PDA

View Full Version : Virus Problems - Windows Xp



XSVTOY
18-03-2009, 10:59 PM
Hey there team,

Just wondering if someones able to help me out with a small/medium/semi large problem i have.
Currently havea desktop PC that i had left at my parents place for a couple of months whilst flatting, upon returning and turning it on after my little brothers hadda decent play and added who knows what to it , it no longer will connect to the network, media player doesnt work at all and wont open, when you open a browser up it closes right away, wont let you install anything at all, you run adaware and it blue screens and well alot of other things such as msconfig wont work so i cant do anything to source the problem, just wondering other than formatting (due to the amount of info on the drives) if theres anyway possible that i could do something to fix this?

Any help on this would be greatly appreciated,


Cheers heaps in Advance

Mike

Speedy Gonzales
18-03-2009, 11:03 PM
Welcome to the forum

Connect it (the hard drive) to a working system (if there's another computer there)

If its an IDE hard drive, remember to jumper it first

Then scan it with something like Avast (or whatever virus scanner is on the PC you connect it to)

Then get Trojan remover / malwarebytes below (install it on the PC that you connected the hdd to - update them first), then scan the hdd thats connected.

Then see what happens (put it back on the PC it was in). If it boots into Windows, disable system restore.

Will it boot into safe mode? Press / hold F8 after you reboot, and select safe mode / safe mode networking

Blam
18-03-2009, 11:11 PM
Welcome to PF1:)

If you cannot slave it as speedy suggested, try this first:

Disable System Restore to Prevent Reinfection:
Right Click My Computer>Properties>System Restore Tab>tick turn off system restore on all drives
Firstly, see if you can Download MBAM (http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button) on another pc, then copy it to a flash drive or burn it to a cd then run on the PC.

Once that is done, do the same with Spyware Terminator (http://www.spywareterminator.com/download/download.aspx)

Do full scans, and update first.

If it BSOD's, try doing it in safe mode with networking(Tap F8 when booting PC)

Also, what is the BSOD that pops up?

And is the browser IE?

After doing scans with MBAM and SpywareTerminator, download HijackThis (http://majorgeeks.com/downloadget.php?id=3155&file=15&evp=3304750663b552982a8baee6434cfc13) and run it on the affected machine, then copy and paste the log here. Tick all the entries we tell you to tick, then click the "Fix Checked" button afterward.

Blam

XSVTOY
18-03-2009, 11:15 PM
as much i would like to be able to take the drive out and put in another comp its not possible, only have the one desktop and a laptop which im on now

Computer does boot into safe mode but wont let u install anything either, ill try see if i can get those programs you suggested to work,.

Cheers for the help mate :)

Speedy Gonzales
18-03-2009, 11:17 PM
You in NZ Xsvtoy?? Or somewhere else?

Select safe mode/networking, see if it can get on the internet (thats if its connected to the internet now)

XSVTOY
18-03-2009, 11:19 PM
yup im from nz aye mate, bottom of the south for me :)
have tried booting it with network support but didnt seem to connect either :(

Blam
18-03-2009, 11:22 PM
Whereabouts in Auckland?
We can fix it if this doesn't work out.

Ok, don't worry about connecting to the network, just download MBAM from another machine and run it.

After picking up most nasties you'll be able to do normal stuff again.

We'll solve the problems one by one;)

Blam

Speedy Gonzales
18-03-2009, 11:24 PM
What if you reboot, and press/hold F8 and select last known good configuration??

See if it boots into windows. If it doesnt get into windows, boot back into safe mode. Go to start/run, and type msconfig.

Go to the startup tab. Tell us whats here. The name of the program and file/folder its in. We'll tell u what to untick.

It could be something here thats crashing it

Speedy Gonzales
18-03-2009, 11:24 PM
Whereabouts in Auckland?

I think he meant the Sth Island not Sth Auckland :p

Blam
18-03-2009, 11:33 PM
I think he meant the Sth Island not Sth Auckland :p

lol only just realize that!:p

XSVTOY
18-03-2009, 11:34 PM
yup south of the south = not south auckland coz there is light past the bombays :P eheh
just tried to install Mblam? and it came up with
"Runtime error 372"
Failed to load control vbalgrid from vbalsgrid6.ocx. Your version of vbalgrid.ocx maybe outdated. make sure you are using the version of the control that was provided with your application

Have COmodo reg cleaner running of pendrive atm

Speedy Gonzales
18-03-2009, 11:38 PM
See whats in msconfig as well. Thats probably why its having probs.

If its a virus / trojan or something its command maybe here

Comodo reg cleaner probably wont remove it, if its a virus

You need a virus scanner

For that runtime error go to start/run type

regsvr32 vbalsgrid6.ocx

See what happens

XSVTOY
18-03-2009, 11:59 PM
tried the boot from last known good config etc and still doesnt let me run msconfig, its just coming up saying that its not there and cant find it? also does this in safe mode as well

XSVTOY
19-03-2009, 12:01 AM
for the runtime error it came up with Loadlibrary("vbalsgrid6.ocx") Failed, The specified module couldnt be found

Blam
19-03-2009, 12:03 AM
Uninstall anything names "MindSoft Utilities" in add/remove.

Many system files may have been corrupted by this virus, go Run>cmd>"sfc /scannow"
Should take between 30mins-1hr.

Note Space between "c" and "/'

XSVTOY
19-03-2009, 12:18 AM
cheers mate, ill set it up to run that now

just noticed in the browser properties it has the following website:
ww w. 3929.cn/?tn=1029

Dunno if thats of any help as to wat it may or may not be?

Blam
19-03-2009, 12:28 AM
A random asian website

The browser has probably been hijacked, once everything is done it shouldn't happen any more.

Blam

Myth
19-03-2009, 08:40 AM
First off, do you have an existing AV on this machine, and does it run ok?
Have you had a look in Add/Remove Programs for anything in there that looks dodgy, or you know theres no way you downloaded. Take a note of the names and let us know.

Start the machine in safe mode, get rid of any programs you know to be dodgy, and run your AV to see if it will remove anything

Failing this (and seeing you are deep south) send a message to pctek (http://forums.pcworld.co.nz/member.php?u=10393), she had a shop in Gore, but runs her business from home in Wyndham. She will definitely be able to get you up and running again :)

XSVTOY
19-03-2009, 10:23 PM
used to run avast on it but its subscription expired.
tired the whole repair windows thing and sadly it didnt fix the msconfig problem

only other thing i havent done is downloaded hijack this and ran that so mite try that now and post the log up

Blam
20-03-2009, 08:38 AM
You can reregister Avast! free on the Avast! website