Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected or Windows broken? - XP laptop problems after cleanup of trojans


  • Please log in to reply
No replies to this topic

#1 david240

david240

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:28 AM

Posted 16 November 2010 - 01:23 PM

I was asked to look at a friend´s laptop because boot terminated in BSOD ´Unmountable boot volume 0x00..0ED. Before reaching that point it asked one to press Enter to load SPTD. The BSOD followed regardless of pressing Enter, Escape or doing nothing.

DrWEb live CD scanner reported one of the owner´s downloads, Ares.exe, as infected with ´Trojan.MulDrop1.40731´ and I allowed it to delete the file.

Simple Registry Eeitor on Ultimate Boot CD comlained ´Volume is dirty, mounts read-only´. Ran ChkDsk.
From UBCD got no indication of problems from A-Squared, RootKitty (no differences found). USing SuperAntiSpyware free I quarantined some of the cookeis and two registry keys it reported (sadly don´t have a logfile for that).

I discovered that I could allow the machine to run applications successfully by replacing the missing(!) Rundll.exe from another PC´s installation.

Then installed updated and ran Malwarebytes´ Anti-malware. Quick Scan showed problems, all quarantined with a reboot.

Now various programmes were atarting up after boot, the first time I saw them: Daemon Tools lite (failed), Skype, Messenger, AVG, SpywareDoctor. The Daemon tools installer appeared to run OK.

I installed Spyware Terminator for its Analysis...

When I can get to open the log files again (se below), I can tell what the reported or post them if requested,

Now XP always fails to install a mouse driver when plug mouse in to USB, e.g.: device manager then shows HID Devices: Darfon standard mouse; drivers for this device not installed, although in the properties it does say Drivers: USBFltr , by Waytech DEvelopment. There´s no backupto roll back to. On on eUSB port the New Device wizard says Cannot install this hardware, error installing device, 'Datos no válidos' (it´s all in Spanish on this laptop). On the other USB port, there is a beep but nothing else happens. Device manager shows the same. A USB flash drive is useable on the same USB ports.

The latest problem is that some recently modified folders or files are inaccessible even to the 'Administrator' account in Safe Mode.

Checkdisk finds no problem with the system disk.

The question is, is this just because Windows has been left 'broken', or is there likely still some infection? Can anyone please recommend whether it´s worth posting some scans on the Malware forum for these symptoms?

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users