• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 665
  • Last Modified:

conficker virus? a computer will not let me load norton properly or use windows home to reinstall

i have a computer that was working fine until yesterday.

norton internet security 2007 ended so, i undinstalled and installed 2009
well, norton 2009 would not install.

i then lost all of my drivers to the internet, windows xp home layout - it went to calssic view.

i thought system restore - it said it was not installed
i tried windows firewall - also not installed

i tried starting with the windows xp home cd to repair - it keeps asking me
what to do, i type in 1 to select the C:/ drive
it then asks what do i want to do - i click help and nothing says restore windows
it just gives the info such as copy : delete : fixboot : mkdir: etc

could this computer be infected and will i need to do a fresh install? [ format and install? ]

i have no clue as to what is going on.

thanks
0
webdott
Asked:
webdott
  • 3
  • 3
  • 3
  • +2
2 Solutions
 
skywalker39Commented:
Hi webdott,

I would try scanning some free anti-virus & anti-spyware applications first. I would try AVG Anti-Virus, Malwarebytes and SUPERAntiSpyware. I would do a complete scan in normal Windows, if normal Windows fail, I would try them in safe mode. If your still having problems I would format and do a fresh install.

Here's the links:
http://free.avg.com/
http://www.malwarebytes.org/
http://www.superantispyware.com/
0
 
blissbearCommented:
If you can still boot into windows, press F8 on boot before you see the windows logo and boot into "Safe Mode with netoworking".  Log into an account with Administrator access.  This will prevent most viruses from loading.

You can then attempt to install your antivirus software.

I would recommend Avast! antivirus (http://www.avast.com/index.html) as it allows you to scan the system from a very low level on boot before windows GUI loads.
0
 
webdottAuthor Commented:
i have tried the safe boot and it will not let me load any usb drives, dvd's, there are no internet connections.
i have malwarebytes, but i can not get it onto the system do to the system not letting me put any usb device in or interent. i have tried cd as well.
virus maybe?
 
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
skywalker39Commented:
If you booted in safe mode only, you won't be able to get online, if you boot in safe mode with networking you will be able to get online.
0
 
webdottAuthor Commented:
skywalker39
thanks i will try safe+networking
 
0
 
Dave HoweSoftware and Hardware EngineerCommented:
there is a simple test for conficker here:

http://www.confickerworkinggroup.org/infection_test/cfeyechart.html
0
 
skywalker39Commented:
If you are infected with the conficker worm, here's a link from symantec, there is a tool that you can run to remove it.
http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_promo_conficker_worm
0
 
JonveeCommented:

Hopefully Safe + Networking will have worked.   If it does, advise running Malwarebytes.

If it will not run, try renaming it *before* saving it to your desktop.  As you're having difficulties downloading it try downloading to another machine, then into a USB memory stick (or equivalent).  Rename it first, and only then connect to the infected machine.

Another possible option is to see if you can run the Stinger which is a utility that cleans the system of viruses, that block anti virus software.   You may also need to download to a 2nd machine then rename Stinger in the same way>
http://vil.nai.com/vil/stinger/

If you can report back on whether you can run a scanner at this stage, we can advise the next move.  It may well be to run ComboFix .. details later, if required.

0
 
JonveeCommented:
After re-studying the question, and assuming you may still have problems, suggest you try and install Trend HijackThis 2.02:
http://majorgeeks.com/Trend_Micro_HijackThis_d5554.html

Create a folder where you would like the HijackThis file to reside and run it from there, not from the Desktop or a temporary folder.
Run the scan & save the logfile.  Then click the "Attach Code Snippet" box, paste the logfile into the "Code Snippet" page and then it can be analysed.
From the analysis we can decide more accurately whether ComboFix or any other Tool is needed.

At some later time you may find it very beneficial to completely remove Norton Internet Security 2007, if it wasn't removed cleanly the first time:

Norton Removal Tool (SymNRT) 2009.0.5.26:
http://www.majorgeeks.com/Norton_Removal_Tool_SymNRT_d4749.html
0
 
webdottAuthor Commented:
it was the conficker.

i split the points because the hijack this helped me
and the removal FIXdownup from norton removed it.

i am still going to wipe and reinstall windows a few times just to make sure.

thanks for your help.
0
 
JonveeCommented:
You're welcome.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 3
  • 3
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now