[jwang01]

Hello,


Ok, from the sounds of it, you are infected with a PE infector. This type of virus is a parasitic file-infector virus, which can be very hard to remove as it can severly damage the OS. And since your OS is damaged so much, I think the best way to go now is another reformat.


But before you do, when you backup your files to save, did you backup any .exe, .scr, .rar, .zip, .htm, .html files? If so, those files are most likly infected and causing your reinfection after every reformat. You will need to delete all of the file types mentioned above if you did back them up.

so i decided to try the disks from my old emachine

Doing this can cause some problems as it could install drivers that are not for your system. That may cause compatibility issues or leaving some of your hardware with no drivers. If it your only option though, you could try that again and hope it was the infector causing most of the problems.

Edited by jwang01, 13 April 2010 - 07:17 PM.

[Advertisements]

hi jwang01;

that's the weird thing; i never reinstalled my back-up data on the computer, any of the times i reformatted it. it's all still on a flash drive, and yes, some of it very well might be corrupted, or the flash drive could have gotten an infection. there are a few html files, and some open office docs. there are word docs which all turned to word pad docs as soon as i updated open office to a to 3.2, so some of those word docs might be infected with macro viruses. the rest is pictures, mostly jpgs; a few btmp. i have over 12,000 photos, most saved to dvd off of another old infected hard drive by someone for me. i don't know if he ever even scanned those files. would flash disinfector be of any help isolating the good files from the bad? otherwise, i could probably isolate them on the drive and then how do i destroy them and can i be sure?

i may have mentioned early in this thread that a file with an icon showed up on my desktop, i researched it, it was an open office update file and so i downloaded it. someone said when you update the version, it turns all your word docs into word pad, but i somehow doubt that. the file was named: OOo_3.2.0_Win32Intel_install_wJRE_en-US. right after i downloaded and installed that was when things really got weird on the computer. could be a coincidence, could not be. at this point who knows.

so, if the data is not the culprit for getting me reinfected, what i'm trying to find out is how the heck, if i do a destructive reformat on the hard drive each time i reformat... how can this infection keep showing back up so fast and totally wreck the os? what am i missing?

maybe it's just time for buying a new hard drive. BUT.... if there is any way that i can infect the new hard drive just by putting it into that box,then i'd rather just get rid of the whole box and hd and so be it. if one of those kill disk programs would totally and finally clean my hd without destroying it, i'd try that. i just don't wanna go through it a 5th time. being computerless for awhile would beat dealing with this again as an option.

so let me know where you want to go from here; and thanks so much for all you have done to help me up to now. whatever you think is best, we will do.

[pixillated]

hi jwang01;

that's the weird thing; i never reinstalled my back-up data on the computer, any of the times i reformatted it. it's all still on a flash drive, and yes, some of it very well might be corrupted, or the flash drive could have gotten an infection. there are a few html files, and some open office docs. there are word docs which all turned to word pad docs as soon as i updated open office to a to 3.2, so some of those word docs might be infected with macro viruses. the rest is pictures, mostly jpgs; a few btmp. i have over 12,000 photos, most saved to dvd off of another old infected hard drive by someone for me. i don't know if he ever even scanned those files. would flash disinfector be of any help isolating the good files from the bad? otherwise, i could probably isolate them on the drive and then how do i destroy them and can i be sure?

i may have mentioned early in this thread that a file with an icon showed up on my desktop, i researched it, it was an open office update file and so i downloaded it. someone said when you update the version, it turns all your word docs into word pad, but i somehow doubt that. the file was named: OOo_3.2.0_Win32Intel_install_wJRE_en-US. right after i downloaded and installed that was when things really got weird on the computer. could be a coincidence, could not be. at this point who knows.

so, if the data is not the culprit for getting me reinfected, what i'm trying to find out is how the heck, if i do a destructive reformat on the hard drive each time i reformat... how can this infection keep showing back up so fast and totally wreck the os? what am i missing?

maybe it's just time for buying a new hard drive. BUT.... if there is any way that i can infect the new hard drive just by putting it into that box,then i'd rather just get rid of the whole box and hd and so be it. if one of those kill disk programs would totally and finally clean my hd without destroying it, i'd try that. i just don't wanna go through it a 5th time. being computerless for awhile would beat dealing with this again as an option.

so let me know where you want to go from here; and thanks so much for all you have done to help me up to now. whatever you think is best, we will do.

