Help Diagnose PC Virus Problem

[Phog Allen]

Evening gents. Our HP netbook has evidently been infected with a VERY troublesome virus or malware. From what Googling I have done(and that is the subject as you will see), this thing is possibly the "Google redirect virus".

Here is how this started. A few days ago a pop up screen appeared on the netbook's display called Thinkpoint. It alleged to be anti virus software and of course it told me the pc had a tonne of infected files and needed to be scanned immediately if not sooner. Uh huh. Ok, I have been down this road before. There was no way I was clicking on that thing. Yet I also knew that sometimes hitting the "X" button at top right of screen actually starts the install with these malware apps instead of closing it. So I tried to control+alt+delete to bring up task manager and stop the process. No dice. So I just shut the pc down. Big mistake. It just installed the ruddy thing when I restarted it. I don't think there was any hope once that screen showed up.

So after the install of course you cannot find Thinkpoint anywhere in add/remove programs. I looked around the net and found instructions on how to remove Thinkpoint with Malwarebytes and it seemed to do the trick. The biggest problem with Thinkpoint is that it stopped the pc cold from going to any site at all. The only remnant I found of it after the malware disinfection was indeed an entry in the programmes menu that I deleted. Then the troubles started for real.

I can Google a search topic and it shows legit results. Yet if you click on them it takes you to crazy shopping sites and links to obvious spam. It is just infuriating. I have used Malwarebytes in safe mode to try to kill off whatever it is. It finds stuff like Rootkits and what not and deletes them. The reboot brings the pc to normal...for awhile. After about two to three searches it starts all over again. Maddening. I don't think this infection "hurts" your pc as such but going to those spam sites is sure to cause major trouble. This is crapola. A pox on all spammers/virus punks and any other who thinks this is funny. Searches suggest this the Google redirect virus and it is supposedly very hard to get sorted. Someone please help me out here. I am not even sure what I have. I just know it is wreaking havoc with the pc. I will reformat and reinstall if it comes to it. I am tired of this.

Regards, Todd

 

[Commander Quan]

http://www.myantispyware.com/2010/10/18/how-to-remove-thinkpoint-uninstall-instructions/

This site tells you how to use Malware bytes to remove it completely.

 

[Go West Young Man]

The easiest thing to do it back up your files and then re-install Windows from scratch.

 

[ImaWestie]

Best thing I ever did to my netbook:
http://www.ubuntu.com/desktop

NOT the netbook edition.

Download it, run it from USB, if you like it - install it.
Flash, office equivalent, web browsing, wifi, webcam support straight from the first reboot.

 

[Phog Allen]

Hi guys. Thanks for the feedback. I think I have gotten this pox cured now. I used Kaspersky TDSSKiller to finally get the rootkit problem solved.

Commander Quan, that tutorial is precisely what I used to get rid of Thinkpoint. What I believe happened is that Thinkpoint took me to those bollocksed up "shopping" sites and that is where the Google redirect virus came from. It was maddening because repeated scans with Malwarebytes would not turn up anything of note. Well, at least not anything I could decipher. It returned a few things in temporary files and I would have it delete them. Yet even after reboot, within two to three web searches the redirects would start again. I knew that had to be a Trojan or something similar so the Googling began. And since the redirect issue would come up so fast, I would reboot every two or three hits! Ugh. Anyway, I kept finding repeated reference to TDSSKiller on sites like Bleeping Computer(I think that is right). So against my nervous judgement about running unknown apps for this stuff since most of them are fake too, I went ahead and tried it. Bingo. It found the rootkit in moments. I clicked the "cure" option and rebooted. Scanned again. Gone. Yippee. So we shall see how this goes. I reran Malwarebytes as suggested by the tutorial and no results were found. So for now it seems to be solved.

And as for Ubuntu, if I keep having issues with XP on this netbook it could happen sooner rather than later. I like XP. My old desktop is stable as bedrock with it but this netbook has been wiggy since day one. I suspect some of it is HP's use of Roxio Back Ontrack rather than system restore in Windows. This thing has only a 16gb hard drive(ssd) and I have always been afraid of adding too much to it. This is why I was surprised at the horrid infection. I rarely if ever download anything to this pc. Somehow you can get that redirect virus just by surfing I guess. Linux does not suffer this malady.

Beware this damnable Thinkpoint deal. Get rid of it fast guys. It leads to bigger troubles pronto.

Regards, Todd

 

[Phog Allen]

Best thing I ever did to my netbook:
http://www.ubuntu.com/desktop

NOT the netbook edition.

Download it, run it from USB, if you like it - install it.
Flash, office equivalent, web browsing, wifi, webcam support straight from the first reboot.

Say, just for information's sake, why the full version for the netbook and what are the differences? I am not questioning your advice, I simply do not know the differences. I can tell you this, other than some A/V editing and Netflix streaming there is less and less reason for me to use Windows anymore.

