Sisters friend needs help with weird virus.

Page 2 - Seeking answers? Join the Tom's Guide community: where nearly two million members share solutions and discuss the latest tech.

Jim_and_Evil

Estimable
Nov 10, 2014
24
0
4,560
My sister and her friend were at our house with their laptops studying articles for a research paper they needed to do. Her friend went to a site that had an article on childhood cognitive development and her IE page and laptop froze up and required a reboot. Her unit is a Dell Inspiron 15.6 with Intel Pentium 3558U 1.9 ghz, 4GB DDR3, 500 GB Hard Drive, Widnows 7 home premium 64bit.

She has Kaspersky Internet Security 2014 and Spybot, and when she tried to do a scan with the former, it froze up when the menu loaded and again required a restart. Then when she logged back in, the AV icons were gone and a whole ton of prno icons were taking up the wallpaper, and IE kept opening up with sexdex.com as the homepage.

After yet another restart, the boot screen keeps going until it shuts of and repeats the same thing again. Tried running in safe mode, BSOD. Tried system recovery, BSOD. Tried getting into bios, setting main boot drive to DVD drive to load Kaspersky Rescue CD, disc does not load up and keeps going onto Windows boot repeat cycle.

She is under major panic and my sister is hounding me to figure out a solution as both are not very tech savy. My parents don't know WTF to do or have any clue on what happened, and I don't have all night to deal with a pressured older sibling and her friend. What should I do?
 
Solution

Based on the original post, I would say that isn't an option. Not even booting into safe mode means there's no chance of doing a proper restore.

OP- have you tried booting a live USB, instead of the live CD? You can use WinISO, if you need a program to make a bootable USB from an ISO.

If that doesn't work so well, then you can try a different AV program's bootable ISO. If that fails, then I have a hunch that the only real way to fix this would be through a live OS, like a live Linux distro, and see what is potentially causing problems that way. Under the worst case scenario, you can use a live Linux distro for backing up files, and then just reinstall Windows. It's...

Jim_and_Evil

Estimable
Nov 10, 2014
24
0
4,560


LOL! Yeah, she paid about $390 for the dell and was not willing to spend another $400 on a hard drive. Sounds to me like they sucker in those who aren't very PC literate that will pay anything to get it fixed so they (the customers) can torrent Capitan America: The Winter Solder and have the same shit happen.
 

Jim_and_Evil

Estimable
Nov 10, 2014
24
0
4,560


The images were burnt correctly as they read on the pavilion and my laptop. The CD drive was OK because after the HD swap, the Win 7 HP installation and screens were loading as should from the disc; and after setting up windows and getting the drivers, I tested my old scratched up MGM DVD of 2001 and it read it like a boss (so it was not the CD drive).

Part of the problem could have been the ransomware that attempted to lock out the recovery options, which was conflicting with whatever else that was on there.

 

Jim_and_Evil

Estimable
Nov 10, 2014
24
0
4,560
Tell me about it!

Oh and BTW, MacAfee is total crap with a capitol C! In the process of fixing a cousins Laptop with crapafee that got hit with an FBI virus. It appears to be the latest one that corrupts everything, prevents any system recovery and even Hitman Pro can not boot, so a disk wipe and reinstallation is necessary. Only thing, is that his seems MUCH easier fixing than the Dell... because here it still reads CDs (meaning the bios or MBR isn't totally fcked!), so I can do a full HD wipe with Dariks and get a Windows 7 installation with all his data intact (since he made a backup on his 320GB external drive BEFORE this sucka hit).

(And ill tell him to dump MacAfee and get Norton (which many say is way above mc) and/or Spybot or Malwarebytes (he would need at least three since they seem to catch different things)
 

Skylyne

Estimable
Sep 7, 2014
405
0
5,010
Well, the MBR is on your HDD... So, a new HDD would easily clear things up. The downside to having the MBR fubar'd is that it appears to affect more than just the OS (and I have no idea why). Maybe it's a correlation that I've seen, but yeah.

I would advise against Norton, personally. Symantec software has a history for security problems, and the only reason I have seen it recommended is due to performance and ease of use; I've not seen anyone really recommend it based purely on security. I've always found Norton to be a joke. Lately, they've cleaned up their act; but, at the same time, I'm highly sceptical of their ability to maintain keeping their noses clean. One major problem I have with them is that they've left vulnerabilities open for intelligence agencies. The problem with that is it ultimately leaves vulnerabilities for hackers, virus writers, and any other malicious people, to take advantage of. I would never advise using a software that is owned by a company with such a history.
 

