Avast WEBforum
Other => Viruses and worms => Topic started by: Opaline on July 19, 2013, 12:59:22 PM
-
Hello everyone.
I have recieved an old computer (Compaq mini) with Windows XP which is really slow. I have downloaded avast and made a scan .....aaand there are loads of threats. I have 6 results for the scan and some of the infected files do come from Windows/system32.
I don't know anything about computers and I have no idea of what I should do. I have a CD to format the hard drive but I don't know if it is a good idea.
I already apology for my ignorance :)
For what it's worth, the threats are HTML:I:frame-inf, Win32:Malware-gen, Win32:Bamital-BC, Win32:Bamital-BA and Win32:Adware-gen.
Thank you for your help!
-
Please attach your logs. (AdwCleaner, MBAM, OTL and aswMBR..!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0
-
you may also attach a screenshot of the avast scan result
-
Barmital may need a USB scan. Do you have a USB available ?
-
Hello everyone
So I am back from holiday, thank you for your answers. Here are the logs asked and a print screen of the avast result. The Extra log and the aswMBR log will be posted in a next message.
-
The extra and the aswMBR log.
Thank you !
-
Hi there, if there is nothing important on this then due to the presence of Barmital I would recommend a reformat... However, if you wish to attempt a clean
Create an emergency repair USB drive:
Download Dr Web Live USB (http://www.freedrweb.com/liveusb/?lng=en) to your desktop
- Connect a USB flash drive to the computer. Registering the plugging in event takes no more than 10 seconds.
- Launch drwebliveusb.exe.
- The program will detect available USB-devices automatically and prompt you to choose the one you’d like to use as an emergency repair drive. You can format the device if you like (a warning will be displayed before you proceed with formatting). In order to read the License agreement, follow a corresponding link found in the program window (the page containing the license agreement text will be loaded in your default browser).
(https://dl.dropbox.com/u/73555776/liveusb_ru.jpg)
- To create a bootable USB flash drive, press the Create Dr.Web LiveUSB button.
- Files will be copied automatically.
- Once the copying process is completed, press the Exit button to close the application.
- Reboot the infected computer with the USB in the drive
- Ensure that the first boot device is USB - If you are not sure about that then see this page (http://www.hiren.info/pages/bios-boot-cdrom) for instructions
- As loading starts, a dialogue window will prompt you to choose between the standard and safe modes.
(https://dl.dropboxusercontent.com/u/73555776/Live%20boot%20screen.png)
- Use arrow keys to select DrWeb-LiveCD (Default)
(https://dl.dropboxusercontent.com/u/73555776/drwebselect.JPG)
- Press select objects for scanning
(https://dl.dropboxusercontent.com/u/73555776/drwebfolders.JPG)
- When the system is loaded, check the disks or folders you want to scan, and click on Start.
- The programme will now scan for and cure/delete any malware that it finds. Allow it to do so
(https://dl.dropboxusercontent.com/u/73555776/drwebscan.JPG)
(https://dl.dropboxusercontent.com/u/73555776/drwebscancomplete.JPG)
- Select Open Report and copy to the USB
- Once completed reboot to normal windows, and attach the report here
-
Ok thank you for your quick answer. I don't know how to format as it doesn't have any CD player... So I suppose the best option is the cleaning with the USB drive...
-
OK lets give it a whirl, this may take several posts to clear though and the Dr Webb scan may take an hour or so
-
I'll post the scan results as soon as I have them but internet is really slow in here so it'll take me more than an hour just to download the program :)
If the format is easier and quicker maybe I should try that.
-
A format would be the optimal solution with regards to speed and safety of the computer
-
Ok I'll try that then. May I ask if there is any safe website explaining the step-by-step format for a computer without any cd player?
-
OK does this computer have a recovery partition or will you need an XP on a stick :)
-
Haha I don't even know what it is. On another website the told me to do the Winnt32.exe (in the C:/windows file).
So now, it seems that I removed everything and installed a new XP on my computer BUT :) I just can't seem to install internet anymore and the resolution is locked at 640x480 which is pretty awful. So now I don't have any viruses (I hope so) but I can't use my computer anymore :) perfect. the icon for internet connexion is not even there anymore! that looks pretty bad to me.
Anyway was the winnt32 thing a good idea?
-
Well I'm confused, when I go to the program files, all the previous programs are still there (ex avast) but they don't work.
-
Well I never saw that used before to re-install XP, what is the computer make and model ? It may have a recovery partition..
