Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Damaged XP OPSYS and possible Infection


  • This topic is locked This topic is locked
4 replies to this topic

#1 simplysimply

simplysimply

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:27 PM

Posted 16 May 2012 - 05:55 AM

Hi,

Firstly, sorry if I have started this thread needlessly, I have read through this thread http://www.bleepingcomputer.com/forums/topic138692.html but I was unable to directly Identify my problem and a suitable solution.

Now to the details of my request for help:

I recently battled a very difficult virus that had infected my PC, it took many attempts to remove it and after running through many different methods, such as running RKill, then running; combofix, Malware-Anti, TrojanHunter, trjsetup682, cleandh, and several other such software. Unfortunately I this was several weeks ago, I have procrastinated badly I know, the thing is that after this occured I was going to simply remove all my important data from my pc and then wipe/reinstall XP to ensure that I had a clean system. Unfortunately when I try to do this, by booting from the CD and then trying to delete the partition and then reinstall it gives me an error message:

INF file txtsetup.sif is corrupt or missing, status 4096 setup can not continue press any key to exit.

There is a small crack about 2 cm long that runs inwards from the rim on the CD itself.

Further symptoms of what is wrong with my actual PC appears to be a problem with my system32 folder:

I can not access the internet without using safe mode with networking
I am not seeing any tell tales of a continued infection on my PC but I cant be certain
It is possible that during my extensive battle with the virus, I allowed several files that may have been crucial to the operating system to be deleted.

I am sorry that I can give any further information.

What I am hoping is that someone can suggest either:

1) a way to reinstall XP without wiping my data, and then a fool proof means to check if my OPSYS is still corrupt
or
2) Vice Versa, as considered appropriate by an expert
or
3) what ever specialist advice is given that is supported by other experienced users to troubleshoot the issue/s

Thanks for your time in reading and responding to my post.

This is not time critical, but it would be a load of my mind to get this fixed in the next few days, work and what not to do as do we all. I will admit I am trying to avoid calling a local IT specialist to come and fix the problem, as I prefer to be taught and learn myself so that I am able to take more responsibility for my PC in the future.

Cheers,

Pazz

Edited by hamluis, 16 May 2012 - 07:39 AM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:27 AM

Posted 17 May 2012 - 02:11 PM

Hello having run ComboFix we need to see that and a DDS log.

Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
Skip the GMER step and instead post the ComboFix log you have.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 simplysimply

simplysimply
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:27 PM

Posted 18 May 2012 - 07:36 AM

Hi,

Thanks for your reply Boopme,
I have tried to follow your advice, however I have been unable to run DDS to completion in either my usual profile, or through my admin profile in safe mode with networking. Both times the software apparently stalls before completion when the hash bar is lined up with the 'it' in the sentence above it at around 70%. I have left this running alone, for upwards of 15mins both times, which is 5x longer than the maximum operating time advised by the DDS intro/info.

The same appears to be true with combofix, however as I am sure you know there is no percentage complete bar in combofix. However after running for 30mins without any sign of progress I must admit I became impatient and rebooted my pc, as when I tried to close combofix (and seperately DDS for that matter) the programs would not shutdown.

I am hoping you have some other advice for me that might help me to troubleshoot what is wrong with my pc.

Thanks again for your time and advice.

Cheers,

Pazz

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:27 AM

Posted 18 May 2012 - 09:16 PM

OK, dont do Combofix or it may shutdown the PC for good..

If you cannot get DDS to work, please try this instead.

Please download OTL by OldTimer and save it to your Desktop.
  • Close all other applications and windows so that you have nothing open.
  • Double click on the Posted Image icon on your desktop.

    Vista/Windows 7 users right-click and select Run As Administrator.
    If you receive a UAC prompt asking if you would like to continue running the program, you should press the Continue button.
  • Under Output, ensure that Minimal Output is selected.
  • Click the "Scan All Users" checkbox.
    Leave the remaining selections to the default settings.
  • Click the Posted Image button.
  • Do not use the computer while the scan is in progress.
  • When the scan is complete, two log files will open in Notepad:
    • OTListIt.txt <- (will be maximized)
    • Extras.txt <- (will be minimized in the Task Bar).
  • Both logs are automatically saved to the Desktop.
  • Please copy and paste the contents of OTListIt.txt and Extras.txt in your next reply.
    If the Extras.txt log is too long, you may need to add a second reply to your thread or upload it as an attachment.
  • Click the red X in the upper right corner to exit OTL.
Important: Be sure to mention that you tried to follow the Prep Guide but were unable to get DDS to run. If OTL did not work, then reply back here.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:05:27 AM

Posted 19 May 2012 - 08:41 AM

Now that you have posted your logs here http://www.bleepingcomputer.com/forums/topic454135.html


Please refrain from asking for further help from other members or staff until the Malware Removal Team has checked your posted log. The Malware Removal Team work very hard to investigate a unique solution to your problem and you will receive individual expert assistance. This takes time and effort so we ask you to please be patient while waiting for assistance and NOT to make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member. Any modifications you make on your own can result in system changes which may not show it the log you already posted. Further, following advice outside of that post may cause confusion for the team member assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

The Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean. If you followed any other advice already, please ensure you inform the Malware Removal Team Team Helper when they respond to assist you with your log. This will help them know what has been done and they probably will ask for an updated log.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT "bump" your post or make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another Malware Removal Team member is already assisting you and not open the thread to respond.

If HelpBot replies to your topic, please follow Step One so it will report your topic to the team members.

This topic in now closed.

Edited by Queen-Evie, 19 May 2012 - 08:42 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users