[jwang01]

Hello,


Buying a new hard drive will not fix the infections. If the drive is corrupt, then that would be a thing to do.


When you did the reformats, Did you intall an Anti-Virus right a way before surfing the net?


Right now I think a reformat may need to be done as everything is getting worse. I'm not sure how it's coming back, but if you reformat you will have a working OS and we can do some checking when everything is working better. If that file infector is still there, we may be able to kill it. But right now everything just seems to damaged to repair.

Edited by jwang01, 14 April 2010 - 06:22 PM.

[pixillated]

hey jwang01;

malwarebytes was the first thing i downloaded; can't remember about the av but i think maybe i didn't do it right away. the three times before, i tried avast5 and it stopped updating almost immediately and then became useless.

keep in mind the disks i have came with a cheap computer and are not the full xp deal. you don't get office or anything. it includes an install of ancient java, adobe, old everything, and a bunch of crap like aol that i don't want.

and i'd have to uninstall the ancient norton and mcafee they put on there before successfully downloading a good and current av. the disks come with ie5, so in order to get anywhere on downloading, i have to start with that kind of disadvantage and security nightmare. then there are all the windows security patches and service packs to download. it only gives you the option to do that from windows update once a day, and from 2005 til now there are many!

so i'm basically screwed before i even start with this deep of an infection, it seems. if a drive wipe is supposed to wipe all infection, then why isn't it ... that's my question that i cannot answer.

and now, since i infected my friend's computer, there is the issue that i can't use the flash drive to get programs from his, and put them on my puter. i do have one clean and unused flash drive left; but who knows what files lurk on his infected computer that could reinfect my drive? what a mess.

so.... if buying a new hd won't get rid of the infection, then where is the infection lurking? i don't get it. i think the hd must be corrupt with something. even though i wipe it i am not killing that something, apparently.

i'd be glad to try one more time but i am not hopeful! not without another clean computer to use and a clean flash drive and a way to keep it clean. even then, you see how many questions i need to ask just to be sure i do things right.

is there any way to tell if it is infection or corrupt drive?

last time i reformatted, i think i just put anti malware stuff on but not an av. but i can't remember for sure. i may have put on clamAV. this time i would try the a squared and then use the trial license for the a squared antimalware. what do you think?

i think i should focus (and i am) on getting my friend's pc cleaned up asap. but if you are still willing to work with me and all my questions, i'd hang in there. maybe with your guidance, i can do a clean install and do things right. that's up to you.

[jwang01]

Hello,


Ok, let me ask you this. When you reformated, did you delete the old partiton and create a new one? Did it give you that option?

[pixillated]

yes it did give me that option but i can't remember if i did or not. i did what it recommended if that helps any.

[jwang01]

Hello,


Ok, when we do this again, I would recommend that you do delete the partition and re-partiton the hard-drive. If you didn't do this, that maybe the reason the problems come back. I did ask some of the other staff here to take a look at this to see what they think before you try the reformat. I will get back to you in a bit.

[pixillated]

thanks, jwang01. much appreciated. will await further instructions and ask questions if i don't understand.

[jwang01]

Hello,

Ok, I will most likly post back here tomarrow.

[jwang01]

Hello,


Ok, let's do this. Do you have a blank cd and a cd burner?

Let's download a free AntiVirus and the norton removal tool and save it to a cd. I would recommend Avira for the free AV as I think it is the best one out there.

Also, please don't insert any of your flash drives through this process. We will check on them once everything is running smoothly.

