Help with apparent infection

Discussion in 'ESET Smart Security' started by xiqueno, Jan 19, 2010.

Thread Status:
Not open for further replies.
  1. xiqueno

    xiqueno Registered Member

    Joined:
    Jan 19, 2010
    Posts:
    5
    Location:
    San Francisco
    Dell Vostro laptop running XP with ESET Smart Security 3. Possible infected through an email. Starting flashing announcements of malware and directing user to follow link (did not follow). Computer then shut down. Now starting it, the Windows welcome screen comes up. Entering the passwork and pressing Enter, the machine logs me off, so I cannot open Windows.

    I would appreciate help.

    Thanks.
     
  2. sherryxp2000

    sherryxp2000 Registered Member

    Joined:
    Nov 14, 2007
    Posts:
    96
    Same result with a SAFE MODE booting procedure?

    If SAFE mode works, I would run Malwarebytes. More than likely it will fix your problem.
     
  3. sherryxp2000

    sherryxp2000 Registered Member

    Joined:
    Nov 14, 2007
    Posts:
    96
  4. xiqueno

    xiqueno Registered Member

    Joined:
    Jan 19, 2010
    Posts:
    5
    Location:
    San Francisco
    Sherry,

    Thanks. I tried safe mode with same results--just logs off. I'll try the rescue CD you suggested.
     
  5. sherryxp2000

    sherryxp2000 Registered Member

    Joined:
    Nov 14, 2007
    Posts:
    96
    Did you get it resolved?

    Did you get it resolved? I sure hope so.
     
  6. xiqueno

    xiqueno Registered Member

    Joined:
    Jan 19, 2010
    Posts:
    5
    Location:
    San Francisco
    I ran the AOSS rescue scan from PC Tools. It found and disabled 4 malware files.

    However I still cannot get in to Windows. When I boot from the hard disc, the Windows welcome screen comes up. User accounts are configured with one Guest (no password) and one user (with password).

    When I enter the user password, I get the message that it is "logging off" and the computer stays on that screen.

    When I try the Guest account, the computer opens to a static "VOSTRO" screen and seems stuck there until I turn off the computer.

    I am guessing that even if the malware has been disabled by the rescue disc, it may have made changes in Windows files.

    I would appreciate any suggestions on how to proceed.

    Thanks.
     
  7. sherryxp2000

    sherryxp2000 Registered Member

    Joined:
    Nov 14, 2007
    Posts:
    96
    If the login boot is corrupt somehow, you may have to use the RECOVERY CONSOLE (google it, loads of info on it).

    Or maybe just reinstall OVERTOP and hope for the best.
     
  8. xiqueno

    xiqueno Registered Member

    Joined:
    Jan 19, 2010
    Posts:
    5
    Location:
    San Francisco
    Thanks. I'll try this.
     
  9. xiqueno

    xiqueno Registered Member

    Joined:
    Jan 19, 2010
    Posts:
    5
    Location:
    San Francisco
    Sherry,

    Many thanks for your help. I had to find the OEM Windows disc, but the Repair setup reinstalled Windows files, and the computer is now working fine. So I did not need to use Recovery Console, but I am glad to know about it.

    Again thanks.
     
  10. sherryxp2000

    sherryxp2000 Registered Member

    Joined:
    Nov 14, 2007
    Posts:
    96
    Do some INTERROGATING now

    I am glad the install over the top method worked!

    For the malware or viruses that corrupt the SYSLOGIN or BOOT files, they usually leave some garbage behind.

    Remember to install, update, and run MALWAREBYTES while you are still able to boot. For a double check, do SuperAnti Spyware also. And if you want to go futher, Spybot Search & Destroy.

    Do a FULL SCAN with your ESET product.

    Try a couple of free "ONLINE" scans also, perhaps Kaspersky, Panda, BitDefender to name a few.

    Better safe than sorry. So tackle your system pretty well with security safety checks for now while you can.

    Once you do all of that, I suggest a FRIENDLY BACKUP reminder. (at least your important photos, documents, data files, projects, installed programs list, etc.)

    Do a drive check also, a CHDKSK /R. To make sure your drive is not corrupted any.
     
Thread Status:
Not open for further replies.