Virus kicks me out of XP - Help!

[sonicislnd]

Hello,
Dumb me from downloading stuff from pirates bay, now I have a severe virus that has locked me out of my computer. Also, I don't have the windows xp disc.
Here's how it all happened. Last night I was downloading some stuff on my computer using uTorrent. Nothing was weird at all. I have AVG free, Malwarebytes, Spybot search and distroy installed on my computer.
Before going to bed, I turned my computer off - no issues.
This morning I wake up and turn my computer on and no icons load, no start button ect just my wallpaper and that's it. I re-boot in safe mode and just get a black screen saying safe mode on the outer edge of the screen. I was concerned and read up on line to try to save my computer.
Someone said do cntrl+alt+delete and then run explorer.exe, that brought my icons back. Everything seemed alright. I then ran Malwarebytes and it found 10 virus' or trojans. I choose to have Malwarebytes eliminate them. However, it said four of them it couldn't get rid off, and a window popped up telling me that I had to re-start my computer to get complete the malware elimination. I said ok. When my computer re-booted it brought me to the windows login name with my name there. I pressed my name and and my wallpaper appeared briefly for 3 seconds then went back to the name login page, saying my user name logging off. I re-tried in using safe mode, this time my user name and administrator logins appeared. I tried logging in with administrator using no password because I had never created a password for either administrator or my log in name.
I tried loading the last know good configuration as well as Directory services Restore mode and no success.
I had a friend work on my computer recently after a big move and he installed a legit version of XP on my computer but did not give me a boot disc or XP disc so I don't have that either. Is there a way to beat this? Please help. I would rather not have to re-install windows at a later date. I have games and music on there that would be a pain to replace. Who can help me . I need step by step instructions! Thanks a million in advance.

 

[Cameldude]

Thats why you should have a proper Antivirus running and do not download illegal material, Now i think the two ways you could go around this. You could purchase a programm which will delete users password and just have the user, but i dout it will work as if it is really a virus it will continue to do this. Second choice is to do a clean install with everything deleted from the system, but you don't want this either. So you are left with a choice, try one thing that might not work, and if it doesn't it will lead you to the other thing, unless someelse will come up with something.

Also you have to post this in the computer security forum, but i think moderators will put it there soon.

 

[Shadow_Death]

Hi
I already encountered same as sonicislnd problem. first if you want to reset your password in admin you can try to use winternal software or try to search in internet.
if you try to login in administrator and cannot load your profile you should format your computer. Malware already delete the virus but it can affect to the os in xp that the reason why you cannot log your profile and automatically back again in log-in.

 

[sonicislnd]

Virus

Yeah - I really want to avoid a clean install but I might have to do that. Just wondering if I can access the registry manually or something. or if there is a way to create a mock password to get back in. Or if I can do something in with F9 then boot from a disc - I can download something from another computer possibly then burn it to disc then load it on the infected computer.

 

[anon]

I'm assuming you have access to another computer with internet access and CD burning capabilities. With that said, your first step should be to download a free Live CD from Ubuntu's homepage and burn it to a disc. I'm not a linux fanboy and am not recommending you switch to linux, but the Live CDs open up a whole new world of last resort type repairs. I'm choosing Ubuntu because it comes pre-set with just about everything you need and is the most similar to Windows, so no real learning curve.

The great thing about a Live CD is that once you burn it to a disc, it becomes bootable and acts almost like a second computer without requiring a new installation. Once you boot through the Live CD, your computer will temporarily be running Ubuntu, and will recognize the infected hard drive as an separate unmounted drive. This way, you can use Ubuntu to copy all the important files from the infected hard disk to a safer drive, or go straight to using anti-virus software in Ubuntu to clean out the infected drive. Ubuntu should be more successful at removing those 4 files, simply because it is not windows and because the windows drive is not currently mounted.

Assuming the anti-virus scan worked well, you should be able to simply shutdown, eject the Live CD, then boot back up in Windows and live happily ever after.

If not, then make sure you copied all the important files, then wipe the infected disk. From here you will have to find a new OS. You could go ahead and fully install Ubuntu for the time being, or find someone with a Windows installation disc. A third option of more questionable legality is to download a torrented copy of Windows (not infected this time). If you can find your original serial code and use that again on the new install, I think you might be safe from any copyright issues (but don't take my word for it!)

 

[Shadow_Death]

You can use Winternal cd it same like ubuntu and you can view all your files and save to your external hardisk if you have. you can download winternal and it will save as ISO the burn in cd

 

[genbrown]

yeah or you you can call your friend who does computer work and have him fix it.

 

[Shadow_Death]

Genbrown is right

 

[genbrown]

Thank You

 

[sonicislnd]

Thanks

Yeah I'll try those. Ubuntu or Winternal . My friend might be able to help but he is unavailable for awhile. He has the original XP disc as well. Thanks. I'll let you know how things go. Cheers!

 

[sonicislnd]

Also... Microsoft aquired Winternals

Microsoft aquired Winternals - so this is no longer available to download and save Microsoft systems. Stupid Microsoft. I guess it's Ubuntu then ...

 

[Pleeeease!]

The lampsy trojan!

Ah yes, I know this one well. It's is as fast acting as it is intelligent and it always comes with many many friends. If you find a way to rid it let me know because I've tried: 1. killing it in safe mode with anti-virus and malware software 2. going to a restore point (but apparently it kills those too) 3. reloading the reistry from a previous store point 4. even hunting out sections of it in the registry. I was able to tame it down a little but there was still too many around that I couldn't get rid of to feel safe with it. Ultimately, a full recovery from my hp did the trick.

It might be that a reformat is your only option.

To those fools that talk about making sure you have up to date viruses, they just don't know the verocity of a good drive-by virus/trojan. This one is immune to initial detections (presently) and it is a good destroyer.

Good luck!

 

[sonicislnd]

Agreed about this virus

Yeah, early on when I just got my computer going with this version of xp - this virus or one of it's friends would actually turn off my firewall and anti-virus systems. I would have to go back in and turn them back on. So this virus was pretty malicious. Even when I did my full scans and deletes - something would always turn off my security systems in the background.
Last night I tried to install Ubuntu and was unable to - something disengaged my dvd drive so nothing could install. I was going to run anti virus on the corrupted drives. It may be a kernel problem - blinking cap and scroll locks. But this thing is vicious ... I have resigned myself to re-installing windows and wiping out the previous incarnation...

 

[CardboardSword]

Yeah, early on when I just got my computer going with this version of xp - this virus or one of it's friends would actually turn off my firewall and anti-virus systems. I would have to go back in and turn them back on. So this virus was pretty malicious. Even when I did my full scans and deletes - something would always turn off my security systems in the background.
Last night I tried to install Ubuntu and was unable to - something disengaged my dvd drive so nothing could install. I was going to run anti virus on the corrupted drives. It may be a kernel problem - blinking cap and scroll locks. But this thing is vicious ... I have resigned myself to re-installing windows and wiping out the previous incarnation...

Are you booting from the disk or trying to run it from windows? If you're booting from a live CD, hence you aren't using windows, the virus won't be active. Nor will it be active once using linux (as windows is not started for the virus to run on) Either way, a clean install is most likely your best bet.