dslreports logo
site
    All Forums Hot Topics Gallery
spc
Search Topic:
uniqs
6620
share rss forum feed

veryfat

join:2013-01-17
BR1 3EW
reply to TheJoker

Re: [Virus] Is the computer still infected?

Thank-you "TheJoker",

The program still does not finish with Panda off.

So, if there is anything else to do, I am very obliged if you could advise me further.


TheJoker
Premium,VIP,MVM
join:2001-04-26
Charlottesville, VA
kudos:5
Reboot to Safe Mode - Restart your computer and begin tapping the F8 key on your keyboard.
If done right a Windows Advanced Options menu will appear. Select the Safe Mode option and press Enter.
To return to normal mode just restart your computer as you normally would.

Can you now run RogueKiller?
--
Proud ASAP member since 2005
Microsoft MVP/Consumer Security 2009-2010

veryfat

join:2013-01-17
BR1 3EW
Thank-you "TheJoker",

What a surprise; RogueKiller did not finish and stopped the same way.

So, if there is anything else to do, I am very obliged if you could advise me further.


TheJoker
Premium,VIP,MVM
join:2001-04-26
Charlottesville, VA
kudos:5
Please download Malwarebytes Anti-Rootkit here.
http://downloads.malwarebytes.org/file/mbar

- Unzip the contents to a folder on the Desktop.
- Open the folder where the contents were unzipped and run mbar.exe ( right-click and select Run as administrator for Vista and Windows 7).
- Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
- Click on the Cleanup button to remove any threats and reboot if prompted to do so.
- Wait while the system shuts down and the cleanup process is performed.
- Please post the two logs produced.

Please note: This tool is still in BETA mode, so please ensure you have backed up any important files.

--
Proud ASAP member since 2005
Microsoft MVP/Consumer Security 2009-2010

veryfat

join:2013-01-17
BR1 3EW
Thank-you "TheJoker",

I started the program and tried to update, but the program said it was unable to connect to the internet and asked for the internet connection to be checked. I tried again but still no update. I went on to scan the computer and that was catastrophic. Windows stopped and displayed a blue screen message that Windows had encountered a major problem and had to close and showed that a data dump was being saved (or something like that).

So, if there is anything else to do, I am very obliged if you could advise me further.


TheJoker
Premium,VIP,MVM
join:2001-04-26
Charlottesville, VA
kudos:5
Other than the blue screen, any other lingering issue from running the program? It may have simply been a conflict with your security program, and the update may be being blocked by your firewall. That's why I had you try to run RogueKiller in Safe mode. When you reboot to safe mode, do you see Panda running? If not, If there were no problems other than the blue screen and the inability to update, I would reboot like you did before, but instead of selecting Safe Mode, try Safe Mode with Networking and see if you can run Malwarebytes AntiRootkit, update it, and perform the scan and post the two log files. I think much of the problems you have had trying to run tools are related to your Panda software as I've seen no other malware problems at all.
--
Proud ASAP member since 2005
Microsoft MVP/Consumer Security 2009-2010

veryfat

join:2013-01-17
BR1 3EW
Thank-you "TheJoker",

A probable hard disc failure. After returning back to London with my XP disc, I booted the computer and can only get a red flashing boot LED (flashing about every 2 seconds). I have had this happen to this computer before and the problem has resolved by holding the on switch. with no power or peripheral connected, for at least 15 seconds. However to no avail this time. I opened the computer and unplugged the power to the hard disc, DVD writer and floppy drive. When turning on the computer in this state, the LED stayed green. Connecting the power back to the other drives one by one, only the hard disc made the LED go red. From what I know, this means that the hard disc is causing a power crow bar to trip and means the hard disc is shot. If you agree, then I think I need to use an other hard disc and load windows from scratch. If that is what I need to do then I would think a closure of this thread (if this is the correct term to use) would be appropriate.

Awaiting your response.


TheJoker
Premium,VIP,MVM
join:2001-04-26
Charlottesville, VA
kudos:5

1 recommendation

Yes, that certainly looks like a dead hard drive. It happens, I had one die last month.

Here are some links for instructions on reinstalling Windows XP from scratch.

There is an excellent set of instructions at the below link complete with screenshots of what to expect at each step.
http://www.michaelstevenstech.com/cleanxpinstall.html#steps

And another with graphics at »www.geekstogo.com/forum/topic/17···windows/

You should print out those instructions before proceeding.
Have the installation discs or a saved install file handy for your Panda Internet Security (or other security package if you decide to change) .
Disconnect from the Internet before proceeding with the installation (pull your connection cable).

- Install Windows from your Windows XP install disc.
After you reinstall Windows:
- Install your Panda Internet Security software (or another security package if you chose).
- Reconnect to the Internet.
- Update your Panda Internet Security.
- Go to Windows Update and install SP3 and ALL critical updates.
- After that, then you can start to reinstall your other software.

Some other recommendations:

To help keep malware off your system:
- Keep Windows updated at Windows Update or Microsoft Update.
- Keep your other applications updated, there are vulnerabilities that rely on exploits through other programs like Java, Microsoft Office, Adobe Reader, Flash, and others.
- Run a program like Secunia Online Software Inspector or FileHippo Update Checker to see what programs need to be updated.
- Be careful with flash drives, as they can spread infections. See this post on USB/flash drive safety.
- Stay away from P2P software; even with a clean P2P program, their networks are often riddled with malware.
- Don't click on attachments or links in e-mail, and read your e-mail in text-only mode for the highest safety.
- Don't click on links received in instant message programs.
- In place of Internet Explorer, browse with Firefox with the NoScript and AdBlock Plus add-ons.
- A HOSTS file will prevent Internet Explorer from communicating with sites known to be associated with adware or spyware. A good regularly updated HOST file is MVPS HOSTS File, available at »www.mvps.org/winhelp2002/hosts.htm
- A free non-resident utility to prevent the installation of ActiveX-based malware is JavaCool's SpywareBlaster. For real-time protection, there is SpywareGuard. Both are available at »www.javacoolsoftware.com/products.html
- I recommend reading Tony Klein's article "So How did I get Infected in the First Place?" at »Security Cleanup FAQ »How do I prevent Browser Hijacks and Spyware?
--
Proud ASAP member since 2005
Microsoft MVP/Consumer Security 2009-2010

veryfat

join:2013-01-17
BR1 3EW
Thank-you "TheJoker",

Not much goes to plan with this computer. The DVD drive will not read the XP disc. I tried the XP disc in my laptop and works fine. The DVD drive on the Compaq will play videos and so is clearly not broken. I ran section or part 3 of Windows Repair and skipped the million or so requests to insert the XP disc. Windows Repair finished, but unsurprisingly, still had the same problem after I clicked the last tab (Repair).

I am confused why the XP disc is not being noticed by the DVD Drive.

I await what your thoughts etc are.


TheJoker
Premium,VIP,MVM
join:2001-04-26
Charlottesville, VA
kudos:5
Is it a commercial disc, or one that has been copied and burned to DVD-r or DVD+R?
--
Proud ASAP member since 2005
Microsoft MVP/Consumer Security 2009-2010

veryfat

join:2013-01-17
BR1 3EW
Hello "TheJoker",

It is a commercial disc that I purchased from Amazon quite a number of years ago. It has the holographic logo on it and has a genuine product key. It is the disc I used to put XP on this computer. This is why I am so confused.

What do you suggest, if anything?


TheJoker
Premium,VIP,MVM
join:2001-04-26
Charlottesville, VA
kudos:5
You can follow the instructions here for installing Windows XP from a USB flash drive. You will need to prepare this from another system since your optical drive is not reading the XP installation disc successfully:
»www.techtipsgeek.com/install-win···ive/559/
--
Proud ASAP member since 2005
Microsoft MVP/Consumer Security 2009-2010

veryfat

join:2013-01-17
BR1 3EW
Thank-you "TheJoker",

I went out and bought a new external optical drive and using that it recognised the XP disc. So I ran the Windows Repair program, using step 3 and although the program asked me to choose an option from, Retry, More Information or Cancel, millions of times, clicking the Retry option made the new external optical drive work. Hence I feel very convinced that the program managed to access the data it needed, because the program did not ask me again to do the same (as it did before when I did not skip) and the completion bar filled to full eventually.

After Windows Repair finished step 3, I went to step 4 and saved a restore point. Then I went to step 5 and allowed the program to "Fix". The result being that Ctrl>Alt>Del still does not work.

With all the diversions that have happened with your attempts to help me fix this stupid computer, I have no idea where we are upto. So, I hope you have at least some idea where to go to from here.

Awaiting your reply.


TheJoker
Premium,VIP,MVM
join:2001-04-26
Charlottesville, VA
kudos:5
I see no malware left, and also don't see what is preventing CTR-ALT-DEL from bringing up the Task Manager. There is nothing left that I can think of. I think at this point you would do better to ask for assistance in the the »Microsoft forum, and point to your topic back here so anyone helping you can see what was already done.
--
Proud ASAP member since 2005
Microsoft MVP/Consumer Security 2009-2010

veryfat

join:2013-01-17
BR1 3EW

1 recommendation

"TheJoker", I thank-you for all your time and effort. I wish you well and take care. Bye.


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57