Jul -- Computers and Technology: Something is seriously wrong

Darkdata
Ruins!? ♥
Level: 103

Posts: 2526/2892
EXP: 11446078
For next: 25328

Since: 07-04-07

Since last post: 202 days
Last activity: 10 days

Posted on 02-05-12 03:32:17 PM

Link | Quote

It sounds like you have a virus/rootkit combo.

In this case, I would recommend a backup, then a format.

(When you bring back over your data, make sure that autorun is disabled.)

____________________

Peardian

Magikoopa

16/3/1: KvSG #479 is up!

Level: 157

Posts: 5642/7597
EXP: 48603018
For next: 976215

Since: 08-02-07

From: Isle Delfino

Since last post: 10 days
Last activity: 13 hours

Posted on 02-05-12 04:19:34 PM

Link | Quote

I highly recommend giving Malwarebytes' Anti-Malware a shot. If that doesn't find it and take care of it, their support team is awesome enough that they will respond to you within a few hours of you sending them an e-mail. I've found that Malwarebytes is more reliable than any of the other scanners I've tried.

____________________
-Peardian-

"Kindness is the language which the deaf can hear and the blind can see." -Mark Twain
Get a load of this!

Gabu

Star Mario
Placeholder Ikachan until :effort: is found
Level: 172

Posts: 7750/9981
EXP: 67989571
For next: 112663

Since: 08-10-09

Pronouns: they/them, she/her
From: Santa Cruisin' USA

Since last post: 56 days
Last activity: 4 days

Posted on 02-05-12 04:20:32 PM

Link | Quote

Have you tried using GooredFix? I ended up having to use that when I kept getting redirected in my Google searches.

____________________

Lyskar
12210

-The Chaos within trumps the Chaos without-
Level: 192

Posts: 10849/12211
EXP: 99321334
For next: 552237

Since: 07-03-07

From: 52-2-88-7

Since last post: 7.4 years
Last activity: 7.3 years

Posted on 02-05-12 05:20:04 PM

Link | Quote

Stats

Time/Date
02-05-12 11:20:04 AM
Posts
10849
Days Here
1678
Level
154

Metal_Man88's Post

Go into safe mode. Run Malware Bytes. Nuke the stuff.

If it still returns, go into safe mode again. Attack with Combofix. Also CCCleaner. If it still doesn't go away, backup your data and reformat.

____________________

Eisnaught - SSQ² - Mobius Roleplay - SSS

Nksor

Beezo
Level: 46

Posts: 391/478
EXP: 662952
For next: 48822

Since: 04-27-11

Pronouns: they/them
From: olympia, wa

Since last post: 3.6 years
Last activity: 3.6 years

Posted on 02-05-12 05:30:36 PM (last edited by BlueWhirl at 02-05-12 03:11 PM)

Link | Quote

Try Sysinternals Suite. It's like Task Manager on crack. It won't really fix the problem, but it'll help you track down the problem so you can take action upon it. You can find out more information about its most popular and useful tool, Process Explorer, here.

HiJack This is useful as well.

____________________

Keitaro

Fire Snake
LOVELY ARRANGEMENT. VOLCANO BAKEMEAT
Level: 70

Posts: 1066/1191
EXP: 2901535
For next: 114276

Since: 09-09-08

From: California

Since last post: 4.1 years
Last activity: 3.8 years

Posted on 02-07-12 04:12:44 AM (last edited by Keitaro at 02-07-12 01:34 AM)

Link | Quote

I seriously appreciate everyone's advice so far. unfortunately, I seem to have somehow made the problem even worse

as it stands, the computer does not even start up (it loads, but it never plays the windows log-on noise, nor do my audio drivers ever load and is just all-around broken) and as a result of THAT, also is incapable of anything other than a hard shut-down. it won't even reboot or shut down properly, it will lock up. despite this nonsense it, in all other facets, "works", just...really awfully.

I really, REALLY don't feel like formatting this computer...is there perhaps any other possible thing I could do? hijackthis...I used it, but I honestly have no idea what it is I'm supposed to be looking for, although I'll admit nothing looked terribly odd. I even took measures and uninstalled java (figuring I could just reinstall it later) in the off chance that was somehow causing infection. If anything, that may have been what lead it to be worse?

who the fuck knows. The computer kept trying to load DWTRIG20.EXE upon startup despite not being in any startup entries, anywhere. I read that the file was safe, but literally have never seen it until now and so out of complete paranoia just outright deleted it. the computer hasn't exactly thrown a bitch fit that it's gone, but I worry that may have exacerbated my startup issues. Legit willing to do anything, if not just out of sheer determination to fuck this thing up.

