Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cleaning a friend's system


  • Please log in to reply
6 replies to this topic

#1 onelove888

onelove888

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 16 May 2011 - 11:48 AM

A friend of mine, whose system I will not have a look at until 5pm my time, says he got a message some time last week claiming his hard drive was broken and directing him to run a scan, which he did. (I know.)

He called me when he now cannot get past the logon screen in windows vista (a Sony Vaio laptop), even in safe mode. Apparently the computer boots to the login rescreen and restarts, booting there again in a loop.

I have access to a computer now, and can download files and burn them to cds or put them onto a flash drive. I can't count on having access to a working machine when I get to his place. There is an internet connection, wired and wireless, if I actually am able to boot into the laptop.

Can you guys give me any information that will be helpful to prepare to look at the system.

My first question is - are there steps that can be taken that will allow me to get into the system itself, and if not, is it possible to effectively scan and repair a system I don't have direct access to?

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:57 AM

Posted 16 May 2011 - 12:06 PM

and directing him to run a scan, which he did

As you probably realize, it wasn't a good idea.

You may be dealing here with one of these two:
http://www.bleepingcomputer.com/virus-removal/remove-hdd-defragmenter
http://www.bleepingcomputer.com/virus-removal/remove-system-defragmenter

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 onelove888

onelove888
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 16 May 2011 - 01:35 PM

Thanks a lot. I already had downloaded malwarebytes. I just printed those instructions and downloaded rkill. Any ideas for if I can't get to the desktop? If I boot into safe mode at a command prompt, is there anything I can run from there?

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:57 AM

Posted 16 May 2011 - 01:37 PM

I'll ask our malware experts team to comment here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 onelove888

onelove888
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 16 May 2011 - 01:44 PM

Wow. Sorry, I probably should have posted this to

BleepingComputer.com > Security > Am I infected? What do I do?
http://www.bleepingcomputer.com/forums/forum103.html

At this point can/should I repost it there? Can someone move it?

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:57 AM

Posted 16 May 2011 - 01:47 PM

Since the computer is not bootable, you better wait here for malware team.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 Jacee

Jacee

    Bleeping around


  • Malware Response Team
  • 3,716 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:57 AM

Posted 16 May 2011 - 01:57 PM

You can make a bootable system rescue CD using Linux software tools http://www.sysresccd.org/Main_Page
Be sure to burn the files a a slow rate, so you don't get a corrupted rescue CD or USB stick.

MS_MVP.gif
MS MVP Windows-Security 2006-2016
Member of UNITE, the Unified Network of Instructors and Trusted Eliminators

Admin PC Pitstop





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users