Right, there are plenty of points during this post where you will probably say "What a prat!". I know I haven't been then most sensible person in the world, but right now I need some help and advice. I've done plenty of berating of myself - believe me!

For internet security, I've been running Norton Internet Security (Firewall and Anti Virus). The definitions ran out a few months ago, but due to being unemployed I couldn't afford to replace them.

I joined the PES4 online forums league and suffered from lag. I downloaded adaware, and it found 112 criticals. It deleted them and it cured my lag (although a few of the criticals kept coming back after every reboot).

I read on the forums about AVG being a good free anti virus solution, and as my Norton was out of date, I removed it and installed AVG.

Within 24 hours of doing this, it flashed up a trojan. It did this on every boot up and the screen wouldn't go away. I tried every action possible on said virus but it wouldn't go away.

So I downloaded Avast, and ran a system scan on boot up. This highlighted virus after virus on every restore point on my system. I have no idea why nothing has highlighted this before.....

I went through them all deleting them, but the last three or four (out of 38 in total) wouldn't delete...... :(

So, being a new machine (HP, just over a year old) I didn't get a damn windows CD with it, so couldn't do a clean install like I would normally do.

So I decided to use the built in system restore feature.

On first booting up, after using this, my browser automatically loaded up pointing to a sex site. It had never done this before!

I loaded the Microsoft anti spyware software and it found 20 high risk spyware, adware, and trojans. I deleted them.

I loaded Avast and scanned. It detected a virus deep in the system. It wouldn't delete it......

To cut a long story short, my computer is now dead. (I am typing this from my laptop!).

Every time I try and boot up, it starts getting attacked from every side (Avast detects viruses, deletes them, and then they come back straight away). My browser opens up, points to a sex site, then the whole system crashes. This takes about five minutes!

And this is after a supposed factory restore!!!!

Now, the question is, I am assuming that there is no way to actually remove this stuff from the system.

I am presuming that a format of our friend the C drive, and a clean install of windows is the only way!!!!

The thing is I can't afford to buy an operating system being unemployed! :(

My PC didn't come with an OS CD, and there is no OS code on the machine. Has anyone got any suggestions on what I could do to get rid of this stuff?

Try booting up in safe mode and then switch off system restore and reboot to clear the files and then reset system restore again. I think you should be able to do this within safe mode.

Also whilst there, run all your 'cleaning' programs - like Avast! Microsoft antispyware etc. and see where that gets you.

If problems keep recurring after a reboot, then things are more deeply rooted in the registry and probably the next course of action would to be download Hijackthis, run the software and post the log in the Hijackthis forum. A google should sort you out as to where you can get this.

HTH

Good advice, thank you!

I am off to bed now, but will try this in the morning. Didn't think of trying safe mode!

Any elaboration on exactly what hijack this is?

Thanks again!

Hijack this: http://www.spywareinfo.com/~merijn/downloads.html
CWShredder: http://www.intermute.com/spysubtract/cwshredder_download.html
Trojan Remover: http://www.simplysup.com/tremover/download.html
McAffee Stinger: http://vil.nai.com/vil/stinger/

Run that lot as well as adaware, spybot and Microsoft antispyware, that should sort it

Andrew

So I decided to use the built in system restore feature.

The built in windows xp restore feature?

It's a while since I've worked on a HP machine, but I seem to remember even when they stopped providing a Windows CD with their machines there was still a way to restore it completely to factory settings. This would cure your problem but would wipe everything off the PC.

If my memory recalls they simply set up the machines with a restore partition on the HD. It was then a matter of holding down a key after you turned it on to initiate the restore procedure (it's in the manual somewhere), F10 I think.

If you've already tried this and a full restore is not available then apologies for wasting your time!

Edit: hmmm, you do indeed mention a "factory restore", so it tends to imply that you've found this feature. I really should read posts fully! If you've really done a full "destructive" factory restore I'd be baffled if you had the problem immediately afterwards.

Make sure when you run the anti virus software or adaware, spybot software, you physically disconnect the pc from a network, router, cable modem or ADSL modem. This will stop the virus connecting to host and replicating itself.....

Well, I did indeed use the HP factory restore, which is why I was amazed the viruses were still there.

I spent a fun four hours (!) this morning running everything in safe mode. I am still being attacked (:(), but the computer is at least slightly stable enabling me to post!

Will run that trojan remover next!

Thanks for your help everyone - if you have any other suggestions would love to hear them.

My friends pc had similar problems. I used something called ewido http://www.ewido.net/en/ which worked very well.

Had some problems with an IBM Thinkpad with no CDs and a restore partition - turned out to be a hard drive death BUT when I raised a ticket with their support desk they sent out 5 CD recovery discs. As the system is under warranty they were free.
I hate to tell anyone to contact tech support but that would be my next port of call...

Ran that trojan remover (not in safe mode, admittedly), but it didn't work!

don't you have the licence key stuck onto the back/side of the pc... If so, you can get a copy of windows and use that licence with it.

