Page 1 of 3 123 LastLast
Results 1 to 15 of 31
  1. #1
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    London
    Posts
    703
    Thanks
    256
    Thanked 4 Times in 4 Posts

    HELP! How to access an infected PC

    My wifeís Vista desktop is opening with the BSOD and the following message.

    Check that any newly installed hardware of software is properly installed.
    Disable any newly installed hardware of software.
    Disable BIOS memory option such as caching or shadowing.
    If safe mode needed, restart PC and press F8 to select Advanced Setup Options and select Safe Mode.
    Technical Info
    STOP 0x000000050(0xE2D149BO, 0x 00000001, 0x8116F69, 0x 00000002

    We have not installed any software or hardware recently, but yesterday my wife called me when she received an email allegedly from DHL stating they had tried to deliver a parcel on 24/10/13 and no one was at home. It would be returned to sender unless she contact them within 72 hours. There was an attachment with a .ZIP suffix which Windows mail had blocked and I told her not to open it. When I phoned DHL there was a message saying donít open any attachments from them. After typing the details from the BSOD we had lunch, when I learned that there had been a second email amending the date to 24/11/13. And it was that one blocked by Win Mail, and she had already opened the attachment on the other.

    So clearly the PC is infected, even though it was OK for the remainder of yesterday, but how to clean it when nothing can be accessed? F8 just returns me to the BSOD, F2 is the boot sequence and F12 Setup did allow a drive check, which was OK. These were before I learned what had really happened. Even reformatting the hard drive seems to be out of the question at the moment. HELP

  2. #2
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,794
    Thanks
    117
    Thanked 799 Times in 720 Posts
    Are you sure you're hitting F8 soon enough? It should get you to a menu of boot options where you can select safe mode with networking. You have to hit F8 after the initial BIOS screen and before windows starts to boot. It can be very trickery. Try toggling F8 as soon as you see the initial vendor display.

    If you manage to get into safe mode with networking, open your browser and download Malwarebytes from Malwarebytes.org. Run the downloaded file and do a full scan after the signatures update.

    Jerry

  3. #3
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Sorry about that, George.

    You really need to tell your wife never to open attachments of any kind. You probably also need to think about your active protection on the PCs she can have access to...

    Anyway, to solve your problem, I suggest that you use something that can boot and check the computer, something like:

    http://www.avg.com/eu-en/avg-rescue-cd
    http://www.sophos.com/en-us/support/...ase/52011.aspx
    http://www.askvg.com/download-free-b...re-and-others/

    Just pick one, follow the instructions to create a bootable CD and then boot from it.
    Rui
    -------
    R4

  4. The Following User Says Thank You to ruirib For This Useful Post:

    georgelee (2013-11-27)

  5. #4
    WS Lounge VIP mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    3,402
    Thanks
    447
    Thanked 404 Times in 376 Posts
    If none of the above works, you could try Windows Defender Offline:

    http://windows.microsoft.com/en-US/w...fender-offline

    From another computer, go to the website and create a CD, choosing either 32-bit or 64-bit (depending on which version of Vista is installed).

    Now boot the infected computer with the CD you just created.

    Your computer will be scanned and cleaned. It will probably take a long time for the process to complete.

  6. #5
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    London
    Posts
    703
    Thanks
    256
    Thanked 4 Times in 4 Posts
    Thanks Jerry. I now have my finger on F8 in advance and click continuously from the moment start is pressed. No change.

    Perhaps I should clarify my mixed up description. The initial screen is black and reads ‘Windows Error Recovery. Windows failed to start. A recent H/W or S/W change might be the cause.’ It then offers a choice, Start Windows Normally (which brings one back to the same screen) or Launch Start-up Repair.

    Selecting the latter (the default) is followed by a pause whilst it checks the system, then the blue screen with ‘A problem has been detected. Windows has been shut down to prevents damage to the PC.
    PAGE_FAULT_IN_NONPAGED_AREA, followed by the text in the initial post.

    I have no idea whether this Page Fault makes any difference, but we seem to be at a dead end.

    George
    Last edited by georgelee; 2013-11-27 at 13:00. Reason: emphasis

  7. #6
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Do you have a Windows Vista disc? If so, following the procedure here may help: http://pcsupport.about.com/od/toolso...tup-repair.htm

    If it doesn't solve it, resorting to the Advanced options (link at step 4) may be an option, allowing you to try a System Restore, for example.

    Alternatively, do you have a Vista system repair disc, or can you create one?
    Rui
    -------
    R4

  8. #7
    WS Lounge VIP Browni's Avatar
    Join Date
    Dec 2009
    Location
    Rochdale, UK
    Posts
    1,651
    Thanks
    38
    Thanked 161 Times in 139 Posts
    The stop code you mention may also indicate faulty hardware.

    If you feel comfortable working within the PC try reseating the graphics card and the memory modules. You may also try using only one of the installed memory modules if that is an option.

  9. #8
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    London
    Posts
    703
    Thanks
    256
    Thanked 4 Times in 4 Posts
    Rui. She’s always complaining that I’ve locked down everything on her PC, so it doesn’t have much effect.

