I have an old Toshiba Satellite running Windows XP Media Center Edition Version 2002 with Service Pack 3.
I KNOW this computer is infected with something. First time I noticed something was wrong was a few months ago. It has been a while since I last attempted to boot up the computer, but I'm beginning the process of cleaning it and need assistance.
I currently have Free Avast! 4.8, Malwarebytes, and ZoneAlarm Free Firewall installed and active.
First thing I noticed is that I was unable to download any .exe file from the internet. I was able to run the ones I had on my computer, but could not download any new .exe files.
I also remember at some point having my computer stuck in a repeating loop where it would boot, reach the windows logo with the green progress bar, and then shut off with an internal 'click' sound. I don't remember how it stopped, or if/what I did to stop it, but it no longer does that.
My home page (when I do manage to boot my web browser) is always reset to Ask.com.
And When I would log into my computer, my background would load, but none of my desktop icons or the start bar. Instead a box appeared that seemed to be offering some sort of virus protection called Palladium that I had not installed, and only gave me the option to accept and install or something.
I did not want to click on it, as alarms went off in my head. fortunately I quickly discovered a work-around. I started Windows Task Manager and ended a few tasks that seemed highly suspicious which that I did not recognize, in addition to a process that had a name very similar to "palladium." The box disappeared and I was left with only my background and the Task manager window. I managed to find the "run" command and ran explorer.exe and my system returned to a functional state, restoring the appearance of my start bar and my desktop icons.
There are many process running on my machine that I think are malware, but aren't turning up in the scans...
I just did a scan with Malwarebytes, and the program found +40 infections. During the scan, Avast! would interrupt and periodically say that it had suddenly found something, and prompt moving to it's chest. Malwarebytes managed to quarantine to it's chest folder all but one file. This is what the log said about that file:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows NT\CurrentVersion\Winlogon\shell (Rouge.Palladium) -> Delete on reboot.
When I told the computer to reboot, it sat there doing nothing for a while, so I hit Start>Turn Off Computer>Reboot, it began the shut down process, but when it tried to reboot, something went wrong and it shut it's self off suddenly and went to the Recovery Screen where it gives you the option to select "safe mode" or "last known good configuration". When I tried to continue, something happened and it looped back to the same place. Selecting "last known good configuration" fixed it (temporarily?). I have no idea if the file was removed or not.
Today I tried to schedule a Boot-Time-Scan in Avast!, and it initialized properly, but about 3-5 minutes in, crashed and went to the windows log-in screen. It has repeated the same process the last 3 times I attempted it.
The computer (avast!, I believe) has also been blocking assess attempts to or from various servers when I don't have the ZoneAlarm Internet Lock engaged.
It's working (mostly) now and I have Avast! running a thorough level scan through all files ri- The program just crashed. "Virus scanner has encountered a problem and needs to close."
I'm getting frustrated.