That should be allowed. You should have a sticker with a small hologram on the side or top of your case. You can borrow an XP CD off a mate for example as long as you use your legal serial number. The sticker shows you have bought and paid for a license - just make sure its not an OEM license if you plan to install the retail version. Dont think there are any differences between the two of course, but the licensing is different.

D

We've got an HP pc here. I've used the system restore option once using a DVD I created using the software provided with the CD. It allows the pc to be put back to factory defaults.

We had various pieces of spyware which we could not get rid of no matter what. So we used this instead.

Once restored I installed SP2, AV and Ms Antispyware. Connected to web and updated these two (behind a hardware firewall in router) and did the windows updates.

Not any issues since.

The version of XP with this PC was OEM, this is the norm and is probably the same for you. So you'll need an OEM version.

Not sure if any of this helps.

Brendan, are you saying that if I run a system restore from a made up CD, it would be better than the one from the partition? 'cause the Partition is worse than useless! :(

I do have a Windows XP code on the side of my PC, but it is for Home edition and the only copy I can get hold of (through a mate) is Pro edition! :(

It really does bug me that you pay for an operating system, but you don't get one! :(

Will try trawling the local independents tomorrow, and also try ringing XP.

Nope, sorry didnt mean to confuse you m8ty.

What I am saying is that the D: partition is used to wipe C:, re-create partition, format and re-install Windows XP.

So its a completely clean install. So how you can have virus' is very odd.

Have you scanned both C: and D: for virus/spyware. The homepage issue on IE would point to spyware/adware being on the system somewhere.

But it just doesn't seem to ddo a complete wipe, reinstall!

Theres lots of stuff still there after the supposed clean install! For example, one of the viruses is in a jpg that was downloaded by another user on their account! They're account is not visible any more, but the scanner still picks up the virus in the .jpg.

It really is VERY strange!

did the computer not come with a restore cd?

On the HP machines i've worked on in the past there have been 2 re-install options.

1. A NON-destructive re-install which will reload XP but leave all your programs and files intact

2. Destructive re-install that basically formats your drive and puts a completly fresh copy of XP on your sytem.

It sounds as though its running the non-destructive re-install which is leaving all your user files and programs on your system and the virus/trojan is lurking in these somewhere.

Try the re-install feature again and check for the destructive re-install - this should clear your problems but you will lose all your files.

Let us know what you find.

did the computer not come with a restore cd?

Most of the off the shelf PCs no longer come with Windows XP CDs.

:(

Most of the off the shelf PCs no longer come with Windows XP CDs.

:(

thats not what i meant. a restore cd is usually a bootable cd that enables the hidden resotre partition. normally HP are quite good at this sort of thing, including a gui to help setup the system.

Right, problem is now solved and everything is fine! :clap:

Just thought I'd report back my experiences with the HP helpdesk yesterday, for information purposes.

Apparently, the restore program provided on their PC's is NOT a destructive restore, is is non-destructive!

It can also only be used once. Once you have used it once, it deletes itself and you have to buy the restore CD's from HP. They are only free for 90 days after buying a PC. So, if anyone buys a PC from HP, it might be wise to invent a problem early on and get the free CD's............

I have generally been disgusted with HP over this whole thing.

I am also extremely unhappy that no windows CD is provided with the machine, but this is common with most manufacturers these days! :(

I would never do this myself, but it is no wonder that people get pirated operating systems, if they have already paid for them, but are not provided with the CD! :mad:

Oh, and most importantly of all - Thank you for all your help! It has been much appreciated! :notworthy

Glad to hear that you got your problem sorted. :)

I don't think HP gave you the correct information though!

The restore partition on the system can be used as many times as you like, the only times it would become a problem is if the restore partition had a virus or problem.

There is an option on the system to burn your own set of restore discs for use when you have a problem with the restore partition or prefer to perform the restore from CD. You are only allowed to burn ONE set of these discs, after you have burnt your set of discs this feature is disabled.

It is well worth creating this set of discs as soon as you can, as it's to late when you have a problem and can't use the restore partition or get into windows...

Here's a link to the HP site which probably explains it better than me..
http://h10025.www1.hp.com/ewfrf/wc/document?dlc=en&lc=en&product=315247&lang=en&cc=uk&docname=bph08097

It does need up to 10 blank CDs to make full set of discs!! so make sure you have enough blanks before you start.

Hope this is of help to anyone with a HP system and no recovery discs

That will certainly be a help, and something I wish I'd known, although I have to say that I would always prefer to have full control over the restore process using a clean install of windows, rather than a manufacturer provided restore solution.

And I still dn't see why they can't provide a Windows disk!

The situation with the restore point was as follows.

There used to be a shortcut in the Programmes to HP tools. This included an option to run the install utility or to burn start up discs.

Once I'd run the utility from the partition, the HP tools option disappeared. When I queried them, they said once used once it had to be bought.

I am only repeating what they said.