Regards, Todd

 

[DougK]

Say, just for information's sake, why the full version for the netbook and what are the differences? I am not questioning your advice, I simply do not know the differences. I can tell you this, other than some A/V editing and Netflix streaming there is less and less reason for me to use Windows anymore.

Regards, Todd

The main difference is the Unity user interface. Ubuntu's netbook page is at http://www.ubuntu.com/netbook. It works really well when you have a lower-resolution screen like you find on most netbooks. However, you can always install the regular edition and then add Unity later if you want to.

 

[Phog Allen]

The very fact this netbook does not have an optical drive or a reinstall cd/dvd is the ONLY thing that kept me from going the wipe it clean route a day or two ago. I have had an ongoing power management issue with this thing for months now. Many times you cannot shut it down or do a restart without out pulling the power supply and battery. That is not a "solution" in anyone's book. Questions about it have led to suggestions of virus attack. I am going to be doing some shut downs and reboots the next few days to see what is up. I was also having(still have?)an issue with the usb ports becoming unresponsive. I am going to contact HP and see if they can supply me with a reinstall cd that I can copy to usb stick and just reformat and install anyway. I know I can buy the back up cd, I just don't know if I can copy it for installation.

Regards, Todd

 

[raisindot]

Question about TDSSKiller:

I've just spent a good chunk of change to get the Kaspersky Internet Security 2011program. Is TDSSKiller incorporated into this? I'd like to think that Kaspersky can protect against these sort of thing by itself, without having to download a totally different app.

In any case, I've downloaded TDSSKiller anyway, just in case I need it sometime.

Jeff in Boston

 

[Phog Allen]

You know Jeff, that is a good question. I really don't know much about Kaspersky. When I found the errant behaviour occurring on the pc I started searching based on what it was doing. The redirect virus came up in TONNES of search queries and almost all of them that included some sort of tutorial on how to rid yourself of it included a link or reference to TDSSKiller. That led me to Kasperksy's site. After awhile I finally said enough is enough and downloaded the scanner and went to town. I am certainly glad it worked. As I said, I know nothing about their products but it seems to be all they do and that is likely a good sign. If you do not mind to do so, can you post up your impressions of the software suite they sell? I have always had very mixed results when buying a security suite. It always seemed as if they were trying to be all things to all people. And in the process none of the applications seemed to be as good as they would have if the publishers would have just stuck with one or two things and perfected it.

Regards, Todd

 

[Troggie]

Say, just for information's sake, why the full version for the netbook and what are the differences? I am not questioning your advice, I simply do not know the differences. I can tell you this, other than some A/V editing and Netflix streaming there is less and less reason for me to use Windows anymore.

Regards, Todd

The main reason to use the full version over the netbook version is that the netbook version has its own UI and can be a bit of a pain to install applications on compared to the full version of ubuntu. I like to use Blender under ubuntu but I had the hardest time trying to get it to run under the netbook version.

 

[LinuxMintyFresh]

The main reason to use the full version over the netbook version is that the netbook version has its own UI and can be a bit of a pain to install applications on compared to the full version of ubuntu. I like to use Blender under ubuntu but I had the hardest time trying to get it to run under the netbook version.

OR... you could go with Linux Mint LXDE made specifically for low power machines

Seriously though, I did enjoy the Netbook Remix that (9.x) Ubuntu offered, and the newest edition is looking even better. I liked the layout and the icon size. Since I used the netbook for mainly word processing and internet access, I never had problems with implementing any software.

 

[Go West Young Man]

I tried Linux for about 3 minutes on my netbook - then realized I needed to learn a whole new programming language to get anything beyond the simplest tasks done. Pass.

 

[LinuxMintyFresh]

I tried Linux for about 3 minutes on my netbook - then realized I needed to learn a whole new programming language to get anything beyond the simplest tasks done. Pass.

I don't know what you were trying to do, but any user should be able to get along in Mint or Ubuntu with simple GUI interface. It isn't any more difficult than Windows or OSX for the vast majority of functions. I know almost no coding, but have been able to use Linux for a few years now. You either set it up like Windows with a start button and applications listing, or like OSX and use the launchpad. It's super simple.

I think the problem was that you only gave it 3 minutes.

 

[Go West Young Man]

I don't know what you were trying to do, but any user should be able to get along in Mint or Ubuntu with simple GUI interface. It isn't any more difficult than Windows or OSX for the vast majority of functions. I know almost no coding, but have been able to use Linux for a few years now. You either set it up like Windows with a start button and applications listing, or like OSX and use the launchpad. It's super simple.

I think the problem was that you only gave it 3 minutes.

Agreed - for internet surfing and word processing, it was easy enough. The problem was more that any software packages I wanted to install didn't existk in Linux, and the workarounds/equivalents involved page after page of hand coding.

I have a GPS running watch with a windows based software interface that had a 2-step installation process : 1) click here 2) select "yes" (ok, I exaggerate a bit ) The equivalent linux program doesn't exist and the only solution I could find involved 8 pages of incomprehensible tech speak (https://forums.garmin.com/showthread.php?t=1281)

I have my music organized in mediamonkey, and you can't just 'turn it on' in Linux, you need to fidget and fuss with the system, get WINE running, etc.etc. Even then you're not guaranteed it'll work.