    It’s a shame you posted whilst I was copying two pages of text from the Vista machine - if I had delayed it would have saved the effort.

    Thanks for the links, although there is something strange about them. I started with AVG, and eventually found a download at the end of all the AVG Pro links. It downloaded OK, but the laptop refused to accept C\George\Downloads>SVAM 10 (or whatever it was) as a valid file, and it was impossible to remove the >. Moving on to the others was even less successful, there were no instructions and each time I was asked what to open the download with –having no ide I sometimes chose FF and sometimes Imgburn.

    I left the PC for the best part of an hour, and on my return an Imgburn popup requested a disk to be inserted for the AVG. No idea if it is working properly, it only took about 10 minutes to burn and has been in the Vista desktop for about 90 minutes now, still with the blue screen and the same message. But I can hear something whirring inside whether the hard drive or the DVD. Think I’ll leave it overnight, then try the Vista disk tomorrow. I also see that Chrome has downloaded the Bitdefender rescue disk three times.

    This is really annoying, as it’s preventing me from completing the installation of my new PC.

  10. #9
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    London
    Posts
    703
    Thanks
    256
    Thanked 4 Times in 4 Posts
    Quote Originally Posted by Browni View Post
    The stop code you mention may also indicate faulty hardware.

    If you feel comfortable working within the PC try reseating the graphics card and the memory modules. You may also try using only one of the installed memory modules if that is an option.
    Opening an attachment despite the warning suggests a probable infection, but if all else fails will give it a go. Sorry, I don't understand your last sentence, beinglly technically illiterate.

  11. #10
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,490
    Thanks
    284
    Thanked 577 Times in 480 Posts
    STOP 0x00000050: PAGE_FAULT_IN_NONPAGED_AREA
    Usual causes: Defective hardware (particularly memory - but not just RAM), Faulty system service, Antivirus, Device driver, NTFS corruption, BIOS
    So it could be that the AV software is crashing the machine at boot, due to an inability to write to disk at that point.

  12. #11
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Quote Originally Posted by georgelee View Post
    Rui. She’s always complaining that I’ve locked down everything on her PC, so it doesn’t have much effect.

    It’s a shame you posted whilst I was copying two pages of text from the Vista machine - if I had delayed it would have saved the effort.
    Sorry about that .
    Actually, the consequences of clicking such attachments or links can even be worse - if she gets a silent infection and then you get resident malware, with passwords captured, etc., it can get serious. Have you considered the option of having her account as a standard account, thus minimizing, in most cases, the negative effects of a malware infection?
    Thanks for the links, although there is something strange about them. I started with AVG, and eventually found a download at the end of all the AVG Pro links. It downloaded OK, but the laptop refused to accept C\George\Downloads>SVAM 10 (or whatever it was) as a valid file, and it was impossible to remove the >. Moving on to the others was even less successful, there were no instructions and each time I was asked what to open the download with –having no ide I sometimes chose FF and sometimes Imgburn.

    I left the PC for the best part of an hour, and on my return an Imgburn popup requested a disk to be inserted for the AVG. No idea if it is working properly, it only took about 10 minutes to burn and has been in the Vista desktop for about 90 minutes now, still with the blue screen and the same message. But I can hear something whirring inside whether the hard drive or the DVD. Think I’ll leave it overnight, then try the Vista disk tomorrow. I also see that Chrome has downloaded the Bitdefender rescue disk three times.
    You mean the PC has blue screened again, after you booted from the AVG boot disc?
    This is really annoying, as it’s preventing me from completing the installation of my new PC.
    I understand the feeling .
    Rui
    -------
    R4

  13. #12
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Quote Originally Posted by satrow View Post
    So it could be that the AV software is crashing the machine at boot, due to an inability to write to disk at that point.
    Considering the events immediately before this situation, I would say that's likely what is happening.
    Rui
    -------
    R4

  14. #13
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    London
    Posts
    703
    Thanks
    256
    Thanked 4 Times in 4 Posts
    Quote Originally Posted by satrow View Post
    So it could be that the AV software is crashing the machine at boot, due to an inability to write to disk at that point.
    Quite a list!

  15. #14
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    London
    Posts
    703
    Thanks
    256
    Thanked 4 Times in 4 Posts
    Quote Originally Posted by ruirib View Post
    Sorry about that .
    Have you considered the option of having her account as a standard account, thus minimizing, in most cases, the negative effects of a malware infection? .
    Good idea, thanks.

  16. #15
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    George,

    Do you have a recent Image of her PC? If so, just restore to an Image prior to the infection. This will get you back to a clean installation. You can then set up a Standard User account for her.

    I have had similar problems with my 83 year old mother, but have finally gotten her to NOT click on ANY unexpected pop up or link or attachment. It has gotten so good that the other day I sent her a link to my Skydrive account with some pictures and she actually called me to ask if it was OK to open the link. After assuring her this was OK, I high fived my wife!

    You will have to do the same with your wife. To make your life easier, you have to be firm with her.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •