Lt. Commander
Join Date: Dec 2007
Posts: 120
# 1 Need Quick PC Advice.
02-29-2012, 07:52 PM
Ok i need some help from STO friends. I left my computer downloading something and now my PC is infected/fried. I can boot to safe mode and get into system restore to take my computer back a couple days. This usually works for me. However, When I choose a reset point I go to the confirmation screen. When I hit next the computer thinks for second, then just stops being active and just sits there and never resets the computer and restore it. Im at a loss. This is Windows XP btw. Anybody got any ideas. I need a new PC anyway, but still cant afford one.
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 2
02-29-2012, 08:10 PM
http://www.malwarebytes.org/

download this, install it.

first run microsfot malicious removel tool - mrt.exe

start->run->type mrt.exe->ok

do quick scan.

then run program from above site, do full scan.. it can take a while. its better if you do it in safe mode, but not nessesery.
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 3
02-29-2012, 08:38 PM
I have that installed, but I can not get to it in the programs, even in safe mode.
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 4
02-29-2012, 09:04 PM
OK, I found a guide to remove this crazy virus. I will get it taken care of tomorrow, I hope.
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 5
03-01-2012, 03:02 AM
running mrt first is a key step, it removes viruses that prevent antivirus software to run and fix restrictions to security and antivirus websites that viruses aply. but it dont remove all of viruses, thats why you need mallwarebytes.

if you use mrt first to do fast scan and remove part of them, you shouldnt have problems to run malwarebytes.

mrt is integrated part of windows xp after service pack 2, you should have it installed on your pc, pity microsoft never bothered to add shortcut somewhere in start menu, you have to run .exe manualy.

click start button->run-> type in box: mrt.exe->hit enter or press ok
using quick scan should be enough to fix most damage that virus did and allow you to run malwarebytes antimalware.
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 6
03-01-2012, 12:12 PM
Quote:
Originally Posted by CaptSammy
I have that installed, but I can not get to it in the programs, even in safe mode.
Let me know if you're still experiencing this issue, there's a few tricks I might be able to run you through in order to fix it up and get you back to zorching the bad guys ;P
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 7
03-01-2012, 04:21 PM
Something else you can try should none of that work, is combofix.org. You'll have to follow a couple links around to get to the right download site, but it's a great anti-rootkit scanner. After running it, definitely agree with above posters on Malwarebytes. It'll take out whatever is left over.

I use the combofix quite often in my job (IT Tech), so I can say for sure it works great. There are (obviously) some viruses out there that are so damaging that it's going to require a lot more than simply removing them to get your PC back to normal... so keep that in mind.
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 8
03-01-2012, 04:51 PM
In the case of a bad virus/trojan infection, the only 'sure' way of sanitizing the machine is to format the disk, reset the Master Boot Record, then re-install the OS... In the case where the Boot files have been corrupted, and a XP repair (accessed by booting off the XP installion CD, then looking for the 'repair/recover' option) doesn't work, again a format and re-install is the only solution...
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 9
03-02-2012, 07:27 AM
Quote:
Originally Posted by Grouchy.Otaku
In the case of a bad virus/trojan infection, the only 'sure' way of sanitizing the machine is to format the disk, reset the Master Boot Record, then re-install the OS... In the case where the Boot files have been corrupted, and a XP repair (accessed by booting off the XP installion CD, then looking for the 'repair/recover' option) doesn't work, again a format and re-install is the only solution...

LOL

in my 16 years carrier as sysadmin/tech support, i never ever had to format hdd and resinstall OS.

format/reinstall "solliusion" is only used from ones that dont have a clue how to deal with the problem ...

besides, formating hdd with company finansical databse for example .... isnt not good idea
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 10
03-02-2012, 07:52 AM
Quote:
Originally Posted by avenger.bg View Post
LOL

in my 16 years carrier as sysadmin/tech support, i never ever had to format hdd and resinstall OS.

format/reinstall "solliusion" is only used from ones that dont have a clue how to deal with the problem ...

besides, formating hdd with company finansical databse for example .... isnt not good idea
But that's what corporate system backup policy is for...

In the case of a malicious trojan app, you have no idea (and in the case of a well written trojan) and no record of what files have been modified or replaced.... And the design of the Microsoft libraries (convenient for patching) makes it very easy for a Trojan to gain root access very early in the boot process and mark its files invisible to anti-virus scans...

If you've ever worked as a Sys-Admin for a Financial institution, (or a security programmer at a company that supplies equipment for them...) you would have a very different take on this issue...
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


All times are GMT -7. The time now is 12:45 AM.