Edite: Gooredfix is the one thing I haven't had a chance to try, though at the moment the computer is disconnected from the internet in fear that its going to burst in to flames or something equally moronic that only this computer would ever possibly be capable of. While it may help with my redirect issues, it does sound like there's...a bit more going on than that, but it's worth a shot

Nksor

Beezo
Level: 46

Posts: 396/478
EXP: 662952
For next: 48822

Since: 04-27-11

Pronouns: they/them
From: olympia, wa

Since last post: 3.6 years
Last activity: 3.6 years

Posted on 02-07-12 04:51:36 AM

Link | Quote

DWTRIG20.EXE, eh? That's could be either a sorta-good or a really bad sign.

Sorta good - Not really good news but meh. dwtrig20.exe is a known name that viruses like to "conceal" themselves under. That could mean that you found the virus and deleted it. That said, in this scenario, it'd be much more likely that your virus is spreading itself from file to file and gradually infecting your system (judging from all of the errors you're getting, well, yeah).

Bad - dwtrig20.exe, in its legitimate form, is an error reporter. This could mean that one way or another you screwed up something internally from either trying to fix the virus, or the screwed up insides could be the starting factor of this whole entire mess. ComboFix could have caused it, because ComboFix would be a bomb if all other antiviruses were pebbles (ComboFix's strength has completely screwed up systems before). From the way I see it, it looks like you might have had a silly little trojan and, in your attempts to fix it, somewhere down the line you baleeted something internally and caused a domino effect.

If you haven't already, save all important documents and photos (run them through a virus scanner to be safe) and put them on a flash drive or something similar.

I don't know if you're gonna be able to fix this.

____________________

Keitaro

Fire Snake
LOVELY ARRANGEMENT. VOLCANO BAKEMEAT
Level: 70

Posts: 1070/1191
EXP: 2901535
For next: 114276

Since: 09-09-08

From: California

Since last post: 4.1 years
Last activity: 3.8 years

Posted on 02-07-12 05:30:41 AM

Link | Quote

bleh

seemed hopeless enough. its times like these I'd consider switching entirely to my Mac if it weren't for the fact that theres so many darn Windows things I need to use! Thanks for all the help though. May just have to cut my losses after all ~_~

Rena
I had one (1) message in Discord deleted and proceeded to make a huge, huge mess about how it was a violation of free speech and how moderators are supposed to be spam janitors and nobody should have the right to tell me not to talk about school shootings
Level: 135

Posts: 4502/5390
EXP: 29075616
For next: 259389

Since: 07-22-07

Pronouns: he/him/whatever
From: RSP Segment 6

Since last post: 342 days
Last activity: 342 days

Posted on 02-13-12 07:38:58 AM

Link | Quote

Post #4502 · 02-13-12 02:38:58 AM

Can your Mac run Windows in a VM?

____________________

Programs

stuff goes here

Log out Shut down

Post #4502...[blag][Twitter][Freenet]

Keitaro

Fire Snake
LOVELY ARRANGEMENT. VOLCANO BAKEMEAT
Level: 70

Posts: 1072/1191
EXP: 2901535
For next: 114276

Since: 09-09-08

From: California

Since last post: 4.1 years
Last activity: 3.8 years

Posted on 02-16-12 06:56:51 AM

Link | Quote

Seriously thinking about trying out Parallels, actually

I heard that it lets you run two OSes simultaneously, and unless I've misunderstood, that sounds nothing short of fantastic.

paulguy

Green Birdo
Level: 93

Posts: 2082/2294
EXP: 8032384
For next: 20426

Since: 09-14-07

From: Buffalo, NY

Since last post: 9.7 years
Last activity: 9.7 years

Posted on 02-16-12 10:45:38 AM

Link | Quote

Paulguy's Post configuration

Don't expect to play games with fantasic performance. It might have some kind of 3d support, but it'll still perform along the lines of a geforce 2 or some kind of intel integrated. Given that, if you want to game, better stick with windows. Otherwise you can probably do anytthing else in mac os.

____________________

Peardian

Magikoopa

16/3/1: KvSG #479 is up!

Level: 157

Posts: 5672/7597
EXP: 48603018
For next: 976215

Since: 08-02-07

From: Isle Delfino

Since last post: 10 days
Last activity: 13 hours

Posted on 02-16-12 06:34:20 PM

Link | Quote

I tried Parallels, and found out that I like VMWare Fusion much better. It's great to be able to have both Windows and OSX running at the same time and jump between them to compensate for any shortcomings in either.

Unfortunately, being a VM, it won't have full access to your graphics card. You can run SNES/GBA/DS/whatever emulators fine, as well as games like Knytt and Fraxy and stuff, but don't expect to be running any games with 3D graphics.