Not providing a 'proper' operating system disc is a real pain. I think they do this for 2 reasons, firstly it's cost - it's a lot easier and cheaper for them to copy restore partitions on all their machines rather than provide a set of discs, and also I think a lot of the manufacturers have been under pressure from MS not to provide OEM discs in an effort to curb piracy (that statement provides an issue that could be argued for ages!!!)...

This gives the end user major problems if their hard drive fails as their restore option is on the failed hard drive!!! Can imagine many angry phone calls to helplines in the future when hard drives need replacing!

Glad your all sorted now. :)

I've sent you an email as well......

Unfortunately, I now have another problem! :(

I cannot now install SP2 (don't know how essential it is), or Messenger (absolutely essential!)

For security/virus provention, service pack 2 is quite important. Allthough you should be able to intall the security updates without it

Why can't you install SP2? It is very important....

J

I probably can't really explain for full on here. Suffice to say, although I have a legitimate code for Windows, I wasn't provided with the CD.

Have you lost the code?

No......

If you have a legal code, you can still download service pack 2

Is it not letting you install them when downloaded, or not download them at all?

Is it giving you any error messages at all?

If its just a download problem, I have an SP2 disk I could copy for you if you wanted (its just SP2 and some hotfixes)

Andrew

ermmm, not sure how much i can say, except there is a slight difference between the version of windows I managed to source, and the one my code is for, if you get my drift........

With SP2, it is a code problem - with messenger it just downloads it, and then nothing happens. The only way to download it as a program file is with SP2.

I know what you mean, but obviously cant talk about it on here. Suffice to say there are ways but you shouldnt have to do that if hp had given you the proper discs to start with.

D

You seriously need to install SP2, or at the very least turn the firewall on (not done by default). If you don't do this you'll be in as much as a mess as you were before fairly quickly...

......

ermmm, not sure how much i can say, except there is a slight difference between the version of windows I managed to source, and the one my code is for, if you get my drift........

With SP2, it is a code problem - with messenger it just downloads it, and then nothing happens. The only way to download it as a program file is with SP2.

So does SP2 give you an error message saying that your CD key is invalid, or do you get an error message saying something else?

If this is some small consolation to you, this thread has just solved the problem of why I haven't found the XP disc for my old Packard Bell PC I'm setting up for my dad. Code's on the side of the box and I totally forgot I never got a CD with it. Cheers. Shame I didn't read this a week ago though

The last Dell PC I got came with all the restore CD's, including Windows. (Ok, Dell are not off-the-shelf PCs).

Surprising the other makes dont come with the CD's, its not as if a CD costs much.

edit.

Right, problem is now solved and everything is fine! :clap:

Just thought I'd report back my experiences with the HP helpdesk yesterday, for information purposes.

Apparently, the restore program provided on their PC's is NOT a destructive restore, is is non-destructive!

It can also only be used once. Once you have used it once, it deletes itself and you have to buy the restore CD's from HP. They are only free for 90 days after buying a PC. So, if anyone buys a PC from HP, it might be wise to invent a problem early on and get the free CD's............

I have generally been disgusted with HP over this whole thing.

I am also extremely unhappy that no windows CD is provided with the machine, but this is common with most manufacturers these days! :(

I would never do this myself, but it is no wonder that people get pirated operating systems, if they have already paid for them, but are not provided with the CD! :mad:

Oh, and most importantly of all - Thank you for all your help! It has been much appreciated! :notworthy



What id advise anyone who bought a p.c off dell or who ever is to get a hold of a program called everst http://www.lavalys.hu/index.php
This little program gives u a full report of hardware and software on ur system

Then all u do is hunt the drivers down from whatever website for motherboard graphics etc.........So that if u need to do a Full Format....ur sorted!!

Right, problem is now solved and everything is fine! :clap:

Just thought I'd report back my experiences with the HP helpdesk yesterday, for information purposes.

Apparently, the restore program provided on their PC's is NOT a destructive restore, is is non-destructive!

It can also only be used once. Once you have used it once, it deletes itself and you have to buy the restore CD's from HP. They are only free for 90 days after buying a PC. So, if anyone buys a PC from HP, it might be wise to invent a problem early on and get the free CD's............

I have generally been disgusted with HP over this whole thing.

I am also extremely unhappy that no windows CD is provided with the machine, but this is common with most manufacturers these days! :(

I would never do this myself, but it is no wonder that people get pirated operating systems, if they have already paid for them, but are not provided with the CD! :mad:

Oh, and most importantly of all - Thank you for all your help! It has been much appreciated! :notworthy



What id advise anyone who bought a p.c off dell or who ever is to get a hold of a program called everest its free as well http://www.lavalys.hu/index.php

This little program gives u a full report of hardware and software on ur system

Then all u do is hunt the drivers down from whatever website for motherboard graphics etc.........So that if u need to do a Full Format....ur sorted!!

sorry for posting twice there!! though i had posted it once!

Too many beers !