Jump to content

Is this virus/malware activity?


Takoul

Recommended Posts

My aged parents PC has recently seriously gone fubar. So I'm trying to find out if it has been infected or it is just a hardware/software problem.

 

Symptoms:

its nearly full 250GB HDD now only has 54GB on it

nearly all programs have disappeared off the PC, all that is left are the icons on the desktop that show no link to anything on the drives. Recycle Bin, MyPC, Windows Media Player all work still.

IExplorer isn't physically on the HDD any more. MSOffice 2003 Pro which they used is no longer there and annoyingly keeps trying to reinstall even when not accessing it. But it fails due to not finding a *.msi file

I downloaded a game called Legends of Norrath and put that on so I wouldn't get bored. That has disappeared too.

When clicking on the IExplorer icon on desktop it asks what program you'd like to associatite with this and puts up a limited list like notepad, paint and a couple of others.

 

They run Windows XP still.

 

Avast only has two quarantined items for this month: A0195960.exe and updatepackasc.exe (14/8/2014)

 

Its like something partially gutted the PC, can't find a program on it to get on the net for help even.

 

CHKDISK found no problems and AVAST full scan found no bad things on the PC still. There are no Hardware conflicts

 

I rolled it back a week and get access to the net for a brief while. Then that no longer worked.

 

So: Virus/Malware due to XP vulnerabilities? I have drilled them about safe surfing and email precautions, but they are mid 70's.....

Link to post
Share on other sites

Hello and :welcome: :

 

Thanks for the detailed description.

It's impossible to say for sure without some system information.

Moreover, the System Restores may have confounded matters somewhat, as doing so can "break" programs, especially AV and other security applications.

 

Let's get some basic logs first and go from there.

Please post back with all 4 logs (2 from DDS and 2 from FRST) attached to your next reply.

 

Thanks,

 

-----------------------------------------------

STEP 1
Please run the DDS scanner and send back both logs as attachments to your next reply.
If you are running Windows 8.1, please skip this step.

Download DDS from one of the locations below and save it to your Desktop:
dds.scr
dds.com


Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool.
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please include both of the following logs in your next reply as an attachment: DDS.txt and Attach.txt
  • You can ignore the note about zipping the Attach.txt file and just post it or attach it.

 

STEP 2
Please run the FRST tool and send back both logs as attachments to your next reply.

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. The one that runs will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your next reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your next reply.
Link to post
Share on other sites

Hi:
 
Yes, the computer appears to be infected, and there are problems installing Microsoft security updates and other issues.
Cleaning this up will need to be accomplished in a different area of the forum reserved for that purpose. :)
 
Please start a NEW, SEPARATE topic (including all of these same logs) in the malware removal section >>HERE<<.
A helper will assist you with looking into your issues.
 
Also, I noticed that you are running IObit software on your system.
The company behind this product was found to be stealing the MBAM database.
Personally I would not trust installing any software from a company that resorts to stealing someone's technology to sell their product.
Please see the following links and make up your own mind if you want to keep this on your system. If needed, your malware helper can help you remove it.

Thanks,

 

P.S. The forum Admin will probably merge your posts into one profile/account and delete the other. ;)

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.