Help with apparent infection

[xiqueno]

Dell Vostro laptop running XP with ESET Smart Security 3. Possible infected through an email. Starting flashing announcements of malware and directing user to follow link (did not follow). Computer then shut down. Now starting it, the Windows welcome screen comes up. Entering the passwork and pressing Enter, the machine logs me off, so I cannot open Windows.

I would appreciate help.

Thanks.

[sherryxp2000]

Same result with a SAFE MODE booting procedure?

If SAFE mode works, I would run Malwarebytes. More than likely it will fix your problem.

[sherryxp2000]

And if you can't boot, try this place

http://www.thefreecountry.com/securi...escue-cd.shtml

It allows you to create some bootable ISO CD's, asuming you have access to another PC.

[xiqueno]

Sherry,

Thanks. I tried safe mode with same results--just logs off. I'll try the rescue CD you suggested.

[sherryxp2000]

Did you get it resolved? I sure hope so.

[xiqueno]

I ran the AOSS rescue scan from PC Tools. It found and disabled 4 malware files.

However I still cannot get in to Windows. When I boot from the hard disc, the Windows welcome screen comes up. User accounts are configured with one Guest (no password) and one user (with password).

When I enter the user password, I get the message that it is "logging off" and the computer stays on that screen.

When I try the Guest account, the computer opens to a static "VOSTRO" screen and seems stuck there until I turn off the computer.

I am guessing that even if the malware has been disabled by the rescue disc, it may have made changes in Windows files.

I would appreciate any suggestions on how to proceed.

Thanks.

[sherryxp2000]

If the login boot is corrupt somehow, you may have to use the RECOVERY CONSOLE (google it, loads of info on it).

Or maybe just reinstall OVERTOP and hope for the best.

[xiqueno]

Thanks. I'll try this.

[xiqueno]

Sherry,

Many thanks for your help. I had to find the OEM Windows disc, but the Repair setup reinstalled Windows files, and the computer is now working fine. So I did not need to use Recovery Console, but I am glad to know about it.

Again thanks.

[sherryxp2000]

I am glad the install over the top method worked!

For the malware or viruses that corrupt the SYSLOGIN or BOOT files, they usually leave some garbage behind.

Remember to install, update, and run MALWAREBYTES while you are still able to boot. For a double check, do SuperAnti Spyware also. And if you want to go futher, Spybot Search & Destroy.

Do a FULL SCAN with your ESET product.

Try a couple of free "ONLINE" scans also, perhaps Kaspersky, Panda, BitDefender to name a few.

Better safe than sorry. So tackle your system pretty well with security safety checks for now while you can.

Once you do all of that, I suggest a FRIENDLY BACKUP reminder. (at least your important photos, documents, data files, projects, installed programs list, etc.)

Do a drive check also, a CHDKSK /R. To make sure your drive is not corrupted any.