XP Security trojan/virus?

neil_g said:
who says there aren't professionals here?
Click to expand...

Beat me to it Neil! Whilst I appreciate there are forums specifically aimed at computer issues I've always found you guys to be extremely helpful and technical wizzards! Plus I "know" you and don't know the other forums :D

I've also assumed that many of you work in the IT industry in some form or another and are therefore professionals!

I have actually already visited those other forums and found quite often that there is conflicting advice as well which can be even more confusing!

Back to the netbook tonight to give it another bashing :bonk:
 
neil_g said:
Avast > MSE.

MSE has let a few of these fake anti-malware programs through in my experience.
Click to expand...

MSE 1.0 performed better than Avast in the last independent test, but AV-Comparatives has yet to publish new results for upgrades to both of them.

Both are excellent AVs, and MSE is lighter on resources. Obviously you shouldn't just rely on an AV for protection, as the most effective method of prevention is being careful on the internet.

Edit: Didn't include link - http://www.av-comparatives.org
 
Last edited by a moderator:
you dont need a set of logs to suggest that one or a combination of anti-malware applications would deal with this issue.

someguy201 said:
MSE 1.0 performed better than Avast in the last independent test, but AV-Comparatives has yet to publish new results for upgrades to both of them.
Click to expand...

maybe (i actually proposed that MSE replaced Sophos in our corporate environment recently), but avast is lighter and seems to offer better protection in the real world.. at least against this particular issue.

Blackwijet said:
I've also assumed that many of you work in the IT industry in some form or another and are therefore professionals!
Click to expand...

only 12 years in the industry.. nothing major matey.. :p
 
someguy201 said:
MSE 1.0 performed better than Avast in the last independent test, but AV-Comparatives has yet to publish new results for upgrades to both of them.

Both are excellent AVs, and MSE is lighter on resources. Obviously you shouldn't just rely on an AV for protection, as the most effective method of prevention is being careful on the internet.

Edit: Didn't include link - http://www.av-comparatives.org
Click to expand...

Avira outperforms them both and has a tiny resource footprint. :p
 
Avira does, but the version they tested isn't free.

AV choice basically comes down to personal choice, as the "best" AV changes every few minutes according to opinion/new databases.

Also, the XP Security malware does not cause redirects. It should be completely removed by MBAM, and the latest versions of it don't stop MBAM. It's not the only infection present on the system from the symptoms appearing. - So I suggested going to an expert malware removal site where you can get free indepth analysis of your machine for all malware present, I was trying to be helpful.

Apparently thats not appreciated and I've done something massively wrong :thinking:
 
It's all very well debating the relative merits of differing AV offerings but you're all forgetting about the most powerful av resource available.

It's the soft squidgy eejit that operates the mouse and keyboard. This has the power to prevent all known infections as well as the means to circumvent even the best av software. There are people who happily and safely browse the net and handle emails without any av protection.

Engage brain before clicky linky!
 
someguy201 said:
Avira does, but the version they tested isn't free.

AV choice basically comes down to personal choice, as the "best" AV changes every few minutes according to opinion/new databases.

Also, the XP Security malware does not cause redirects. It should be completely removed by MBAM, and the latest versions of it don't stop MBAM. It's not the only infection present on the system from the symptoms appearing. - So I suggested going to an expert malware removal site where you can get free indepth analysis of your machine for all malware present, I was trying to be helpful.

Apparently thats not appreciated and I've done something massively wrong :thinking:
Click to expand...

not wrong, but youre stealing the our issue.. we need self gratification for fixing other peoples issues god dammit..

:D
 
The free version works just as well as the paid and it's a consistent top performer along with Avast!

MSE is good too but it doesn't perform as well as the other two ;)

There are a few experts on this site with a good few years of experience between them - they know what they're doing. Your advice may have been well intentioned but it could have been better phrased. :p
 
2blue4u said:
It's all very well debating the relative merits of differing AV offerings but you're all forgetting about the most powerful av resource available.

It's the soft squidgy eejit that operates the mouse and keyboard. This has the power to prevent all known infections as well as the means to circumvent even the best av software. There are people who happily and safely browse the net and handle emails without any av protection.