• Please download Avira AniVir and save it your desktop.
• Now download the Norton Removal Tool and save it to your desktop.
• Now burn those to files to a CD. We will install them right after the reformat.

• Please unplug the internet cable and keep the computer offline for now.
• Then start the reformat process. Make sure you delete the partitions that are on the drive and re-partiton it when it gives you the option. If you don't the infection may remain on the system.
• Once Windows is installed and running, insert the CD you with Avira and the removal tool into the CD drive
• Copy the to files from the CD to your destop
• Now try to uninstall Norton and Mcafee from the add/remove programs section of the control panel.
• Then go ahead and run the Nortan Removal Tool.
• Once that is complete, try to install Avira AntiVir. Once installed, put the computer online and update Avira.
• Now go ahead and start updating Windows.
• When that is complete, please post back here and tell me how things went and how things are running.

Let me know if you have any questions.

[pixillated]

hi jwang01; i just got here to my friend's house, and will do as you say. i do have questions, always! and you have been an angel of patience with me with all the questions.

1) if, when i start to reformat, i see that i HAVE nuked the partitions and already done new partitions before,(i will know once i get in there to reformat), should i let you know? that might mean either the drive is corrupt or the infection is someplace not on the drive but still in the box? (or is that even possible?). also if i get any error messages while reformatting, i will let you know what those say.

2) the windows updates; after i install avira, should i enable them or do manual updates? if i enable automatic updates, it could take quite a few days to get up to current, and do they do updates from offline? auto updates only gives me the option of once per day at a certain time.

3)after windows updates are up to current (which may take some days), should i also install an anti-malware program? i still have time on my free license of a-squared anti malware, and i have been really happy with it and the a-squared free anti virus. but if there will be compatibility issues between a-squared anti-malware and avira anti-vir, then i won't do it.

also, since a squared anti-malware has a real-time and startup guard, would that be a compatibility problem with avira anti-vir? does avira have real-time capabilities as well?

4) while i am deleting norton and mc afee, can i also delete aol? (and maybe later you'd show me how to clean up all the flotsam and active x and weird files they all leave behind in a trail?)

5) if, even after re-partitioning, i see that the computer is going that same way (ie the internet dies first and then i can't update my antivirus), what do i do? just tell you?

5) do you want me to wait until all windows updates are current before posting to you again? (which would i guess close this thread temporarily)?

i am not sure when i will start this process. my friend will be away for the entire day on sunday so i will probably start sunday night, but will let you know if i start the process sooner.

6) um... i think my friend has windows media player but i am not sure. the only burner i have to burn on is the one on his computer. don't i have to make certain kinds of files to burn onto cd, or is that just dvd? i may need a walk-through on that. i will look at what burning programs he has. i also downloaded a couple of dvd programs but had no luck getting files on them to work on my computer. i'm better with a flash drive.

i think that's all the questions i have for now. now back to attending to the other mess i made.

thanks for being willing to do this, jwang01.

[jwang01]

Hello,

1) if, when i start to reformat, i see that i HAVE nuked the partitions and already done new partitions before,(i will know once i get in there to reformat), should i let you know? that might mean either the drive is corrupt or the infection is someplace not on the drive but still in the box? (or is that even possible?). also if i get any error messages while reformatting, i will let you know what those say.

No, just continue with the reformat anyway. If you see any errors though, let me know.

2) the windows updates; after i install avira, should i enable them or do manual updates? if i enable automatic updates, it could take quite a few days to get up to current, and do they do updates from offline? auto updates only gives me the option of once per day at a certain time.

You can manualy update Windows. That way you can do it all in one day. It may take quite a few downloads, installs, and restarts, but it's important to get them all.

3)after windows updates are up to current (which may take some days), should i also install an anti-malware program? i still have time on my free license of a-squared anti malware, and i have been really happy with it and the a-squared free anti virus. but if there will be compatibility issues between a-squared anti-malware and avira anti-vir, then i won't do it.

