# WTF! Now I got Infected with Virus



## mrintech (Apr 4, 2009)

After giving so much suggestions here to others regarding How to Remove Viruses from PC, now my PC has been infected with Virus: *crypt.xdr.gen*.

Avira Detected the virus and successfully quarantined/deleted it, but just after the Next Reboot, my PC got damn slow. Somehow I manged to get a Dynebolic Linux Live CD and am posting this with it only.

As soon as I connected to the internet and also did some file trasnfer from One Drive to other, using Dynebolic Live CD, Windows XP failed to boot up and gives an error: *Error Loading Operating System* in the Boot Screen.

I got some Bootable XP SP 3 CDs with me, but these CDs are not booting my PC. My PC is not recognizing them, even Windows 98 Bootable CD  . These CDs are absolutely fine with other computers.

My PC is only Booting Linux CDs. Maybe my PC is fedup of Windows and want Linux 

So please anyone help me with the following:

* Any other way to install XP. I think the answer will be Detach your Hard Drive and go to friends home and format it.......

* I have Open SUSE 11.0 with me. Should I install it? But I don't know how to carry on the Linux partition 

*My System Configuration

** P4 - 2.4 GHz
* 512 MB RAM
* 80 GB HDD
* Motherboard - D845GVSR

*Partitions

** C:
* D:
* E:
* F:

The *C: *drive contains all corrupted and infected Windows files and folders. All the other 3 Drives have important data/files. I wanna install Linux on C: (or whatever the drive terminology Linux Uses: /sda/ or /hda/), leaving all other partitions absolutely intact.

Right Now Only I have Open SUSE 11.0 with me.

Help Appreciated


----------



## pimpom (Apr 4, 2009)

I have not investigated that virus and don't have any specific info, but it's possible that it corrupted your BIOS or the HDD's boot sector.

Have you tried clearing the BIOS before trying to boot with an MS boot CD? If that works and you can then boot into DOS with a Win98 boot disk, format your C: drive from DOS and restore the MBR.


----------



## zyberboy (Apr 4, 2009)

xp bootable cd shud boot even if ur pc is infected, chk the boot priority
1. boot frm cd format c: &  install xp
2. Install kav 2009 n do a full system scan

dont open another drives before scanning......


----------



## mrintech (Apr 4, 2009)

pimpom said:


> I have not investigated that virus and don't have any specific info, but it's possible that it corrupted your BIOS or the HDD's boot sector.
> 
> Have you tried clearing the BIOS before trying to boot with an MS boot CD? If that works and you can then boot into DOS with a Win98 boot disk, format your C: drive from DOS and restore the MBR.



How to clear BIOS????



zyberboy said:


> xp bootable cd shud boot even if ur pc is infected, chk the boot priority
> 1. boot frm cd format c: &  install xp
> 2. Install kav 2009 n do a full system scan
> 
> dont open another drives before scanning......


1. ALready Done
2. Not Possible. I can't even see the Boot Screen of XP


----------



## rhitwick (Apr 4, 2009)

Aj raat kuch nahi hoga. 
It happens. Shut it down and try tomorrow morning.

No, my comment doesn't have any logic, but it happens.


----------



## mrintech (Apr 4, 2009)

rhitwick said:


> Aj raat kuch nahi hoga.
> It happens. Shut it down and try tomorrow morning.
> 
> No, my comment doesn't have any logic, but it happens.



Ye 3 Din se chal raha hai guru


----------



## yippee (Apr 4, 2009)

xp may not be booting cause windows boot record is already there,you can install from distros use the install option to format only the c drive...


----------



## mrintech (Apr 4, 2009)

yippee said:


> xp may not be booting cause windows boot record is already there,you can install from distros use the install option to format only the c drive...



I can't see any option. When I insert the Boot CD, my PC PHAILS to recognize the Boot CD, though this Boot CD is absolutely fine with other computers.


----------



## rhitwick (Apr 4, 2009)

In that case, PIMPOM's post might come into sense. Try it.

I would advice to format/Delete ur C drive partition by d Linux Cd and trying to install XP again.

B/W, check ur RAMs once if u can spare some time.


----------



## mrintech (Apr 4, 2009)

rhitwick said:


> In that case, PIMPOM's post might come into sense. Try it.
> 
> I would advice to format/Delete ur C drive partition by d Linux Cd and trying to install XP again.
> 
> B/W, check ur RAMs once if u can spare some time.