Engage brain before clicky linky!
Click to expand...

If it wasn't for those pesky users... :D

Keeps us all in a job though ;)
 
neil_g said:
not wrong, but youre stealing the our issue.. we need self gratification for fixing other peoples issues god dammit..

:D
Click to expand...

Join a tech site :p

Islander said:
The free version works just as well as the paid and it's a consistent top performer along with Avast!

MSE is good too but it doesn't perform as well as the other two ;)

There are a few experts on this site with a good few years of experience between them - they know what they're doing. Your advice may have been well intentioned but it could have been better phrased. :p
Click to expand...

Sorry, but I think you just took it the wrong way. I don't think I phrased it badly or offensively, I wasn't questioning anyones skill here, and would have no grounds for doing so anyway. It was a suggestion I made, based on the fact I know the level of quality of helpers on these sites, the best of which work for security vendors.

In general I've seen enough professional computer techs and admins, that are skilled at their jobs, but know next to nothing about malware. Thus I reason on forums it's sensible for me to suggest reliable help. I apologize if I didn't do thorough background checks on all of you, and monitor your level of expertise over the past few years. :bonk:

I stand by my advice, don't take it as a personal criticism about any of you, it's general advice I would offer on any forum.

Engage brain before clicky linky!
Click to expand...

This makes around 1% of general users :LOL:
 
All helpful suggestions more than welcome on here, but a lot of people 'live' on here and don't want to go to other forums they've never used.... :D

I'm no expert, just some eejit who has a slight idea what he's doing (some of the time). :nuts:
 
oh dear this all seems to have got a bit heated!

However the netbook issue is still unresolved, I'm handing it over to someone else as I've done everything as advised (at least twice) and something is still lurking as even the USB memory stick got infected with Recyler and Trojan.Bamalit (or something like that) . I can't even load Hijack programme to show the logs, can't run Malware or Superantispyware.

Owner of the netbook has now learnt her lesson about keeping Av upto date and firewalls and being careful what sites she visits etc and isn't too worried if the netbook dies and OS has to be reinstalled which might be the route they go down.

However, thank you to everyone for your advice because if nothing else I found three nasties on my pc and cleaned it updated it and now have the programmes installed to help keep it clean and know where to come if I need any more help(y)

I'm also slightly paranoid now about Malware and viruses:D
 
Trojan.Bamital probably.

Make sure you reformat your USB stick. Hope it gets resolved :)

Malware is nasty stuff, remember to be careful what you click on and download.
 
Oh yes did that! took both memory sticks to work, scanned, removed and reformatted!!
 
I am quite surprised there is not a "factory settings" portion of the hard-drive?
 
I'd imagine it does have a restore partition, especially since you get no discs these days - problem is it's not always obvious how to use/access it.....
 
How would you access the restore partition normally? I'll have a go at anything ...
maybe I should rephrase that :D
 
It would normally be one the F keys on booting up.... sometimes in the F8 menu system, but could by F10 etc. Try F8 and 10 first, then just work your way through them. Very, very unlikely it'll be F1 or F2.... can you remember the make/model of the netbook?
 
The manufacturers partition can usually only be accessed using their own software that will be preinstalled on the laptop.

Companies like Dell, Toshiba etc want you to make restore discs when you first use the laptop, so that you can access it if the system goes wrong. When they do that, without their software you can't access it and it's useless.

I think Sony still has the restore partition accessible without backup discs and software, but most seem to use their own software for it.
 
They don't expect you make restore DVD's on netbooks, as they have no means of writing the discs, so there is normally a restore partition on them....
 
Hi all, apologies for not responding earlier but had a bit of a hectice weekend.

However, its a Compaq Mini 110.

I've done a search for this machine and found a few varying suggestions of how to a) reach the safe mode b) system restore c) restore partition. None of them seem to work for this machine, I believe it has been jinxed!

I did get to Windows Boot Manager using F4 and f5 another time but the only option it had was to start windows XP and it took me into the full version not safe mode, so I am officially giving up, friend has pinched her husbands laptop anyhow which is a work one so hopefully fully protected!

Thanks again for the advice and help!
 
