Friend's laptop taken over by viruses and malware

Discussion in 'Recovery & Backup' started by dperecky, Dec 5, 2014.

  1. dperecky


    Dec 4, 2014
    Likes Received:

    This is just an F.Y.I story of my recent experience:

    The laptop ran Vista sp1. I was able to log on, but the regular desktop background image was gone. Other software changed the way that the computer ran and looked. So much so, that I was asked to repair it. This computer had a commercial antivirus program on it that was useless. It should not have let the computer get to the point that it got to. The commercial antivirus program was removed.

    Found that the laptop was 'Virus city'. Ran MalwareBytes. It found 2600 non-malicious adware, and approx. 400 malicious malware installs on it.

    Was able to start Defender, but it stopped after 10minutes with the code 805800c. Ran Chkdsk /f /r. It found 4-5 files that had problems, and fixed them. No help.

    Found 700 folders in the Windows\Temp folder all with similar names, going back to 2009. Found that Defender spent A LOT of time scanning these folders. So I erased them directly via Windows Explorer. They erased, but Defender would still not run.

    Tried to download MS Security Essentials. The message was that 'the security settings would not permit the file to be downloaded'. This is kind of a security hole with SE, IMO. Same message when trying to update the definition list for Windows Defender. Was able to update the list manually via a program I loaded on a USB Flash drive.

    All the while the pc would 'beep', every 5 seconds or so. The virus was self-propagating. Not a pleasant sound to hear.

    Reran MalwareBytes. This time only approx. 500 incidents were found and deleted.

    Rebooted. Vista decided to try to install Vista sp2. The whole process took about 40 minutes. It would download, then the software would get installed/updated. It would get to 80-90%, then a message would appear: 'The installation was not successful. Will restore the computer to the previous state' (or similar). I then rebooted the computer per the suggestion of the (failed) update. Rebooted. Vista SP2 tried to reinstall after the boot. It went again up to 80-90% and failed. A message then appeared that the old software was getting restored. Afterwards, I was supposed to reboot, which I did.

    Restarted Defender Quick Run- it ran further than ever this time, over an hour. Then it just disappeared. That was weird. I restarted it to look at the scan history. It was empty.

    The pc then came up with a message and a logon screen for 'the other user'. What other user? Was locked out. Did some research and found that 'net user [name] [pw] /new' was supposed to input a new user and pw into Windows.

    Was told to input the 'net user' command in Safe Mode- manual prompt. But could not boot into Safe mode at all. The boot cycle would just go back to two options:
    Startup Diagnosis and Recovery
    Start Windows Normally.

    Neither worked.

    The solution. Actually there are two of them. Found out from the Acer website that Alt / F10 was the recovery option - for virtually all Acer laptops. Tried it. Failed. There was some message saying that it could not find the HD 'Acer' partition.

    The solution that I chose, after all others were exhausted, is to purchase Acer Recovery Media for this laptop. Price: $20.00.

    It could be worse.... At least at the end, theoretically, I expect to give a running laptop back to my friend.

    note: Kind of like Vista, as it's a hybrid between XP and Win7.... a little of both.
    dperecky, Dec 5, 2014
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.