I don't know how to carry out the operation that PIMPOM said,,,, 

Also whenever I try to delete Windows XP Partition using Linux Live CD... it says unable to delete: All Files are Read Only. Even I am unable to change the attributes


----------



## zyberboy (Apr 4, 2009)

mrintech said:


> I can't see any option. When I insert the Boot CD, my PC PHAILS to recognize the Boot CD, though this Boot CD is absolutely fine with other computers.


i think ur dvd drive is faulty,to chk that 
unplug hardisk power cord n data cable,n then try to boot frm the cd,it shud boot otherwise its the problem with ur drive or cd


----------



## mrintech (Apr 4, 2009)

zyberboy said:


> i think ur dvd drive is faulty,to chk that
> unplug hardisk power cord n data cable,n then try to boot frm the cd,it shud boot otherwise its the problem with ur drive or cd


No Not at all. Then How come I am running Linux Live CD and posting here


----------



## zyberboy (Apr 4, 2009)

ur Linux Live CD is on a different media(cd), some faulty dvd drives  fail on some cd's  n works perfectly on the other.

unplug hdd power chord n chk if xp cd is booting


----------



## pimpom (Apr 4, 2009)

To clear the BIOS: Turn off your computer AND pull out the power cord, including that of the monitor and anything else connected to your PC. Remove the CMOS battery on the motherboard. Look for a jumper or a small button switch for clearing the BIOS/CMOS. If necessary, locate the jumper (or switch) in your motherboard manual.

If you can't find the jumper or switch and you don't have the printed manual, post the exact model number of your motherboard and one of us can look for the manual online.

After removing the battery, put the jumper in the "Clear" position for about a minute (a few seconds may be enough, but it's better to be sure). If it uses a switch instead of a jumper, press the switch continuously for one minute.

That will remove any settings in the BIOS that was changed by you or by the virus and restore it to factory defaults, including the date and time.

Now insert the battery again and try to boot with your Win98 CD.


----------



## mrintech (Apr 4, 2009)

zyberboy said:


> ur Linux Live CD is on a different media(cd), some faulty dvd drives  fail on some cd's  n works perfectly on the other.
> 
> unplug hdd power chord n chk if xp cd is booting





pimpom said:


> To clear the BIOS: Turn off your computer AND pull out the power cord, including that of the monitor and anything else connected to your PC. Remove the CMOS battery on the motherboard. Look for a jumper or a small button switch for clearing the BIOS/CMOS. If necessary, locate the jumper (or switch) in your motherboard manual.
> 
> If you can't find the jumper or switch and you don't have the printed manual, post the exact model number of your motherboard and one of us can look for the manual online.
> 
> ...



Ok will do so and get back to this thread ASAP

Thanks for replies and help


----------



## Krazy Bluez (Apr 4, 2009)

LOL...One of your answers now applies to you...



> Try out these links and you will definitely opt for the best one:
> 
> * Best Free Anti-Virus: *www.techsupportalert.com/best...s-software.htm
> 
> ...


----------



## pimpom (Apr 4, 2009)

mrintech said:


> Ok will do so and get back to this thread ASAP


This is for when you get back online -

*img218.imageshack.us/img218/4567/d845gvsr.gif


----------



## Faun (Apr 4, 2009)

Yeah! You are infected Download + Scan with the Following Softwares:

* *www.free-av.com/en/download/1...antivirus.html
* *www.superantispyware.com/download.html
* *www.emsisoft.com/en/software/free/

Also make sure that they are updated to latest definition files and go for Full System Scan.

Keep in mind that as soon as you are completed with the download as well as definition update, turn the Internet OFF and than proceed with scan

Else

You can always try Online Scanning. Here's the list of best Online Scanners: *mrintech.com/5-best-online-vi...rs-you-can-use 


Lolerz 

Oh btw just do a complete format after backing up data into another hdd.


----------



## Disc_Junkie (Apr 4, 2009)

Download Noob Killer and do a 8-X Kill. It will clear out all the malware or you can manually find it.

www.freewarefiles.com/*Noob*-*Killer*_program_42299.html

Go here


----------



## Flake (Apr 4, 2009)

Before doing anything else, I would suggest you to check Partition Structure of your Hard disk and contents of all partitions using Linux CD.
Just boot up from Dynebolic CD, open Terminal/Konsole and execute this

```
su -
fdisk -l
df -h
```
Post output here. 

