Help idiot fell for scam!

aliEnRIK

aarrgghh wrote: »

Suggest you read my post first before commenting. I do give advice. Perhaps you do not understand the concept of trying less dramatic measures first. Is this beyond your usual "malwarebytes and highjack this" cure?

I can remove most problems. I could probably remove this one too. But my advice is not to risk it.

Im sorry but your advice isnt clear to me. Please elaborate to the OP exactly what your suggesting

Sounds to me like your suggesting throwing a few scanners at it and if the OP believes its still infected (How theyd know for certain im really not sure) then you recommend spending more money on it??

aarrgghh

aliEnRIK wrote: »

I can remove most problems. I could probably remove this one too. But my advice is not to risk it.

Im sorry but your advice isnt clear to me. Please elaborate to the OP exactly what your suggesting

Sounds to me like your suggesting throwing a few scanners at it and if the OP believes its still infected (How theyd know for certain im really not sure) then you recommend spending more money on it??

"Throw a few scanners at it" That's rich from the throw scanners at it king. So you think wipe it all out and start again is the solution. You are not going to bother trying to help the OP then? Not bother trying anything else first. What is the risk of trying other solutions? The worst case scenario is they don't work. With your non-solution the OP can not back up anything for fear of transmitting any virus to the new install.
Do you know how to do anything other than use Malwarebytes and Highjackthis?

aliEnRIK

aarrgghh wrote: »

Do you know how to do anything other than use Malwarebytes and Highjackthis?

Im probably one of the few, if not the only poster on this site that can read combofix logs and write mini notepad files to remove nasty files using it. I would normally do this (Amongst many other things) except neither I nor anyone else could say for absolute certain the the computer would be clean. I could be 99.5% sure, but never would I hold my hand on my heart and state for absolute certain that the machine would be 100% safe to use.
So for the OPs sake, im advising not to risk it.
If the OP says theyve no intentions of wiping the drive (Entirely their call) then ill help where I can. But I really advise against this action

But hey. Youve made it quite clear where you stand to me, so ill leave you to dream your little dream

aarrgghh

But hey. Youve made it quite clear where you stand to me, so ill leave you to dream your little dream[/QUOTE]

You are a most ignorant and obnoxious person. I merely suggested that there would be no loss to trying less drastic measures first. If anyone lives in dream world it is you. In your dream world you are god. In reality you are a pathetic, egomaniac and not worth the effort of further discourse.
The OP has their choices, the matter there is resolved. Any bickering is not to their benefit.

aliEnRIK

aarrgghh wrote: »

In your dream world you are god. In reality you are a pathetic, egomaniac and not worth the effort of further discourse.

I use my OWN time to help people on here with little to no knowledge of computers
If you feel im 'pathetic' for that then thats entirely upto you. But I feel those people I have helped (especially those that would have spent a lot of money to put right) might disagree

Egomaniac? If someone puts bad advice on here then ill respond as such. Following your awesome advice the OP might have run a few scans thinking everythings ok whilst in the background their bank accounts being emptied (Or whatever). If me trying to protect their bank accounts makes me an egomaniac then so be it. Personally I dont think it does.

esuhl

aarrgghh wrote: »

You are a most ignorant and obnoxious person. I merely suggested that there would be no loss to trying less drastic measures first. If anyone lives in dream world it is you. In your dream world you are god. In reality you are a pathetic, egomaniac and not worth the effort of further discourse.
The OP has their choices, the matter there is resolved. Any bickering is not to their benefit.

Oh dear - how vey childish. You accuse aliEnRIK of being ignorant and obnoxious, yet your posts are more-or-less a series of petty insults and sarcastic arrogance. You have failed to suggest an alternative solution, making your advice more-or-less pointless since you clearly don't understand the specific nature of the vulnerability in question.

Look again at what you wrote:

• Suggest you read my post first before commenting.
• Perhaps you do not understand the concept of trying less dramatic measures first.
• Is this beyond your usual "malwarebytes and highjack this" cure?
• "Throw a few scanners at it" That's rich from the throw scanners at it king.
• So you think wipe it all out and start again is the solution.
• You are not going to bother trying to help the OP then? Not bother trying anything else first.
• With your non-solution the OP can not back up anything for fear of transmitting any virus to the new install.
• Do you know how to do anything other than use Malwarebytes and Highjackthis?
• You are a most ignorant and obnoxious person.
• If anyone lives in dream world it is you.
• In your dream world you are god.
• In reality you are a pathetic, egomaniac and not worth the effort of further discourse.

Maybe your entire post was a joke so you could finish with the punchline:

aarrgghh wrote: »

Any bickering is not to {the OP's} benefit.

It's completely uncalled for and makes you look foolish. There is no need to be so confrontational if you disagree with someone's helpful suggestions. Simply state your opinion and reasons and leave it to the OP to make their own mind up. In my opinion, reinstalling the OS would be the fastest, easiest and surest way to resolve the issue. Feel free to offer a different opinion, but don't be a !!!!!! about it.

phillipsdj

I agree with esuhl.

I think it's true that aliEnRIK can sometimes have a 'short' way with words that could possibly provoke some people but I don't think he deliberately tries to wind people up.

The help he provides on this forum is invaluable and, although I don't post often, I read this board several times each day and I would love to know the stats for number of people he has helped free of charge - I would hate to know how much these people would have paid accumulatively if they'd paid to get their computers fixed!

Let's stop the bickering and get back to the geeky, techie stuff - that's why people like me come here!!

jbreckmckye

aliEnRIK wrote: »

I agree. Its not worth risking everything for the sake of a format

Honestly, formatting isn't the holy grail of malware protection. Firstly, formatting only clears a filetable, and does nothing to either the mainstay of the disk or MBR. That latter one's important. Worms typically take residence of the MBR for stealthing purpoes. I'd explain why this is, but I'd have to give an account of interrupt vectors and stacks, and most people wouldn't find it that interesting.

Anyhoo, MBR-resident worms become active on boot, even after OS reinstallation, or even partitioning.

Not that it matters. It really should be enough to run msconfig from the Run Prompt and disable the necessary remote assistance services, before ensuring that the firewall works on a 'whitelist' basis for all outgoing connections.

Use the AV scan, too, if it makes you feel happier.

drsquarah

Wow I didn't know this would cause such a hot debate! Thank you all so much for your careful thoughts, expertise and consideration. I'm truly grateful. I'm also massively confused and even some of the really basic advice seems in another language to me. I was hoping there was something straightforward I could do. I haven't used the laptop since not has my external hard drive been connected since. I've decided to wait for the expert to come round on Monday.

Thank you again.

sharkie

jbreckmckye wrote: »

Honestly, formatting isn't the holy grail of malware protection. Firstly, formatting only clears a filetable, and does nothing to either the mainstay of the disk or MBR. That latter one's important. Worms typically take residence of the MBR for stealthing purpoes. I'd explain why this is, but I'd have to give an account of interrupt vectors and stacks, and you probably wouldn't be interested.

Anyhoo, MBR-resident worms become active on boot, even after OS reinstallation, or even partitioning.

jbreckmckye, you are right. Dban the disk first, then follow aliEnRIK's methods which probably by itself will remove 99.9% of all viruses:)

Not that it matters. It really should be enough to run msconfig from the Run Prompt and disable the necessary remote assistance services, before ensuring that the firewall works on a 'whitelist' basis for all outgoing connections.

jbreckmckye, you are again right, there at least 5 remote 'assistance' products - or things that can be configured as such. I can name 5, others may be able to name more. Also there are the doctored and misconfigured settings files that may let people in. MSconfig probably will not disable or enable the some of them and you also have to know how things can be abused or configured to allow access, and only then are you able to stop them.