Jim_and_Evil

Estimable
Nov 10, 2014
24
0
4,560


Yeah, I know all about their buggy history too. It was my parents choice since its more affordable to them (via staples rewards and discounts), and after my dad dealing with a free AV on his XP laptop many years ago that "supposedly" kept billing him each month, they feel its better to go for a paid national brand than a shotty freeware one loaded with junkware. If it were up to me, Id look for the best ones even if they are freeware (they don't know I have SB and MB heh heh), but that's what you have to put up with while living with your (one-minded) parents

Before the past year or so, the last N360 premium we had was very problematic (read, software bugs and "Norton 360 has encountered a serious error" icons all over the place) and tended to crash when doing live updates, but did its job for the most part. While it has gotten much better with the 2014 edition (imo), I cannot rely on just N360 because like on any other AV for that matter, some things it cannot detect and intrusions can slip through. That's why I also use Spybot AND Malwarebytes for extra security coverage since each one picks up different things. Even with these three on my laptop, I never had any out of control malware that N360 (or the former two) could not remove, unlike say the "problem child" Dell I had to work with. Though I had some things like a weird coupon bar hijacker (my sis got when she used to use it) that MB quarantined, and a Trojan that Norton easily cleaned (which thankfully never came back and left nasty ill effects).
 

Skylyne

Estimable
Sep 7, 2014
405
0
5,010

Reminds me of the people who buy those WiFi security cameras, spend hundreds on their rig, and don't even realise that the software it's programmed with has atrocious security flaws that allow a hacker to spoof the video stream, or completely hijack the entire system. Seriously, there was a guy who was able to hack into a WiFi security camera network, located in a secured fab, without even going there, and could have compromised the entire security feed... IF he was a malicious guy.

Try to bash some security education into them even harder than when you were bashing your junk during the first stages of puberty... Hopefully something good will come out it, unlike puberty. Seriously though, I can't emphasise how important it is that we try to educate people on this stuff; it's so sad to see people being happily ripped off, and asking for a bigger rip off every day. It's actually causing a bigger security problem for those of us who know what's going on, albeit indirectly, so you're saving your own ass too if you can get them to learn a few things.


"For the most part..." those famous last words... I laugh every time I see that written, or hear those words spoken in computer context. Just saying lol.

Glad to hear the lappy is fixed, though. Just be sure to watch what porn sites that girl is going to ;)
 

Jim_and_Evil

Estimable
Nov 10, 2014
24
0
4,560


Yeah, I hope something good comes out of it while they don't think I've been brainwashed by the "dark side" if the internet.

I told my sister about the Linux trick when we were panicking about her friends lappy. She demanded me not to do it because she heard that Linux was "created by a 4chan dweller that put tracking software and malware in the OS"... yet she goes onto various coupon sites with low reputation scores. And when she used my lappy because the monitor with the pavilion "hurt her eyes for collage work", she would periodically get coupon apps for coupons she needed, while they were ether malware installers or hijacked my IE homepage with Sweet IM crap!

And its also like this with my parents... Only they tend to reprimand me if what I suggest "sounds bad" and/or "doesn't seem trustworthy". You don't know how deep of a hole i'm in showing things to my parents and eldest sibling that are paranoid and only listen to things that seem "right" to them.
 

Skylyne

Estimable
Sep 7, 2014
405
0
5,010

Did you tell her that Linus Torvalds's dad is in Parliament, and that he put pressure on a Microsoft rep about known security flaws in Windows? He also mentioned, during the same Parliament Inquiry, that Linus was approached by the NSA, and was asked to install backdoors into Linux. Obviously, since it is opensource, he didn't oblige; then again, why would he? Regardless, that alone is proof enough that it isn't some rogue 4chan retard. Doesn't mean you can make her believe it... but worth showing it to her.


Same story with my folks, mate. The real issue with mine is that my father is an engineer, and whenever he does his own research on a topic, he always thinks it's better than what anyone else tells him. He reads a news article and believes it without investigation. He "researches" antivirus software, and somehow never even hears about Bitdefender or Webroot. It's one thing to not know much about something, but another to not know about big names involved in the industry. Not to mention, he always thinks being "too involved" isn't worth the effort... and of course that is nonsense, especially with computers.

But... rambling now ;)
 

jjj551280

Estimable
Apr 17, 2015
1
0
4,510
Code:
I've got a new one for ya, the new Acer computer are susceptible to a new form of uefi bios overwrite virus that causes the MBR to be unrepairable as it reinserts at boot
 

Jim_and_Evil

Estimable
Nov 10, 2014
24
0
4,560
"I've got a new one for ya, the new Acer computer are susceptible to a new form of uefi bios overwrite virus that causes the MBR to be unrepairable as it reinserts at boot"


Well, that's interesting!

Good thing I don't dwindle on dodgy torrent sites for movies and shit on my Acer (since these are where all the latest virus' are coming from) ... when I can get the official releases from the local libraries in my area I frequently visit, for free!
 

Skylyne

Estimable
Sep 7, 2014
405
0
5,010


Doesn't sound like a virus problem, to me, but that's a decent possibility. Dell computers do have weak BIOS security, so that is possible.

Also, torrents are rarely the leak method used. Usually it will be on some sort of BBS styled website/fourm, shady advertisement companies, or just by placing it on a major webpage (usually one with poor designers, like Yahoo). People seriously have no idea what torrents are, and how they're actually a decent security tool for file sharing. If you get a virus using torrents, you were asking for problems lol.

Not to mention, the majority of exploits are pretty harmless for the vast majority. It's mostly intelligence and information collecting agencies that are utilising these vulnerabilities, and most malicious attackers use ways that are easier/messier.