You have to mount partitions of Windows OS manually. Thats very easy. There are lot of tools available in Linux to edit Registry of Windows OS.
Post the output of _fdisk -l_ and _df -h_ commands here.
* Its small L in fdisk *-l*.


----------



## Krazy Bluez (Apr 4, 2009)

Lolz at Disc_Junkie and Ichi....


----------



## pimpom (Apr 4, 2009)

@mrintech: One more thing - after clearing the BIOS, you may get a "Checksum error" message on the POST screen when you first boot up again. This is quite normal. Just press F1 to continue or go into BIOS and set the date and anything else you want to.


----------



## yippee (Apr 4, 2009)

so what happened?


----------



## Ecstasy (Apr 5, 2009)

Why not try running an 'online scan' via Linux?


----------



## Faun (Apr 5, 2009)

Ecstasy said:


> Why not try running an 'online scan' via Linux?


  Apparently online scanner will not work.


----------



## mrintech (Apr 5, 2009)

Well well well me again back with Windows 

Lemme share the story with you all. Actually my computer is 4 years old and at that time i had 1 CD Reader and 1 CD Writer  - The vendor fooled me, not telling me about DVD Combo Drive 

The CD Reader was gone completely as once I tried playing a CD which was slightly cracked  The other CD Writer worked for me for sometime and than it's tray completely stopped ejecting 

I bought a DVD Writer LG and it was fitted where my CD Reader resided. I started using it completely forgetting and neglecting about the CD Writer 8) I was using earlier Windows XP Pro for the past 1 year.

Now the main reason for not booting up of any Bootable CD is that my DVD Drive was not reading any of them. Even after clearing the BIOS as pimpom said. zyberboy was correct.

Somehow I tried to eject the CD Writer (which was under Sanyaas from Past 1 Year) with a Safety PIN and it gets ejected. Now I prayed to GOD and inserted Bootable XP in it and voila! it worked.  I carried out the installation process.

But now still the problem is not solved, some DORKHEAD made this Unattending Windows XP Installation Disk via nLite. This disk was installing lotsa other softwares that were integrated within it. Also it changed my Drive Letter *C:* to *G:* 

Also it just removed everything only from Documents and Settings folder of previous installation and replaced files from Windows and other essential folders and setup new XP for me. 

The main thing is that It didn't formatted anything corrupt / infected present in Drive C: and all the infected/corrupted files are still present. Thanks to AVG I am able to remove these Trojans. But still the previous installed files/folders are present. Thanks to this DORKHEAD 

Well I will get a new Windows XP installation Disk and will format the partition again. Right now have to do some project related work, so will have to live with this Windows for somedays 

One more thing I learned is that Comodo Firewall Sucks. I was using Comodo with Avira. EVerytime Avira updated itself through Manual/Auto Updates, all files were directly shifted to Comodo's suspicious files area and everytime I had to Approve/Purge all the files.

Also, I don't know what happened, but even Avira Stopped updating itself automatically and this was due to comodo. Comodo affected Avira functionalities a lot. How I don't know.

Regarding the virus that infected my PC was created in the Local Settings folder 2 Months Back  This Avira started detecing it when I reinstalled Avira on the same day when I started facing this virus related issues. And this Non-Detection is due to Comodo only, as it messed up Avira Anti-Virus.

Well I will use this Windows XP for somedays and then reinstall it with actual XP Installation CD. Also I am thinking of either Buying KAV or KIS for my PC. 

*So you folks please tell me the price for single user for KAV or KIS.*

BTW Thanks all for reply and help


----------



## sakumar79 (Apr 5, 2009)

You can get KIS 3 user license for around 500-600 bucks...

Arun


----------



## mrintech (Apr 5, 2009)

sakumar79 said:


> You can get KIS 3 user license for around 500-600 bucks...
> 
> Arun


Is there any Single user license????


----------



## rhitwick (Apr 5, 2009)

@Mrintech, congo...then a new DVD Writer is on its way right?? 

And, no, single user license is not there for KIS. ebay and rediff sells them and only 3 user license is present there.


----------



## ico (Apr 5, 2009)

@mr. mrintech

err! You're getting 3 user KIS for Rs.500 whereas other Internet Security Suites retail @ 1000+. Saste mein toh mil raha hai.



ichi said:


> Yeah! You are infected Download + Scan with the Following Softwares:
> 
> * *www.free-av.com/en/download/1...antivirus.html
> * *www.superantispyware.com/download.html
> ...


niaaaaaaaa


----------



## expertno.1 (Apr 5, 2009)

lol its a weird story of a dvd drive .


----------



## pimpom (Apr 5, 2009)

@mrintech: You mean we went through all that because your optical drive could not read your boot discs??!!

It occurred to me once to suggest trying another drive or testing your drive in another computer. But you did not mention any previous problem with your drive and we were already on the subject of clearing the BIOS, so I shelved that suggestion for the time being.

Oh well, at least you've learned how to clear your BIOS.


----------



## gopi_vbboy (Apr 5, 2009)

never browse net or use pen drive in administrative account as u r easily giving away previlages to do actions.
Or While copying files from pendrive,Downloading Torrents,from risky sites use linux.Enjoy them in Xp.


keep a guest a/c for browsing net or copying file from pend drive etc risky actions

when installing or using pc offline work in Admin Account

u don't need KIS/KIV not even any protection soft if u know how to properly block privileges to access files,registry,etc in XP to unwanted prog by running in proper User Groups/Accounts.


----------



## yippee (Apr 5, 2009)

lol...i wonder how your computer was able to boot from linux if it is not able to read the windows disks.......


----------



## mrintech (Apr 5, 2009)

rhitwick said:


> @Mrintech, congo...then a new DVD Writer is on its way right??
> 
> And, no, single user license is not there for KIS. ebay and rediff sells them and only 3 user license is present there.


Nah! the DVD Drive just failed to read Bootable CDs. ELse it's working fine 


ico said:


> @mr. mrintech
> 
> err! You're getting 3 user KIS for Rs.500 whereas other Internet Security Suites retail @ 1000+. Saste mein toh mil raha hai.
> 
> ...


ok gimme the source.....


expertno.1 said:


> lol its a weird story of a dvd drive .





pimpom said:


> @mrintech: You mean we went through all that because your optical drive could not read your boot discs??!!
> 
> It occurred to me once to suggest trying another drive or testing your drive in another computer. But you did not mention any previous problem with your drive and we were already on the subject of clearing the BIOS, so I shelved that suggestion for the time being.
> 
> Oh well, at least you've learned how to clear your BIOS.


 I was not expecting that I had to open the CD Writer that I haven;t used for more than 1 year. Rest I learned how to cleat BIOS and playing with Jumpers 


gopi_vbboy said:


> never browse net or use pen drive in administrative account as u r easily giving away previlages to do actions.
> Or While copying files from pendrive,Downloading Torrents,from risky sites use linux.Enjoy them in Xp.
> 
> 
> ...


Yeah! Surfing Via Admin account costs me a lot of time. Will surf via Guest


yippee said:


> lol...i wonder how your computer was able to boot from linux if it is not able to read the windows disks.......


It happens only in India


----------



## pimpom (Apr 5, 2009)

^ Good point.


----------



## mrintech (Apr 5, 2009)

pimpom said:


> ^ Good point.


  which one????


----------



## ico (Apr 5, 2009)

mrintech said:


> ok gimme the source.....


*shop.ebay.in/items/?_nkw=norton+in...1313&_odkw=mcafee+internet+security&_osacat=0

*shop.ebay.in/items/?_nkw=mcafee+in...86.m270.l1313&_odkw=norton+security&_osacat=0

^^ Both Norton & McAfee Internet Security 3 user license are 2000+.


And Kaspersky Internet Security is better and cheaper than them is as true as niaaaa.

**cgi.ebay.in/Kaspersky-Internet-Sec...3286.c0.m14&_trkparms=66:1|65:1|39:1|240:1318*


----------



## mrintech (Apr 5, 2009)

ico said:


> *shop.ebay.in/items/?_nkw=norton+in...1313&_odkw=mcafee+internet+security&_osacat=0
> 
> *shop.ebay.in/items/?_nkw=mcafee+in...86.m270.l1313&_odkw=norton+security&_osacat=0
> 
> ...


What is *niaaaa* ????


----------



## ico (Apr 5, 2009)

mrintech said:


> What is *niaaaa* ????


niaaaaa

It is the universal truth.


----------



## Ecstasy (Apr 5, 2009)

mrintech said:


> What is *niaaaa* ????


ico is now a days on drugs.. that is why he keeps saying niaaaa all the time..


----------



## ico (Apr 5, 2009)

^^ niaaaaa


----------



## yippee (Apr 5, 2009)

mrintech said:


> What is *niaaaa* ????


*www.urbandictionary.com/define.php?term=Nyaaa!


Ecstasy said:


> ico is now a days on drugs.. that is why he keeps saying niaaaa all the time..


i guess he is too happy that he has completed all his exams


----------



## ico (Apr 5, 2009)

^^ lol, you don't know a sh!t about niaaaa.  

It is seriously the universal truth. If you don't believe, ask others. 

I don't wanna spam further over here.


----------



## yippee (Apr 6, 2009)

maybe i was wrong 

then tell what it means......


----------



## Kl@w-24 (Apr 6, 2009)

mrintech said:


> What is *niaaaa* ????





Ecstasy said:


> ico is now a days on drugs.. that is why he keeps saying niaaaa all the time..





yippee said:


> *www.urbandictionary.com/define.php?term=Nyaaa!
> 
> i guess he is too happy that he has completed all his exams



LOL!!! 

Niaaaa is the universal truth!! 

!~~Peace~~!


----------



## pimpom (Apr 6, 2009)

mrintech said:


> which one????


Oops, sorry. I was commenting on yippee's post (#34). I'd left the thread open for some time and replied without refreshing. I didn't notice that you'd made another post in between.

Yippee wondered how you could boot with a Linux CD but not with Windows CDs. I felt the same way, especially since you said earlier that the Windows CDs work fine in other computers.


----------



## mrintech (Apr 6, 2009)

pimpom said:


> Oops, sorry. I was commenting on yippee's post (#34). I'd left the thread open for some time and replied without refreshing. I didn't notice that you'd made another post in between.
> 
> Yippee wondered how you could boot with a Linux CD but not with Windows CDs. I felt the same way, especially since you said earlier that the Windows CDs work fine in other computers.


Maybe your BIOS clearing trick worked here successfully.... but now only the DVD drive is not booting Windows Bootable DIsks and these disks are fine with other PCs.

Maybe my DVD Drive hates Pirated CDs


----------



## ico (Apr 6, 2009)

mrintech said:
			
		

> * WTF! Now I got Infected with Virus*



err? The computer had got infected with the virus or was it you mrintech?


----------



## yippee (Apr 6, 2009)

ico said:


> [/b]
> err? The computer had got infected with the virus or was it you mrintech?



got infected by Mrintech???


----------



## ico (Apr 6, 2009)

yippee said:


> got infected by Mrintech???


me? nope. I'm just spamming.  I'm not pedal.


----------



## yippee (Apr 6, 2009)




----------



## damngoodman999 (Apr 6, 2009)

OMG , i thought mr.intech got infected by virus !!!


----------



## yippee (Apr 6, 2009)

that's funny


----------



## mrintech (Apr 6, 2009)

ico said:


> [/b]
> err? The computer had got infected with the virus or was it you mrintech?





yippee said:


> got infected by Mrintech???





ico said:


> me? nope. I'm just spamming.  I'm not pedal.





yippee said:


>





damngoodman999 said:


> OMG , i thought mr.intech got infected by virus !!!





yippee said:


> that's funny



*All of you are Below:*

*i43.tinypic.com/2qvcphf.gif

*Enjoy.... *


----------



## ico (Apr 6, 2009)

^^ niaaaa I'm not one of them.

One question though: Does your computer's motherboard D845GVSR has a PCIe or AGP slot?


----------



## mrintech (Apr 6, 2009)

ico said:


> ^^ niaaaa I'm not one of them.
> 
> One question though: Does your motherboard D845GVSR has a PCIe or AGP slot?


Nai maaaalum....  I am noob in Hardware thingy


----------



## pimpom (Apr 7, 2009)

A lot of members are wondering if mrintech himself is infected with a virus. Maybe we should quarantine him until we can be sure he won't infect the rest of us


----------



## yippee (Apr 7, 2009)

but who will post us the pictures of hot girls


----------



## pimpom (Apr 7, 2009)

Why just pics? I'll _bring_ the girls if you like.


----------



## yippee (Apr 7, 2009)

pimpom said:


> Why just pics? I'll _bring_ the girls if you like.


lol...that will be fun


----------

