Please register or login. There are 0 registered and 1029 anonymous users currently online. Current bandwidth usage: 326.30 kbit/s September 21 - 04:22pm EDT 
Hardware Analysis
Forums Product Prices

  Latest Topics 

More >>


  You Are Here: 
/ Forums / Windows XP, 2000, 98 /

  Odd Software/Problem 
 Date Written 
David Tran Oct 28, 2014, 03:36am EDT Report Abuse
My friend has a computer which has an odd malware or setting, or something, on it. It's using Windows XP Pro SP3
There is 1 harddrive, split into 3 partitions. The other partitions don't look like they have anything odd, just some photos, videos, music, games, etc.

So the problem:

When I install a program, after reboot, the program is gone
When I uninstall the junk that's on here, after reboot, it's back
When I update the anti-virus, or Windows Updates, etc, after reboot, it's back to the initial out-of-date state
When I try to change settings, like turning on Windows Firewall, after reboot, it's off again

When going into Safe Mode, there's two administrator accounts (Administrator and lEt'sgO!)
lEt'sgO! is the default user that the computer uses when running Windows normally.
I've tried deleting lEt'sgO!, after reboot, it's back, and it's the default user logged on to.

During boot, there are 2 options, Windows XP, and a Norton Ghost thingy - no idea how to use it or how it works (couldn't understand a thing when I tried going into it to see what it was)

I updated Avast and it found 2 items, but that didn't change again.
Spybot Search and Destroy found various things, but nothing changed

I am now going through all the various tools I can find to scan the system (

Will this work? Or is there something else?

I really want to avoid having to reinstall Windows, but if that's the only option, then I guess it must be done.

Any ideas anyone?

Want to enjoy fewer advertisements and more features? Click here to become a Hardware Analysis registered user.
Rhort Oct 28, 2014, 04:36am EDT Report Abuse
>> .
Have you considered trying a System Restore back to either:

1. A point that you know to be before the issues started happening
2. The earliest available point (might take you back to just after the initial installation of XP depending on how you have your settings)

There should be no reason that this would fail to work. If, however, it does, you're probably looking at an XP reinstall :| Personally, I would suggest grabbing a replacement HDD and installing on that, then running some hard core Anti-virus/Anti-Malware/etc on the current drive before accessing anything on it.

~ The manual said "Requires Windows '95 or better" I installed Linux!
David Tran Oct 28, 2014, 04:48am EDT Report Abuse
>> Re: Odd Software/Problem
Hi Rhort,

Thanks for the reply - I also forgot to mention that System Restore is not activated.

I had actually just found further information and was about to add it -

My friend got the technician to, in one sense, lock the computer, because she was worried that her children may install random things by accident and ruin the computer.

Running the anti-malware program, they did find some malware and some registry edits - but even after deleting and fixing these things, every reboot still ends up being the same.

So I guess a fresh re-install (because I don't trust the technician either since locking up the computer like this, you can't even update your computer to keep it safe... let alone the fact that there's a lot of random junk software installed on it) is the only way to go, unless you, or anyone, know of a way to reverse this 'lock' on the computer.

john albrich Nov 01, 2014, 07:22am EDT Report Abuse
>> Re: Odd Software/Problem
Keep in mind that if the suspect HDD is infected with malware, simply connecting it to any other computer could infect that computer as well, and even other computers connected via network to that computer.

The key will be isolation and tight control over the boot process.

You might try using a system on which only a CD/DVD drive and the HDD are connected, and make sure BIOS boots off the optical drive into a reliable anti-malware program/suite. Then scan the suspect HDD.

Or, in lieu of an optical drive, a USB drive could be used as long as you can boot from it. that case the USB drive should be one that has NEVER been connected to a computer in which the suspect drive was previously connected. It's one reason in such situations it can be preferable to boot from a CD/DVD ROM drive (one that can't write to optical media) so one can be absolutely certain the malware hasn't had a chance to infect it's content as well.)

If you don't have 100% complete control over the boot and read/write environment, some malware is sophisticated enough to modify any anti-malware programs so that they won't detect/fix and/or even report the malware.

David Tran Nov 01, 2014, 12:31pm EDT Report Abuse
>> Re: Odd Software/Problem
Hm... Thank you for the information John - I'll look into it, to boot from a CD (though I may need to go the USB route as their DVD isn't working, will double check it)

Is using a malware to do this something normal for technicians to do? To block various uses on the computer so that people can't mess up the computer? Then, if the user wants to update, then they get the technician to do it?



  Topic Tools 
RSS UpdatesRSS Updates

  Related Articles 

A weekly newsletter featuring an editorial and a roundup of the latest articles, news and other interesting topics.

Please enter your email address below and click Subscribe.