BleepingComputer.com: Infected or Windows broken? - XP laptop problems after cleanup of trojans

Jump to content

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Infected or Windows broken? - XP laptop problems after cleanup of trojans Asus XP Home Edition SP3 trojans cleaned but...

#1 User is offline   david240 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 14
  • Joined: 07-October 10

Posted 16 November 2010 - 01:23 PM

I was asked to look at a friend´s laptop because boot terminated in BSOD ´Unmountable boot volume 0x00..0ED. Before reaching that point it asked one to press Enter to load SPTD. The BSOD followed regardless of pressing Enter, Escape or doing nothing.

DrWEb live CD scanner reported one of the owner´s downloads, Ares.exe, as infected with ´Trojan.MulDrop1.40731´ and I allowed it to delete the file.

Simple Registry Eeitor on Ultimate Boot CD comlained ´Volume is dirty, mounts read-only´. Ran ChkDsk.
From UBCD got no indication of problems from A-Squared, RootKitty (no differences found). USing SuperAntiSpyware free I quarantined some of the cookeis and two registry keys it reported (sadly don´t have a logfile for that).

I discovered that I could allow the machine to run applications successfully by replacing the missing(!) Rundll.exe from another PC´s installation.

Then installed updated and ran Malwarebytes´ Anti-malware. Quick Scan showed problems, all quarantined with a reboot.

Now various programmes were atarting up after boot, the first time I saw them: Daemon Tools lite (failed), Skype, Messenger, AVG, SpywareDoctor. The Daemon tools installer appeared to run OK.

I installed Spyware Terminator for its Analysis...

When I can get to open the log files again (se below), I can tell what the reported or post them if requested,

Now XP always fails to install a mouse driver when plug mouse in to USB, e.g.: device manager then shows HID Devices: Darfon standard mouse; drivers for this device not installed, although in the properties it does say Drivers: USBFltr , by Waytech DEvelopment. There´s no backupto roll back to. On on eUSB port the New Device wizard says Cannot install this hardware, error installing device, 'Datos no válidos' (it´s all in Spanish on this laptop). On the other USB port, there is a beep but nothing else happens. Device manager shows the same. A USB flash drive is useable on the same USB ports.

The latest problem is that some recently modified folders or files are inaccessible even to the 'Administrator' account in Safe Mode.

Checkdisk finds no problem with the system disk.

The question is, is this just because Windows has been left 'broken', or is there likely still some infection? Can anyone please recommend whether it´s worth posting some scans on the Malware forum for these symptoms?

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users