You should be able to run a-squared anti-malware along with Avira.

also, since a squared anti-malware has a real-time and startup guard, would that be a compatibility problem with avira anti-vir? does avira have real-time capabilities as well?

All Anti-Virus programs scan in real time. But it's ok to run one real time anti-malware scanner along with your AV.

4) while i am deleting norton and mc afee, can i also delete aol? (and maybe later you'd show me how to clean up all the flotsam and active x and weird files they all leave behind in a trail?)

Yes, go ahead and uninstall AOL as well.

5) if, even after re-partitioning, i see that the computer is going that same way (ie the internet dies first and then i can't update my antivirus), what do i do? just tell you?

Yes, just let me know, hopfully we can stop it from going that way again.

5) do you want me to wait until all windows updates are current before posting to you again? (which would i guess close this thread temporarily)?

It would be nice for you to be up to date. Just update manually to get all the updates instead of having them done automaticlly.

6) um... i think my friend has windows media player but i am not sure. the only burner i have to burn on is the one on his computer. don't i have to make certain kinds of files to burn onto cd, or is that just dvd? i may need a walk-through on that. i will look at what burning programs he has. i also downloaded a couple of dvd programs but had no luck getting files on them to work on my computer. i'm better with a flash drive.

If is drive can burn CD, heres what you would need to do/

• Put the blank CD into the drive
• Right click on the Avira file thats on the desktop, then Send To, and send it to that drive. (Such as D:\)
• Then do the same for the Norton Removal Tool
• Then you should see a bouble in the corner stating you have files ready to be burned to a CD. Click on that. Then select Burn or copy files to the disk button.
• Then follow any promts it gives you.

Let me know if you have any other questions.

Edited by jwang01, 16 April 2010 - 05:52 PM.

[pixillated]

ah, you are an angel! thanks for explaining all of this to me and for your patience. hoping to do the reformat tomorrow (sunday) night. friend will be away tomorrow and no pressures, so can burn cd with your wonderful instructions.

another coupla questions:
1) to manually install of windows update: does that mean i have to go to the website of windows, or how is that done?

2)should i be on internet explorer 8 to do the updating; and should i update to ie8 early on?

(and this is all done after i have avira up, running, and updated, right?)

thanks again!

[jwang01]

Hello,

1) to manually install of windows update: does that mean i have to go to the website of windows, or how is that done?

You should be able to access Windows Update by going to Start, All Programs, and towards the top you shoud see Windows Update. Just click that and it should get you started.

2)should i be on internet explorer 8 to do the updating; and should i update to ie8 early on?

Go ahead and use the Internet Explorer that is installed after the reformat. During your update process, it should download and install for you.

(and this is all done after i have avira up, running, and updated, right?)

I would like you to try and install Avira before you try and update Windows or even connect to the net. If it won't install because your Windows is to out of date, make sure you only vist the Windows Update Site.

thanks again!

No Problem.

Edited by jwang01, 17 April 2010 - 03:58 PM.

[pixillated]

hi jwang01;

am at friend's now.late start today - tried to reformat hd this morning (2 short and 3 long attempts) so that i could just load avira on tonight and get going with the updates. at no time would it let me make a new partition, no matter how i tried. i even went into BIOs >advanced > disk format menu and wondered if disabling S.M.A.R.T. or auto (format, i guess) would help me to make a new partition. tried disabling auto. nope. will re-enable it, but there are more disturbing things to report.

every reformat (incl some of the ones before), this message came up: "user partition is missing! would you like windows to install one?'. so, um, yes seems to be the only option for that.

then, the cmd screen kept popping up randomly and when the software was loading, that window came up with files zipping by.

i have done reformats before. never do i remember the command prompt window being involved! my guess is that since it's the same old partition, this is how it loads up the infected files. just a guess.

so i have windows installed again but feel that i am screwed before we even start.

my instinct would be to disable command.exe on the setup somehow so that i could NOT load up the same ole settings. better yet would be to make that new partition, but how? that is where you come in!

back over to the other thread to start that process.