TechSpot

HP laptop infected

By texasrattler
Aug 6, 2008
Topic Status:
Not open for further replies.
  1. I am currectly trying it remove tons of viruses from a friends laptop. This thing had some of the most crap I have ever seen. This laptop was given to him friend a family member.

    I have used Corperate addition of Symantec,Trend Micro's House Call and SDFix.

    Can no longer use Symantec due to system ram. It just takes up to much. Weighs computer down.

    I have tried some other malware programs. Used SpyDoctor and that helped a little bit but later uninstalled it as it was no longer any use. The computer had a program called Anti MalGuard. Not sure what that was as I simply deleted it. It would not work anyways due to that fact the internet was not working but I got that fixed. I found which virus was causing the net problem and got rid of it, though it did take awhile. I also tried to use Malwarebytes but for some reason that program just hangs on dll files. Tried it like 3 or 4 times and it would start than scan for roughly 10 seconds then just hang on a dll file. I did let it sit there on the dll for like 20 minutes but I figured something was wrong and tried to abort but that would not work. I had to use task manager to close the program. Not sure if it's the viruses causing a problem or the low system ram. The computer does hang from time to time but what is exactly causing it is unknown for now. I would assume the viruses.

    All of the above have worked and failed. They worked and got rid of most virus/malware and some they did not get rid of.

    My friends computer only has a 9 gb hard drive and only has 190 mb ram so installing things can be tricky with not alot of space and very low ram.

    3 malware/spyware are still left on the computer according to Trend Micro's House Call that I have tried but failed to get rid of. House Call cannot get rid of them nor has any info on them. All I got was mainly to contact their support.
    These are the 3:
    Malware:
    TROJ_DLOADER.HAB
    TROJ_SCAPUR.C
    Spyware:
    ADW_PURITYSCA.ED

    If anyone knows how to get rid of these 3, I would appreciate it. Been trying for a couple days but so far no luck with these 3.
  2. Blind Dragon

    Blind Dragon TS Evangelist Posts: 4,048

    MBAM and SAS both target purity

    please follow these Viruses/Spyware/Malware, preliminary removal instructions and post back in this thread with the requested logs. There should be at least 3.

    1)MBAM log
    2)SAS log
    3)Hijackthis log (last step)


    ****When you run malwarebytes try clicking on the settings tab and put a check mark next to everything
  3. texasrattler

    texasrattler TS Rookie Topic Starter Posts: 37

    MBAM still just hangs after I followed advice. Everything was already checked in the settings except terminate explorer so I checked that then ran the scan. Program still hangs 10 seconds into the scan. It just stops on dll files. It's not a particular dll file either. It just stops on a dll file. Is that normal? am I suppose to wait more than 10 minutes on a single file?

    I will do SAS and Hijack. I actually ran a Hijack scan and didn't really find anything that would make me believe it's a virus but I will post a new log after SAS scans.
  4. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Before posting any logs
    Can you run MSConfig, and put it into Diagnostic Mode
    Then restart
    Then re-run the scan
  5. texasrattler

    texasrattler TS Rookie Topic Starter Posts: 37

    I just tried SAS and ran into yet another problem. It frooze during the setup wizard. I could use my mouse and everything but could not click on next. Had to shut down and reboot. The program said it could not close because of debugging and said to close the debugger. Have no idea what it is talking about.

    The laptop is on Windows 2000, I don't believe it has the ability to use msconfig. I use a special program to access my start ups.
  6. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    You're right

    You can download Windows Xp MSConfig

    Actually I might attach it....
  7. texasrattler

    texasrattler TS Rookie Topic Starter Posts: 37

    Ok, somehow I got SAS to work. After reboot the program began working. Scanning now.

    No go with SAS. It just hangs. It hangs while it was looking searching my mouse pad(touchpad) exe. Have no idea why these programs aren't working.
  8. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Doh, edit doesn't allow attach (never knew that)

    Anyway, here it is:
  9. texasrattler

    texasrattler TS Rookie Topic Starter Posts: 37

    It said the file was corrupted. It won't let me unzip it.
  10. texasrattler

    texasrattler TS Rookie Topic Starter Posts: 37

    Hijackthis is the only program that didn't hang/freeze so here is it's log.
  11. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

     
  12. texasrattler

    texasrattler TS Rookie Topic Starter Posts: 37

    What IE addons? Can you be more specific?
  13. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Yahoo
    Actually open IE properties (in Control Panel if you need to)
    Then just select Programs - Manage Addons, and go through the list to disable stuff you don't want.