-
it's a compaq mini 110 (hp), the model : 110c-1010SB
-
Download and install the link I sent you to a USB or borrow a USB cd drive and use the link to create a CD
-
Ok thank you. I'll come back with the results of this in a few days as I don't know anybody with a usb cd player, I'll have to find one. Can I do it with only a usb stick?
-
Yes use Rufus to burn it
Download the following programme to your desktop :
1. Rufus (http://rufus.akeo.ie/downloads/rufus_v1.3.2.exe)
Insert the USB stick Then run Rufus
(https://dl.dropbox.com/u/73555776/rufus.JPG)
Select the ISO file on the desktop via the ISO icon.
Press Start Burn
(https://dl.dropbox.com/u/73555776/RufusISO.JPG)
-
Ok Just to be sure, this step will only put the right program on the USB stick? As i don't have internet anymore on the computer, I'm on my own laptop and I don't want to mess anything because this one contains loads of important things.
So I download the Rufus and do the burn step on my laptop (as I have internet on this one) and then I connect the usb stick to the compaq mini, right?
ps: I am really impressed by the time you take to answer me considering that I really don't understand a thing about computers and I must seem really stupid ;) Thank you.
-
That is correct download the ISO and Rufus to the desktop of the working computer
Then run Rufus and select the ISO you downloaded.
This adds nothing to the host computer apart from the files on the desktop
Then boot the other computer with the USB and proceed to a fresh install
-
I've tried with 3 different usb stick and it doesn't work. It says that the media may be used by another application and that it can't be opened.
-
Could you try this programme http://www.isotousb.com/
-
ok it works. so now "Then boot the other computer with the USB and proceed to a fresh install". How do I do that? I've read on a website that I have to go to the BIOS when I start my computer and change some settings so that my computer starts on a usb stick, is that right?
Edit : ok so I've done that, I chose the usb in the menu and it says that BOOTMGR is missing. With the iso to usb programm I only changed an option . It's the "File system" it was on "Fat32" and I chose "NTFS" like on your screenshot.
-
Try with FAT32 as this is an old programme
-
Ok I don't have this error anymore but It doesn't change anything.
I'll explain what I exactly do :
I turn on the computer and press F9 to access the option "Change the Boot device order"
Then I choose the USB drive and press enter
A black screen appears asking me to remove the "drive" (I suppose it's drive, it's in french and it says "disque") and then to press a key to restart.
- If i do so by removing the usb stick, the computer starts like before and nothing changes
- If i don't remove the usb and press a key, the computer starts like before and nothing changes :D
-
OK insert the USB
Reboot to safe mode > command prompt
Locate the USB and run setup.exe
-
oh, what does reboot to safe mode > command prompt mean? I am really sorry but I understand less and less in this topic...
-
Reboot the computer and immediately keep pressing and releasing the F8 key
This should bring up the safe mode menu
From there select command prompt
At the command prompt type CD.. do this until the prompt just reads C:
Then type in the following command:
wmic logicaldisk where drivetype=2 get deviceid, volumename, description
This will show the drive letter for the USB
Then type at the command prompt the letter of the USB drive i.e E:
When the prompt changes to E:> then type setup.exe
-
It says the wmic is not a known intern or extern command a software or an executable file.
Now I don't even know how to shut down my computer :D
-
Just reboot, I will confirm that those commands are applicable to XP.
-
I'ts just that when I press f8 And then I choose the command in safe mode, then the computer starts and asks me to choose which session I want to use then the command is displayed and it's like C:\Documents and Settings \Propriétaire: and not C:\ alone no matter how many times I press C or D. :/
-
The command cd.. will take you up to the main level but you must put two dots after the cd
-
:) ok thank you so now I have C:\> but it still doesn't work, it says the wmic is not known.
edit 1 : Well I think I'll just turn on the computer like before go to look where the usb is located (here D:) and then start the computer in safe mode and type D:
edit 2 : It says that the version on the USB is older than the one on my computer, and that replacing my version by an older one will loose all the parameters (I don't really understand what it means) Shall I continue nonetheless?
-
Yes continue and select custom install and reformat the drive details on how to do that are here http://www.geekstogo.com/forum/topic/173729-reformat-and-install-of-windows/
Start here FORMATING PARTITIONING AND INSTALLING
-
Well I think I'll bring the computer to someone who knows what to do.
When I get the warning that the version on the usb is too old, I can't select "continue" I only have access to "informations" and "cancel". And when I do what is explained on the link you gave me (which is not the same process), I don't have the same menus and the same options.
-
I am afraid at times it can be difficult determining what the problem is working online, can try a clean if you wish, this time within windows