[spotco2]

My parents have a HP desktop and Gateway laptop that both have XP. They are not serious computer folk, but they enjoy the internet and I am typically their first call for tech support.

Both machines are a couple of years old and over the years they have contracted a virus or three. Each time they have taken the machine to a local guy (only one in their town), had the virus removed and the operating system reinstalled.

Both machines are starting to have issues again and I was going to walk them through a system restore only to find out that it was turned off. The more we dug around we also discovered that the Task Manager has been disabled and I have not been able to figure out how to turn either back on.

I do not have a problem with them just taking their computer to someone to have it fixed, but I am starting to question the ethics of the guy they have been using.

Could he have turned these things off when he set up the computers the last time so they would have to bring them back for any issues? They have also had several things pop up and tell them that they would have to log on as Admin to do whatever it was and they only have one user account on each computer and it does not have a password or show another user ID.

I've heard rumors of this guy doing some things that I did not like, but it would really upset me if he is turning things off intentionally so that they could not do something as simple as open the Task Manager to see what is really running in the background.

 

[PBCounty]

I'm finding that viruses / spyware are now able to disable task manager and safe mode. I wouldn't blame the guy yet.

 

[Deanster]

Both Task Manager and System Restore are common targets for malware to attack, so I wouldn't blame the guy yet.

it's really tough these days for unskilled people to manage a Windows machine safely... it's easy for an incautious click to get bad stuff on, and it can be nearly impossible for even skilled people to get it gone.

 

[tbhracing]

Tagged, be back tomorrow.

 

[spotco2]

Thanks folks for the fast responses.

I would like to think it was the fault of a virus and was not aware that they could disable these functions.

 

[Von Hayes]

Run Msconfig. (start/run/msconfig) Go to services tab, disable anything not Microsoft.

Go to startup tab and disable anything you're not sure about.

If you're still having problems after this, go see the guy.

 

[PBCounty]

My latest infection (Internet Security 2010) even deleted the *.exe's of my anti-maleware software. They're getting smarter.

 

[NickC50310]

Yup, modern malware can do all that stuff. They just keep getting nastier and nastier. By far the most common one I come across is fraudware. Whats better is the newer stuff shuts down almost everything that could possibly defeat it. When Malware Bytes first came out, it could defeat nearly anything because the malware hadnt caught on to disable it yet. Most things I have been encountering lately do shutdown or block Malware Bytes from updating.

 

[dotsun]

I'd be more tempted to blame the users in this case.

 

[gwalchmai]

Reinstall OS so you know where you're starting, setup both of them as non-admin users, then install LogMeIn on the machines so you can provide remote support. Install Avast or AVG (or something better if they don't mind paying). Next take an hour to teach them basic security stuff. Charge them a reasonable fee for your services, but don't gouge, and things should work out fine.

 

[HKUSP45Css]

Stop!

Read this thread:

http://glocktalk.com/forums/showthread.php?t=1181299

Your parents have been infected by a fraudware variant. They are notorious for doing what you're describing, it was not the tech.

There are step by step instructions in the thread I posted.

 

[HKUSP45Css]

Yup, modern malware can do all that stuff. They just keep getting nastier and nastier. By far the most common one I come across is fraudware. Whats better is the newer stuff shuts down almost everything that could possibly defeat it. When Malware Bytes first came out, it could defeat nearly anything because the malware hadnt caught on to disable it yet. Most things I have been encountering lately do shutdown or block Malware Bytes from updating.

Did you know you can update the definitions manually? http://mbam.malwarebytes.org/database/mbam-rules.exe just run this proggie after you install MBAM (in safe mode) and Robert's your father's brother.

 

[grendelprime]

Not a solution, but another tool to mitigate future damage, update their hosts file to direct the most common e-junk to never-never land.
MalwareBytes is an excellent tool to find/remove/prevent a variety of infections, but it is important to keep it updated and run routine scans.
Having Automatic Updates turned on is another good practice.

 

[vote Republican]

I hate that MS installs windows with the users defaulting to admin privileges. Easy to use, yes, but makes it way too easy for viruses to root & take over.

Set up a "std" user, use firefox, anti-virus and anti-spyware, auto update of the OS. Make a system image when everything is set up & activated but before they surf the net, so you can restore from there.

Consider Win 7, the UAC function is very nice on this one (stops a lot of stuff, not very intrusive).

Consider giving them a VM within Win 7, if they get hosed you can just delete it & start over (make a "template" VM, copy it for a running edition).

TEACH them about malware emails, don't click on anything suspect.

Set up windows explorer to show all file extensions.

 

[HKUSP45Css]

I hate that MS installs windows with the users defaulting to admin privileges. Easy to use, yes, but makes it way too easy for viruses to root & take over.

Set up a "std" user, use firefox, anti-virus and anti-spyware, auto update of the OS. Make a system image when everything is set up & activated but before they surf the net, so you can restore from there.

Consider Win 7, the UAC function is very nice on this one (stops a lot of stuff, not very intrusive).

Consider giving them a VM within Win 7, if they get hosed you can just delete it & start over (make a "template" VM, copy it for a running edition).

TEACH them about malware emails, don't click on anything suspect.

Set up windows explorer to show all file extensions.

Or, just use FireFox.

Seems like an easier solution to me.

 

[spotco2]

Run Msconfig. (start/run/msconfig)

Yeah, Run ain't there either.

Thanks everyone for the info. You have restored my faith in humanity (well, at least I am doubting that it was all his fault now).

Sounds like they have critters in their computers for now and that will need to be dealt with.

I can about figure where the crap comes in at and that is chain e-mails from my aunt. Mom thinks that she has to open every one that my crazy-catlady aunt sends her.

Insted of LogMeIn, can I just set up the Remote Assistance thingy?

 

[TuxthePenguin]

Yeah, Run ain't there either.

Thanks everyone for the info. You have restored my faith in humanity (well, at least I am doubting that it was all his fault now).

Sounds like they have critters in their computers for now and that will need to be dealt with.

I can about figure where the crap comes in at and that is chain e-mails from my aunt. Mom thinks that she has to open every one that my crazy-catlady aunt sends her.

Insted of LogMeIn, can I just set up the Remote Assistance thingy?

Windows Key + R will bring up the Run menu.

 

[spotco2]

Windows Key + R will bring up the Run menu.

I thought so too.

 

[DR. HOUSE]

just a thought here......................why dont you buy them a GOOD anti virus program?

The free ones are OK, but they arnt near as good as the ones you pay for.

May I reccomend Norton anti Virus. I cant tell you how much I like norton anti virus. Its a great anti virus/spy ware program.

It alerts you when somethings going on and takes care of all that stuff for you. It even runs the virus scan while your not using the computer or even in the background when you are.

from my expierence, you install the program and it literally runs itself.

Norton has so much more to offer then avg or any other free program.

Its a little pricey BUT how much do your parents spend each time they take it in to get it fixed and the hassel each time.

Now a days, its just a stupid idea to get on the internet without a good virus program.


This is what I reccomend.

http://www.bestbuy.com/site/Norton+...18117578846&skuId=9516561&st=norton&lp=6&cp=1

 

[NickC50310]

Did you know you can update the definitions manually? http://mbam.malwarebytes.org/database/mbam-rules.exe just run this proggie after you install MBAM (in safe mode) and Robert's your father's brother.

I never knew for sure until I saw that but I figured you could. What I have found is that if you can get MBAM to install and actually run it will get it cleaned up enough to actually allow an update.

I reccommend AVG or Avast, IMHO both are just as effective as anything you will pay for.