    Normally I don't say this mind you
    I usually say:

    How to use Reset Internet Explorer Settings (RIES)

    To use RIES in Internet Explorer 7, follow these steps:

    1. Click the Tools menu, and then click Internet Options.
    2. On the Advanced tab, click Reset.
    3. In the Reset Internet Explorer Settings dialog box, click Reset.
    4. When Internet Explorer 7 finishes restoring the default settings, click Close, and then click OK two times.
    5. Close Internet Explorer 7. The changes take effect the next time that you open Internet Explorer 7.

    Note for users who cannot start Internet Explorer 7 for some reason, use RIES from Internet Options in Control Panel.
  14. texasrattler

    texasrattler TS Rookie Topic Starter Posts: 37

    Ok cool, will look into those.

    Great news, did your xp msconfig and ran in dianostic mode and malwarebytes is kicking some serious, well you get the idea. Finding quite a bit of infected objects. Should I post log or just clean/fix or both?
  15. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Clean remove fix

    I don't actually like the logs, except HJT
  16. texasrattler

    texasrattler TS Rookie Topic Starter Posts: 37

    Found 59 infections. Got them all removed. Lot of trojan vundo and adware mywebsearch and outerinfo.

    Will try SAS now.
  17. texasrattler

    texasrattler TS Rookie Topic Starter Posts: 37

    kimslands,

    Thanks for all your help. Never would have got this laptop disinfected if it wasn't for you. I appreciate all your help.

    SAS only found some adware cookies which is nothing in most cases. Malwarebytes is awesome. I have found a new program that actually works like it should. I will diffenately recommended Malwarebytes for any an all virus/malware and spyware/adware.

    Again, thanks for all your help.
  18. Blind Dragon

    Blind Dragon TS Evangelist Posts: 4,048

    You don't have an anti-virus or Firewall installed

    Your last hijackthis log showed an infection still present

    You will be back
  19. texasrattler

    texasrattler TS Rookie Topic Starter Posts: 37

    The laptop is not mine. I am merely trying to save it.

    There was aniti virus on there but as I have stated, the system can't handle one because of that fact the there is very little room on the hard drive and very low memory(ram). It just simply makes the computer extremely slow.

    The Hijackthis log was old and was not after Malwarebytes the scan. If my posts we read properly you would have saw that. Both Malwarebytes and SAS report no virus/malware or spyware/adware. I won't be back anytime soon. Especially since it's not my laptop. The laptop is now clean and updated according to all programs that I used.
  20. raybay

    raybay TS Evangelist Posts: 10,716   +6

    Internet Explorer 7.0 does not work well in Windows 2000 Professional, even with Service Pack 4. Stick with Internet Explorer 6.1, and look for what updates are available for the W2K version.

    MBAM MalwareBytes also does not work well with W2KP SP4, nor does HiJack This.

    If you are still using Windows 2000 Professional, stay away from WXP software fixes. You do not need them... and they just gum up the works on that limited memory you have.
  21. Blind Dragon

    Blind Dragon TS Evangelist Posts: 4,048

    Time for them to bin that one and get a newer computer in my opinion - and I don't say that often
  22. texasrattler

    texasrattler TS Rookie Topic Starter Posts: 37

    I don't use the laptop it's not mine. It has Windows 2000. I know it doesn't have anything on it that's new. It couldn't with all those trojans. The trojans actually disabled Windows Update from updating any new patches. I manually updated the system once all traces of the trojans were gone. The person this belongs to only uses it for surfing the web. Mainly his gf using it for yahoo and looking up receipes. Other than that, it's not used much. His gf's family used it before them but other people could have used it and caused all the trojans. I think too many people had access to the laptop. It's a pretty old laptop but it's good enough for what they are doing.
  23. raybay

    raybay TS Evangelist Posts: 10,716   +6

    Actually, our tests show that very, very few trojans infect Windows 2000.

    How sure are you?
  24. texasrattler

    texasrattler TS Rookie Topic Starter Posts: 37

    Well I would say I am sure based one the fact that 3 different anti-virus/malware programs found trojans and adware on the laptop. So unless your saying the software of all 3 is wrong in dectecting these files then i'm sure the laptop was infected. Most tests are subject at best, as no test is perfect and cannot account for every possible scenerio. The 3 programs that were used were Symantec Corperate Edition,Trend Micro's House Call and Malwarebytes. Even used SAS as a 4th backup.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.