Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Net Win32" trojan. Now windows logon appears and I don't know password


  • Please log in to reply
11 replies to this topic

#1 Dirty_Diana

Dirty_Diana

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 01 August 2009 - 06:44 PM

I clicked on a link to a website, and it immediately started downloading something to my pc. Macafee started popping up dozens of notifications about "Net Win32" trojans being detected and quarantined. Many of the files it refered to looked like normal windows files. I have MBAM already installed and it also popped up a message saying a trojan had been detected. I immediately ran the MBAM scan and it picked up about 14 infections. After the scan, I went to the quarantine tab and removed all the infected items. It then said I had to restart the computer, which I did.
Now my problem is that when restarting, it takes me to a windows logon with the User name "Owner" displayed. I never had a logon enabled on the pc before. Now I'm stuck because I don't know what password it is looking for, and I can't get past the logon window.

Starting in safe mode makes no difference. Nor does "Last known Good Configuration". I always end up at the logon window.

Help!!!

Edited by Dirty_Diana, 01 August 2009 - 06:55 PM.


BC AdBot (Login to Remove)

 


m

#2 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:10:53 PM

Posted 01 August 2009 - 08:32 PM

If there is no password then all you have to do is hit the enter key?

Is that a paid version of MBAM?
Chewy

No. Try not. Do... or do not. There is no try.

#3 Dirty_Diana

Dirty_Diana
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 01 August 2009 - 08:39 PM

Hi,
When I hit enter ("Owner" in User Name, leaving the password blank), it initially looks like it is going to start up normally... I get the message "Loading your personal settings". But then I get "Logging off", and then it comes right back to the logon window. So I'm stuck at the logon.
Any advice?

And yes, it was a "paid for" copy of MBAM that had the active monitoring turned on

Edited by Dirty_Diana, 01 August 2009 - 08:40 PM.


#4 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:10:53 PM

Posted 01 August 2009 - 08:49 PM

I suspect McAfee did delete some critical files

I don't think there's a password set.

You might get a repair to work, or even use system restore, what OS is this?

What about safe mode with command prompt?

Edited by DaChew, 01 August 2009 - 08:50 PM.

Chewy

No. Try not. Do... or do not. There is no try.

#5 Dirty_Diana

Dirty_Diana
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 01 August 2009 - 08:57 PM

It is windows XP home edition.
Safe mode with command prompt still brings me to the logon window

I wish I could get to the system restore tool, because I had set a restore point a few days ago. Is there any way I could get to it without the logon?

#6 Dirty_Diana

Dirty_Diana
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 01 August 2009 - 09:00 PM

Oh I also tried the logon with "password" entered in the password field, but it doesn't work.

#7 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:10:53 PM

Posted 01 August 2009 - 09:01 PM

We really just need a generic oem xp home disk to run a repair, your system restore points may be wiped out already.
Chewy

No. Try not. Do... or do not. There is no try.

#8 Dirty_Diana

Dirty_Diana
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 01 August 2009 - 09:06 PM

The computer is a Compaq desktop that came with XP pre-installed and no disks. The only disk I have is a system recovery disk that will re-install the factory system from the separate partition. It is not a boot up disk. I will lose all applications and updates that I installed subsequently, so I am trying to avoid that.
I don't have a generic boot up disk

#9 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:10:53 PM

Posted 01 August 2009 - 09:56 PM

http://oem.windowsreinstall.com/Compaq/Compaq_XPfull.htm

Are you sure about that destructive option being the only one?
Chewy

No. Try not. Do... or do not. There is no try.

#10 Dirty_Diana

Dirty_Diana
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 01 August 2009 - 10:17 PM

You are correct... there are 2 options available. The first "non-destructive" option won't delete data files, but will retore applications drivers and operating system back to factory-shipped condition. It says "... you need to re-install and re-configure any application that you installed yourself". I interpret this to mean that any appplication that I installed subsequent to buying the computer will be lost. That is what I am trying to avoid, but it sounds like I don't have any other option.

Just want to add that the computer was bought in 2003, so I don't think it even had XP service packs at the time. I will have to update XP all over again, not to mention all the other software that I've accumulated over the years.

Are you aware of any recovery procedure available that will not blow away my applications?
Is my only option the system recovery?

Edited by Dirty_Diana, 01 August 2009 - 10:26 PM.


#11 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:10:53 PM

Posted 01 August 2009 - 10:50 PM

There's a very good chance even with a system repair(if you could borrow a disk), the infection would still require a format.

I am afraid we are beating a dead horse. The computer may have already been on it's last legs and needed a clean install.

The service packs are fairly easy to download, archive and install.
Chewy

No. Try not. Do... or do not. There is no try.

#12 Dirty_Diana

Dirty_Diana
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 01 August 2009 - 11:44 PM

Darn! Not what I wanted to hear. Oh well, I will have to proceed with the system recovery, and spend the next few days re-installing stuff. I hope I can track down the disks, and that the software I bought via download can be downloaded again. Also hope that the recovery will actually resolve my problem with the logon screen. I would hate to do the recovery and lose all my stuff, and still have the logon problem

Edited by Dirty_Diana, 01 August 2009 - 11:46 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users