Apparently F11 on startup should do it on that model..... or this should do it, but she's have to select the correct model of 110 at the right hand side.
 
Last edited:
DekHog said:
Apparently F11 on startup should do it on that model..... or this should do it, but she's have to select the correct model of 110 at the right hand side.
Click to expand...

yep already tried that one as well (F11) option - didn't do anything. I did have one bright idea which seemed to work, I left a memory stick in and then rebooted and low and behold it booted up with the options of going into safe mode, safe mode with networking, last good config etc. Result! but sadly no, I booted into safe mode and it stayed in the command prompt, seemed to list a load of drivers so bloody quick I couldn't read them and then went back into the option list. whichever option I tried it did this so I had no choice but to power off, reboot into normal mode. However, then I was able to copy Malware bytes to the desktop which it hadn't let me do before and start that up.

It picked up about 25 Trojan's and PUM.Hijack(various versions) which it deleted. although it came up with the fact that it couldn't delete a couple but didn't list what they were in the log. Then said it had to reboot to complete and at that point died completely! All I get now is the prompt flashing at me on a black screen.:shrug:
 
Silly point but did you select F Lock before you pressed F11?

Sometimes the F Lock is not automatic on startup and the F keys then don't work.
 
Blackwijet said:
It picked up about 25 Trojan's and PUM.Hijack(various versions) which it deleted. although it came up with the fact that it couldn't delete a couple but didn't list what they were in the log. Then said it had to reboot to complete and at that point died completely! All I get now is the prompt flashing at me on a black screen.:shrug:
Click to expand...

Are you able to get into Safe Mode? When you turn on your PC does it go straight to the black screen?
 
someguy201 said:
Are you able to get into Safe Mode? When you turn on your PC does it go straight to the black screen?
Click to expand...


Err as per my previous comments this netbook never seemed to have a safe mode until I left a memory stick in (see comment 107) when I rebooted.

However the safe mode didn't work (again as per comment 107)
 
To access Safe Mode you would need to press F8 to get the loading screen, this wouldn't normally appear.

When you turn your PC on do you get any loading screen at all? Or does it go straight to the black screen?
 
someguy201 said:
To access Safe Mode you would need to press F8 to get the loading screen, this wouldn't normally appear.

When you turn your PC on do you get any loading screen at all? Or does it go straight to the black screen?
Click to expand...

Yes I realise about F8 is how to get to safe mode normally, but on this machine that didn't work at all.

no nothing but a black screen and cursor line flashing top left hand corner
 
Ok, did you have any important files/data on your netbook?

You've been hit by quite a complex infection, which appears to have corrupted the Windows Master Boot Record, I'm not sure whats happened to the BIOS but if thats also corrupted it's complicated to fix. As you're on a netbook, that limits your options a bit due to no CD drive. Any files should still be recoverable if they are important, but would need another computer to slave the hard drive to.

It's beyond my knowledge to fix in this situation as you can't even get to the BIOS boot screen. If you can find a way to get as far as booting from USB, then it's easier to deal with. You should be able to get to the BIOS POST screen even without a hard drive present. If the BIOS is corrupted, it's much harder to fix yourself.

I would contact the manufacturer and see what they can do. Someone else here might have a better suggestion, but situations like this are why we ask for logs first on tech forums...
 
Last edited by a moderator:
Yup I'd already determined it was thoroughly infected as it had had no AV protection since around January (believe me friend has been thoroughly told off for this!). Superantispyware had found well over 300 nasties and then Malwarebytes (when I was finally able to get it to run) found another 20 plus.

I would like to have been able to supply logs but at the beginning I couldn't run any programme to get them!

I had already told her at the very beginning that it might need to go back to supplier/manufacturer but she asked me to carry on trying and if it "died" she wasn't worried as it had been a pain in the butt since she bought it a couple of years ago and as I said in previous thread she had pinched her husbands laptop (which is thankfully very well protected).
 
Well, at least she has a new paperweight now. It's unfortunate as this situation could have been avoided. Modern malware is incredibly complex and can be destructive.

Hopefully the manufacturer will be able to do something, if not she doesn't seem to mind.
 
You must log in or register to reply here.
Back
Top