Windows Legacy OS forum

General discussion

Trying to fix badly infected PC owned by nuns

by Steven Haninger / January 23, 2009 7:52 PM PST

I've been handed a generic (government decommissioned) PII computer showing 327 megs of RAM on a 6 gig drive running Win 2k at SP4 with file type NTFS to fix. It was found to be badly infected. After a thorough multilevel attack on the pests, we got down to only remnants of 2 back door trojans still showing in services but generating errors in the event log for failure to start. Basically, the PC comes up clean but has some damage. I've done a repair installation using the manual, interactive method, done system file checking, etc. What remains is that no network icons exist in network connections but I can connect through the Ethernet port to the web on my home network. The rig has both a modem (US Robotics) and a Linksys NIC and both show as working properly in device manager. I know the NIC works as it will get an IP address from my router. What I am finding is that several services will not start including Com + Event, Telephony, and Network Connections. I receive a timeout (1053) error upon attempting to start them manually even though I've set them to automatic. I've used google to find references to this error and there seem to be many and have followed the advice of several including re-registering some services. The steps I've taken are too numerous to mention right now. I am using the administrator account as I found it devoid of a password. The two backdoor references found were "soxpeca" and "mabidwe". I found several strangely named user accounts and was able to remove them. The PC shows an AV program running from Computer Associates but I cannot say it's up to date as I've only now been comfortable plugging it into my network. I need to get the network connections problem fixed and then hand it back to the nuns and get them to stay off the gaming sites that they seem to frequent. Happy Any suggestions? Thanks

Discussion is locked
You are posting a reply to: Trying to fix badly infected PC owned by nuns
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Trying to fix badly infected PC owned by nuns
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
(NT) When it's that bad, you start over.
by R. Proffitt Forum moderator / January 23, 2009 10:06 PM PST
Collapse -
Kind of what I was about to do before coming here
by Steven Haninger / January 24, 2009 10:13 AM PST

I've finally been able to get to where documents can be copied and pasted to floppy and it doesn't look like much would be lost. Strangely, it blue screens going to safe mode but will boot to a normal desktop just fine. I've not seen that one. This is, no doubt, a donated PC. I'll have to ask if they have the OS and software disks to rebuild the system but, being old nuns, I think the answer will be "What are those and what would they look like?" Yep, the best thing about volunteer work is the job security.

Collapse -
After you get it reinstalled, to keep it working ....
by PerioCam / January 30, 2009 7:05 PM PST

Install, along with a free antivirus/spyware utility (AVG?), Sandboxie, free (with nags) and paid (without). Set it to sandbox anything that touches the Internet, then to automatically dump the box when that application is closed.

You'll get better (more complete) protection than with the (limited) sandboxing available with Vista.

As long as the box has a sticker showing that there's a proper license from MS for the OS ... and the original disc has really been lost ... you're aware of course that 2000 Professional is the last of the NT's that requires no product activation?

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?