____________________
-Peardian-

"Kindness is the language which the deaf can hear and the blind can see." -Mark Twain
Get a load of this!

Keitaro

Fire Snake
LOVELY ARRANGEMENT. VOLCANO BAKEMEAT
Level: 70

Posts: 1073/1191
EXP: 2901535
For next: 114276

Since: 09-09-08

From: California

Since last post: 4.1 years
Last activity: 3.8 years

Posted on 02-17-12 04:57:55 AM

Link | Quote

interesting...and I don't see graphics being an issue, as I'm not a PC gamer and if anything, the extent of anything like that would be related to ROM hacking anyway so

I mainly use my mac for music production/work and the issue only lies in that my main MIDI sequencer, Cakewalk, is windows-only, to my knowledge. That's actually the main thing holding me back from full on switching. Thanks for the tips! I'll make sure to look in to VMWare Fusion. What exactly is different between it and Parallels anyway?

Keitaro

Fire Snake
LOVELY ARRANGEMENT. VOLCANO BAKEMEAT
Level: 70

Posts: 1078/1191
EXP: 2901535
For next: 114276

Since: 09-09-08

From: California

Since last post: 4.1 years
Last activity: 3.8 years

Posted on 02-22-12 06:23:31 PM

Link | Quote

Just a minor update, I didn't fully abandon and format yet due to necessity

I managed to get it to start again, slightly faster which means something gave, though the main issue seems to be in redirects...not just google this time either, Yahoo! search won't open at all and ask's gets redirected results. Whatever this is, the issue lies in the hijacking. Kill whatever is doing this and my computer should be sound.

I tried clearing my hosts as a temporary solution and flushing the DNS cache. No dice. Ran both Gooredfix and Hitman. Also no dice. Any other suggestions we haven't exhausted yet?

Peardian

Magikoopa

16/3/1: KvSG #479 is up!

Level: 157

Posts: 5693/7597
EXP: 48603018
For next: 976215

Since: 08-02-07

From: Isle Delfino

Since last post: 10 days
Last activity: 13 hours

Posted on 02-22-12 06:47:26 PM

Link | Quote

Shoot an e-mail over to Malwarebytes Support (or if you can't access the webpage, support@malwarebytes.com). They respond almost immediately, and have some advanced tools that should help. They even have special randomized versions of MBAM that gets past viruses that can hide from mbam's normal activity. They saved me from the last virus I had (also a hijacker), and I'd trust them to help me solve any future virus problem.

As for Fusion vs. Parallels, I don't know much about Parallels other than I quickly learned it wasn't what I was looking for. With Fusion, you can open files on your Mac directly with a Windows program. You can also manage files from Windows Explorer (not everything, just anything inside your directory in Users (this includes the Library and Trash). You can also enter "Unity" mode, in which the Windows desktop disappears and your Windows windows are treated like Mac windows (complete with exposé names and drop shadows).

____________________
-Peardian-

"Kindness is the language which the deaf can hear and the blind can see." -Mark Twain
Get a load of this!

paulguy

Green Birdo
Level: 93

Posts: 2092/2294
EXP: 8032384
For next: 20426

Since: 09-14-07

From: Buffalo, NY

Since last post: 9.7 years
Last activity: 9.7 years

Posted on 02-22-12 07:30:35 PM

Link | Quote

Paulguy's Post configuration

There are winsock fixer utilities. That usually wipes out some things, as long as it's not resident.

____________________

Xenesis

Roy Koopa
Actually a Doctor
Level: 101

Posts: 1576/2732
EXP: 10486685
For next: 230990

Since: 07-28-07

Pronouns: She/Her
From: Orange Star's Retirement Villa

Since last post: 9 days
Last activity: 21 hours

Posted on 02-22-12 10:38:16 PM

Link | Quote

Re: Parallels vs VMWare, Parallels is great if you want a Windows sandbox inside your OSX computer. The integration to make it appear invisible to you in OSX is...not as good. I personally do 99% of my hacking within a Windows XP Parallels session and it works a treat. Hopeless for games newer than 5 years old though, if you care about that having a dualboot windows partition is a much better bet (And still sandboxes it away from your OSX install for the most part anyway).

Register - Login
Views: 99804382	Main - Memberlist - Active users - Calendar - Wiki - IRC Chat - Online users Ranks - Rules/FAQ - Stats - Latest Posts - Color Chart - Smilies	05-03-22 07:36:11 AM

Query execution time:	0.076754 seconds
Script execution time:	0.035632 seconds
Total render time:	0.112386 seconds