Resurrecting a PC - maybe
Posted: 26 Apr 2011, 23:59
Over the Weekend my sister-in-law asked if I could take a look at her PC "because it was running slow..."
Well, after taking 20 minutes to download Malwarebyte it found 37 nasties in safe mode including a couple of references to back door trojans and something nasty with the word Bank in it. Once those had been zapped, I ran it again and everything was showing clear - so I ran ccleaner which cleared some registry references to back doors and then spybot. That was when the fun started. The machine crashed, started CHKDSK and stopped after declaring USN Journal verification completed. It won't now start in safe mode - stopping after loading various .sys files. Dell utility tests work through memory OK, but fail on read and seek tests, timing out waiting for IQ info.
Luckily for me the sister-in-law was keen to buy herself a new laptop for email/basic word processing stuff, so we popped into Tesco yesterday and got her a Dell with 4GB of memory for £330 and a new wireless printer. Only today did I realise that it must have 64 bit W7 on it (my last purchase was in the Vista/W7 interlude), so the copy of Office 2000 that I loaded for her may not work on this beast. I may be able to persuade her to use Open Office instead though.
Is it likely that the old PC has a rootkit infection, and if so is it best to try either a repair of the XP install, or battering away at it using summat like UBCD and rootkit progs like TDSSkiller or Norton Power Eraser? The only reason for not just giving it the Old Yeller treatment is that no backups have been done for four years, and I was keener to get into the bugs that were making the machine terminally slow than suggesting a backup before we started
So now I would like to retrieve any docs and the email address book from it before skipping the remains.
Well, after taking 20 minutes to download Malwarebyte it found 37 nasties in safe mode including a couple of references to back door trojans and something nasty with the word Bank in it. Once those had been zapped, I ran it again and everything was showing clear - so I ran ccleaner which cleared some registry references to back doors and then spybot. That was when the fun started. The machine crashed, started CHKDSK and stopped after declaring USN Journal verification completed. It won't now start in safe mode - stopping after loading various .sys files. Dell utility tests work through memory OK, but fail on read and seek tests, timing out waiting for IQ info.
Luckily for me the sister-in-law was keen to buy herself a new laptop for email/basic word processing stuff, so we popped into Tesco yesterday and got her a Dell with 4GB of memory for £330 and a new wireless printer. Only today did I realise that it must have 64 bit W7 on it (my last purchase was in the Vista/W7 interlude), so the copy of Office 2000 that I loaded for her may not work on this beast. I may be able to persuade her to use Open Office instead though.
Is it likely that the old PC has a rootkit infection, and if so is it best to try either a repair of the XP install, or battering away at it using summat like UBCD and rootkit progs like TDSSkiller or Norton Power Eraser? The only reason for not just giving it the Old Yeller treatment is that no backups have been done for four years, and I was keener to get into the bugs that were making the machine terminally slow than suggesting a backup before we started
So now I would like to retrieve any docs and the email address book from it before skipping the remains.