! We will start with Anti Spyware programs. I would advise getting a couple of them at least, and running a full scan at least once a month. Run Quick Scans at least once a week. Download the Free versions. And update the definitions before running scans.

========Anti Spyware========
  • Malwarebytes-Free Version- a powerful tool to search for and eliminate malware found on your computer.Recommended
  • SUPERAntiSpyware Free Edition-another scanning tool to find and eliminate malware.
  • SpywareBlaster-to help prevent spyware from installing in the first place. A tutorial can be found here.
  • SpywareGuard-to catch and block spyware before it can execute. A tutorial can be found here.
  • WinPatrol - will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. Help file and tutorial can be found here.
Firewalls help prevent unauthorized access both to and from the internet or your local network. A firewall is considered a first line of defense in protecting private information. Read the tutorial Here for more information on Firewalls. Below are two free firewalls to choose from, if you do not already have one. Note: You only need one firewall one your system.
NOTE: If the Windows Firewall is turned on you must turn it off before installing a third party firewall.

========Free Personal Firewalls========

See the Free Firewalls section on our Free Antivirus and Antispyware Software page here

It's a good idea to clear out all your temp files every now and again. This will help your computer from bogging down and slowing. It also can assist in getting rid of files that may contain malicious code that could re-infect your computer.

========TEMP File Cleaners========
  • TFC by OldTimer-A very powerful cleaning program for 32 and 64 bit OS. Note: You may have this already as part of the fixes you have run.
  • CleanUP-Click the Download CleanUP! link. There is also a Learn how to use CleanUP! link on this page.
:BACKUPS:
  • Keep a backup of your important files.-Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
  • ERUNT-(Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

:Keep Installed Programs Up to Date:

It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities.
A couple of programs that will do this are listed below. Only download and install one of the programs and run it monthly:
Secunia Software Inspector
Filehippo Update Checker

Finally, please read How did I Get Infected in the First Place(by Mr. Tony Klein and dvk01)


I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.

I Will Keep This Open For A Day or so. If Anything Comes Up - Just Come Back And Let Me Know


godawgs
  • 0

#24
Meathook

Meathook

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Hi!

I think it's all over, finally. ha ha. The system restore went very smooth and I've got all my stuff reinstalled. The AV and malwarebytes aren't detecting anything. So I think that does it.

Thank you so much. I know that got a little tedious. Thanks for hanging in.
  • 0

#25
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

Thank you so much. I know that got a little tedious. Thanks for hanging in.

You are welcome, but you did all the work. :lol:

If you ever need us again just give us a shout. Stay safe.
  • 0

Advertisements


#26
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP