Infected with Conficker! HELP!!

Status
Not open for further replies.
Remove the original drive? Well, at the moment, I only have the C: Drive, during the format last time, I had C: and D: and I deleted both of those partitions and I created a new one on C: and that is the only drive I have right now.

Are you suggesting I format again?

By the way, an interesting thing I have realised is when I startup my PC before the XP Screen it says hard disk not detected! then continues on to XP.

PS: I have had a BSOD problem in the past and i fixed those by changing my BIOS settings to recommended settings given to me on corsair forums and I fixed the BSOD problem at that time and my pc worked fine with those bios settings. I once again have those bios settings and the hard disk not detected thing used to show up when I had the BSOD's as well.

Another note: Once today when I tried to start my PC i got an error screen saying that overclock failed! Press f1 to return to bios and edit settings or f2 to load default settings. Now, the current settings worked before the virus and the default settings caused BSODs in the past and froze my PC up. sorry if i complicated things up.
 
So this seems to be a hardware issue. Have you tried setting your BIOS back to default settings or fail safe or what else it may say?
 
Well my bios on default settings seem to cause problems ( BSODs before virus ), freezing up the PC totally after the virus.

Btw continuing full scan with F-secure online scanner, so far skanned 15k files, 120 skipped, 7 viruses found. I am not pleased that it skipped so many though. Im thinking perhaps the virus is causing the scanner to skip, which I don't like. Anyways, I'll post back with results, meanwhile, if it is infact hardware problems, what shall I do?

I do agree that I probably have hardware issues. What should I do concerning the hardware issues? (Although I think that I do have some viruses (will F-secure get rid of them all or should I/could I use some other methods to make sure I get rid of everything?)
 
Go to the Manufactures Web Site and check for a BIOS Update for your MOBO. You may have some virus issues but the biggest problem here is the BIOS or something else.

After the scan is finished, remove the infections it finds, reboot and then run it again and let me know if it finds anything else. Also after you reboot see if you can run hijackthis from the desktop or root of the C drive.
 
Ok, I'll try the above. 9 viruses find at the end of the scan, I clicked to remove but right now its not making any progress. I'll try what you suggested.

PS: I updated bios earlier and had problems (I couldn't even startup windows properly - therefore i did a system restore back to the old BIOS version. Perhaps I will install once again and see if it works, after I get my PC cleaned (hopefully). Maybe it was the virus that was causing those problems, not the bios update. Will keep you posted, if you get any ideas, don't hesitate to share since I have my laptop on and my desktop at the same time so im here:)
 
Just so we are on the right track here...

Do you what a System Restore is?

Do you know what a BIOS is?

You say you did a System Restore back to the old BIOS? Does your MOBO allow you to revert back to an older BIOS version? If this is the case, can you explian to me how you went about this?
 
Here are the results (doing this by lookin at my desktop and typing on laptop):

Rootkit.Win32.OGRoot.ae (virus)

-C:\SYSTEM VOLUME INFORMATION\_RESTORE{63C87746-B1EF-478F-88F8-B7F4F05A569A}\A0003602.SYS (renamed & submitted)

Trojan-Downloader.Win32.Agent (virus)

-System

Trojan-Downloader.Win32.Agent.bhjw (virus)

-C:\DOCUMENTS AND SETTINGS\USERNAME\READER_S.EXE

Trojan.Win32.Agent (virus)

-System

Trojan.Win32.Agent2.dnj (virus)

Locations are too long im bored to type :p

Trojan.Win32.Pakes.myw (virus)

These are what were found and removed. Reboot and rescan incoming.

Yeah, I know what a system restore is and yeah, I know what BIOS is.

To be honest, I think my bios is changed back to older version when I system restore and back to defaults. Since the BIOS screen version showing changed back to the old one after the system restore and settings went back to default (I had changed them to custom settings that I was talking about earlier after the BIOS update).
 
I thought I mentioned to turn off System Restore, if it was off that infection wouldnt be there. :cool:

Just so you know, when you did a System Restore it doesn't change or have anything to do whatsoever with the BIOS. All you have been doing is reinfecting your self. You see, the infection is on your running system and then it is also running on your emergency "StandBy" section called System Restore. So if we was to get your running system clean and then you performed a System Restore, you have just then reinfected yourself.

Make sense?

So what I need you to do is Turn Off System Restore How to turn off and turn on System Restore in Windows XP


Reboot

Once back at your desktop run that online scan once again and post its results.
 
Ok, after this first online scan and removal of malware detected, I rebooted and realized that the logos on the desktop were normal but I still could not run Hijackthis, the same error : Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item.

Another thing that just happened was I went to right click my computer and go to properties and I realized the logo of my computer is a folder logo rather than a computer logo and as soon as i rigth clicked it, i got a BSOD.

Now, I managed to right click and go to properties and turn off system restore from my computer on the desktop (with the REAL logo) but on the startup menu it was not the real logo and it led me to a BSOD. anyways, I am going to try and do what you told me, I will report back soon, but one thing that is getting on my nerves is Nod32 constantly alerting me with virus threats in all types of files (including Malwarebytes and hijackthis etc,) Do you think nod32 really detected something or is it possible that somehow the virus is manipulating it?

Ok, so now things seem to be even worse. I can't login to windows, Data Execution Prevention closes explorer or userinit... This is not caused by hardware is it? I'm tired of this i've been trying to solve this problem for 3 days straight!! Please, please help...!

Update: I can't even enter in safe mode, DEP Says there was a problem with Explorer and turns it off and i am left with a black screen and nothing else.

I think I need to format my PC. After the format, I'll probably get rid of the virus, but I have my data that I want to transfer from my external drive, do u think it's infected (I've scanned it 2wice, nothing found)? Also, what should I do to protect myself after the format. I'm thinking nod32 is crap, any suggestions? (I don't want to pay for anything at this point). I will update my bios and get all the windows updates, one thing though, I have lost the CD for my MOBO that i used to put in after formats, what can I do now since I don't have it i'M not sure what drivers etc i might need, where can I find what I need in that sense and where can I download them? any idea?
 
Your system is screwed up.:eek:

This is what you need to do. Delete any partiton on your hard drive, reformat and then install XP. Dont use NOD, use AVG Free Edition. Once all the drivers are installed, update XP all the way up to and past SP3 including IE7. Install AVG ASAP.

Don't use the USB stick till you know its clean. Test if on your laptop if you need too.

What brand of MOBO do you have?
 
Status
Not open for further replies.

Similar threads

N
How to recover files after infected with zaqi ransomware
Replies
9
Views
2K
brownelsa1318
B
B
Multiple Seagate External Drives Not Working(Windows+Mac)
Replies
2
Views
460
Joe C
Joe C
A
HELP!
Replies
0
Views
289
arncap
A
P
ComboFix Replacement
Replies
5
Views
523
PC_Cone
P
H
My battle with WPSpamAIBot1gpt
Replies
3
Views
785
hamsheena
H
Back
Top Bottom