I'm a tech savvy guy, but I want my programs to turn on and work. Some people enjoy messing around with the undercarriage, and Linux seems to work well for that, but I'm looking for a simpler interface.

 

[ImaWestie]

My own netbook is 8GB SSD + 8 GB SD-card Acer Aspire One.
My problem with the netbook linux was the "unity" interface, I prefer "vanilla" kde.

From what I can work out, if it is a Windows XP program, getting it to work with Wine is no harder than adding the right service pack before you install a program that needs the next service pack up from what you already have.

 

[Phog Allen]

You know chaps, it is amazing how much better a pc runs once you get rid of the bloody malware. This little netbook was running slower than January's molasses and now that Google Redirect has been exorcised, it functions much faster. I suspect the power and possibly the usb functions are working closer to normal as well. I am still going to contact HP about an OS image of some sort. I am too dubious of these viruses being completely vanquished. I strongly suspect the registry never will never be truly "fixed". The clean up tools had to modify and edit the registry.

Eventually I would like to reinstall the OS to make sure things are fresh and new. And even more, a netbook edition of Linux interests me greatly. This netbook is only really used to access the web and occasionally link up with my wife via webcam when she is away on business. Though limited in power they are beyond handy for this purpose.

Regards, Todd

 

[raisindot]

If you do not mind to do so, can you post up your impressions of the software suite [Kaspersy sells]? I have always had very mixed results when buying a security suite. It always seemed as if they were trying to be all things to all people. And in the process none of the applications seemed to be as good as they would have if the publishers would have just stuck with one or two things and perfected it.

I've used all sorts of things, from Norton Security to System Mechanic Professional to the freeware stuff to Microsoft Security Essentials.

I must say that Norton is the absolute worst in terms of slowing down everything and being nearly impossible to totally eradicate from your PC.

Microsoft Security Essentials is free, and that's about the best thing about it. On my system, it absolutely brough Internet Explorer to a crawl and slowed down everything considerably.

SM Professional doesn't seem to slow down much.

I got Kaspersky because there was a good rebate deal on a three-PC version. I'd say it doesn't put any really noticeable drag on performance, which is a nice thing, plus it does have parental tools built in, which I need to put on the PC my teenager uses.

In terms of how these things stop viruses, I really don't have much to offer, since I haven't (as far I know) been hit by one in several years, which corrupted everything and forced me to totally resintall Windows. Whatever virus program I was using didn't catch it.

Last year I got with the same redirect virus thing that hit you. Got right past the Spyware S&D and SM Professional checks. Had to use Malwarebytes to get rid of it.

The one thing none of these things can't do is stop the Hotmail virus going around that somehow logs into your Hotmail account and sends a message with attachments or links to everyone in Hotmail contact list. This has happened to me twice, and has never been detected, which makes me think the virus attacks hotmail directly, rather than going through your PC, since it didn't touch my Outlook contact list.

Jeff in Boston

 

[ImaWestie]

I am still going to contact HP about an OS image of some sort.
Eventually I would like to reinstall the OS to make sure things are fresh and new.

Do you have an install CD that came with the netbook, plus another pc with a cd-rom or better optical drive, plus a usb key?

If you have these things, then all you need is to go to http://www.nliteos.com/ to convert the cd to a bootable usb to install windows from. You slipstream the latest service pack onto your cd as well if you feel like it.

If you don't have all that, a ritmo usb to sata/ide cable, plus a standard desktop cd/dvd rom drive, is pretty cheap (but then so is a slimline usb dvd rewritable drive). If you were in Australia I'd point you to msy.com.au, but you aren't in Australia so I won't bother

 

[Phog Allen]

Hi Westie. No, I do not have a CD/DVD image for the XP sp3 install on the netbook. The major companies do all possible these days to NOT include a CD image for you in the box. Particularly with these netbooks. Their excuse is since you don't have an optical drive, you don't need a backup. Bollocks.

When I bought my Dell desktop a few years back I had to STERNLY demand my back up disks from them. It took about twenty minute but they agreed to send them. Good thing too. My install posting a few days ago highlighted the install on a new hard drive. Without the backup Cd I would have had to either by the CD from them(funny, I bought the rights to the OS when I bough the machine eh?) or buy a hard drive from them already loaded with the OS and the apps that came with it. I didn't even bother to ask how much all that would have cost.

As for the nLite, I have heard great things about it but have never used it. Will it work with OEM images? And second, if I obtain the image on disk from HP, do you think it could be copied to usb stick for boot/installation? All these newer pcs will boot from usb and hopefully this will replace backup cds in the near future. CDs are dirt cheap though so it would likely be an added cost. I would do it though. Thank again for the suggestions. BTW, I think the HP backup image is $15 which is not too bad.

Regards, Todd