Bad Malware removed(Vundo, Rootkit), sent here.

Well, this is discouraging, but I was sent here, from malware forum, so I'm hoping maybe we can do something, or maybe it's reformat time. I'm including the malware forum log, if anybody gets interested, or has ideas:

http://forums.majorgeeks.com/showthread.php?t=204971

History:
A bout a week ago a friend asked me to look at her computer--laptop, w/xp, Service Pack 3. Had Avira installed. It was inundated with malware, popups for rogueAV's, rootkit agents, Vundo, kept giving blue screen.

Eventually, I was able to start running SAS and Malwarebytes and Combofix, followed the Read and Run Me page, and and Kestrel helped me, but it didn't seem there was malware left...but computer still ran slow, and began *not* allowing the AV scans to run, stop me from downloading ESET and PANDA, kept coming up with errors for AVIRA, which I removed, and re-installed...countless error messages, a couple more blue screens...

I could go on, and list the errors: I've been keeping track, but didn't even know where to start. I'm operating on the assumption that the rootkit or *something* screwed up the registry in ways beyond my limited knowledge.

Could anybody tell me what would be a good start: I do have Norton Recovery Disk, and this is a legal OS, so I can get the XP setup disk, and have a couple of my own, but I just don't know much about it...I can follow instructions tho...I had downloaded and copyed to a DVD the UBCD4Win, but haven't even tried to run it, don't know how...

Any suggestions, questions, or even reformatting, if recommended, are greatly appreciated...I'm lost here...has 1gb of ram, btw....I feel hopeless, but you'all have saved me before, so thankyou in advance...

 

If ther is no needed files to be recovered or programs that can't be replaced on the drive, then I would wipe the HDD and reinstall windows.

[i use UBCD for wiping] http://majorgeeks.com/Ultimate_Boot_CD_UBCD_d4981.html
(Ther is disk wiping options in the "hard disk tools" section)

And remember you have to burn UBCD as an ISO image file to a CD so you can boot the computer from it.




******************

Do you know how to reinstall windows?



Q

 

I just downloaded it, and copied it: I didn't burn ubcd as an ISO image.

Yes, I've reformatted before, and as soon as I can have my friend locate her Dell xp disk, I'll probably do that...but I thought since I've put so much effort into this already, I hate to give up and reformat, if there is still hope...the computer does run better than it did before I started the malware removal, I can get online, but it's still horribly slow...like today, I got the quck scan, in MBAM, and that went thru, but it won't update...just constant errors.

Maybe what I'll try to do is make a mirror copy of UBC, and then run that, try to clean the HD...

It just went into bluescreen again, and gave this msg, which is the most common one bluescreen has given me: PFN_List_Corrupt

I'll try to research this, as it's been coming up constantly ever since I started removing malware...thankyou for reply and help

 

eh? you must burn it as an ISO image file or else it ownt work!.

I understand our desire not to give up and reinstall, but If ther is no real need to keep what is on the HDD then think a reinstall is best course of action or you are likely to be fighting with bugs and errors for a while (others may disagree)





Q

 

Yes, I finally figured that out, was just copied it to DVD without thinking about running it, but if I use it, I'll burn it as an ISO image.

You're right, and I think I know this. I guess I was just so excited when the initial scans finally ran, and found all this malware, that I thought--as in the past, that my problems were over--or that the malware crew would have some simple solution to whatever remained.

If it were mine, I'd probably keep fiddling with it, just because I learn, but I've had her computer a week now, and I should probably just reformat and be done with it. Thanks again.

 

Your welcome


Q