hi, unfornately there's another malware problem with my computer. this time a relative of mine did something to it. they clicked on a website link and avira detected malwares. im currently with scanning malwarebytes and so far found 3 malwares. during the scans, through earphones i can hear mouse clicking opening windows in the background, ads playing in the background and internet explorer opening random sites. please help.


here's my DDS Log report

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by philip at 18:48:04.43 on Tue 07/26/2011
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.894.128 [GMT 1:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\rundll32.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\Hzowya.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\TEMP\Hwl.exe
C:\DOCUME~1\PHILIP~1.PHI\LOCALS~1\Temp\Hwm.exe
C:\Documents and Settings\philip.PHILIP-5D444590\My Documents\Downloads\dds.com
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
mURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [XMZH42I4GI] c:\windows\Hzowya.exe
uRun: [8DDYX0ZBPZ] c:\docume~1\philip~1.phi\locals~1\temp\Hwm.exe
uRun: [Cpiredid] rundll32.exe "c:\windows\lneclinp.dll",Startup
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Xtirudocay] rundll32.exe "c:\windows\ekutuzuh.dll",Startup
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\documents and settings\all users\desktop\INETREPL.DLL
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\documents and settings\all users\desktop\INETREPL.DLL
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1280921982390
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - c:\documents and settings\all users\desktop\AATP.DLL
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
WinCE Filter: image/bmp - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\documents and settings\all users\desktop\CENETFLT.DLL
WinCE Filter: image/gif - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\documents and settings\all users\desktop\CENETFLT.DLL
WinCE Filter: image/jpeg - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\documents and settings\all users\desktop\CENETFLT.DLL
WinCE Filter: image/xbm - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\documents and settings\all users\desktop\CENETFLT.DLL
WinCE Filter: text/asp - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - c:\documents and settings\all users\desktop\CENETFLT.DLL
WinCE Filter: text/html - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - c:\documents and settings\all users\desktop\CENETFLT.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\philip~1.phi\applic~1\mozilla\firefox\profiles\qtmy4q9x.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://yeppo.net
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - component: c:\documents and settings\philip.philip-5d444590\application data\idm\idmmzcc3\components\idmmzcc.dll
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Mega Manager Integration: {40a1f5d7-afc2-498f-b264-02668d616ff6} - %profile%\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6}
FF - Ext: Veehd Plugin: {3DB5ABE1-407D-458F-AD5D-8D89BD625CCC} - %profile%\extensions\{3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: XULRunner: {440EC676-89B1-4059-9BFD-CEA1AD987EE4} - c:\documents and settings\philip.philip-5d444590\local settings\application data\{440EC676-89B1-4059-9BFD-CEA1AD987EE4}
FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - c:\documents and settings\philip.philip-5d444590\application data\idm\idmmzcc3
.
============= SERVICES / DRIVERS ===============
.
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2011-6-22 53816]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-10-31 11608]
R1 RapportCerberus_26762;RapportCerberus_26762;c:\documents and settings\all users.windows\application data\trusteer\rapport\store\exts\rapportcerberus\26762\RapportCerberus_26762.sys [2011-6-13 57144]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2011-6-22 66360]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2011-6-22 158904]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-10-31 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-10-31 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-7-26 66616]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-7-26 54760]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2010-6-10 88176]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2011-6-22 870200]
R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-7-26 41272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
.
=============== Created Last 30 ================
.
2011-07-26 16:19:26 0 ----a-w- c:\windows\Nwayecoxewugon.bin
2011-07-26 16:19:24 -------- d-----w- c:\docume~1\philip~1.phi\locals~1\applic~1\{440EC676-89B1-4059-9BFD-CEA1AD987EE4}
2011-07-26 16:17:41 266752 ----a-w- c:\windows\Hzowya.exe
2011-07-26 16:17:23 64000 --sha-r- c:\windows\system32\rshx32G.dll
2011-07-15 22:17:52 -------- d-----w- c:\program files\CCleaner
2011-07-14 09:04:29 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-07-14 09:03:58 852480 -c----w- c:\windows\system32\dllcache\vgx.dll
.
==================== Find3M ====================
.
2011-07-26 16:47:33 2048 ----a-w- c:\windows\lneclinp.dll
2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-19 06:34:55 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25:27 151552 ----a-w- c:\windows\system32\schannel.dll
.
============= FINISH: 18:50:45.34 ===============

Well the good news is it dosnt look like you have a rootkit this time. You know the drill with combofix: Read through the guide and download it to your machine. Post the log in your reply;

Guide to using Combofix (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)

something weird is going on. before i ran combofix, malwarebytes finished scanning and found a total of 16 infected objects, but was only able to remove 3 of them, while the rest of 13 of them remained quarantined. which required a reboot in order to remove the 3 infected objects. after the reboot, i turned off my firewall, deactivated avira and diasbled teatimer in spybot, but strangely there werent any pop up messages saying they had been disabled. so then i went ahead with combofix and it detected that avira hasnt been deactivated, when i actually did. this has never happened with me before. do you know why this is happening? i also have the malwarebytes log that i saved if you need to see it.

Go ahead and post the malwarebytes log. You can also try running Combofix in safe mode. To reach safe mode you would tap the f8 key during a computer restart, chose the first option on the list: safe mode. log in to your usual account and once at the safe mode desktop run combofix.

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7283

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

7/26/2011 10:51:51 PM
mbam-log-2011-07-26 (22-51-51).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 316900
Time elapsed: 4 hour(s), 58 minute(s), 46 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 4
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7

Memory Processes Infected:
c:\WINDOWS\Hzowya.exe (Trojan.FakeAlert.SA) -> 1440 -> Unloaded process successfully.

Memory Modules Infected:
c:\WINDOWS\ekutuzuh.dll (IPH.Trojan.Hiloti.B) -> Delete on reboot.

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\8DDYX0ZBPZ (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XMZH42I4GI (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Xtirudocay (IPH.Trojan.Hiloti.B) -> Value: Xtirudocay -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\XMZH42I4GI (Trojan.FakeAlert.SA) -> Value: XMZH42I4GI -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\8DDYX0ZBPZ (Trojan.FakeAlert.SA) -> Value: 8DDYX0ZBPZ -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\ekutuzuh.dll (IPH.Trojan.Hiloti.B) -> Delete on reboot.
c:\documents and settings\philip.philip-5d444590\local settings\temp\arwcmneosx.tmp (Trojan.LVBP) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\WINDOWS\Hzowya.exe (Trojan.FakeAlert.SA) -> Delete on reboot.
c:\documents and settings\philip.philip-5d444590\local settings\temp\Hwm.exe (Trojan.FakeAlert.SA) -> Delete on reboot.

there's another problem with the computer start up. i restarted the computer, pressed the F8 button a couple of times, but it didnt work and did not go in to safe mode. so now when i start up the computer it says 'verifying DMI pool data and 'boot from CD. along with a bunch of text, in a different language.
so i put in my XP CD and when its loading the files and windows is setting up, there's the recovery option and the set up option. i press enter key to continue the set up, but it isnt able to do so, as it says it cant read the CD. so now whenever i start up the computer, i cannot get in to the main windows.

i've found some possible causes from this site.

but i dont know which is the cause. is it a good idea i try to follow these instructions? im typing this from a temporary computer in a office.


Computer stops at verifying dmi pool data.
Issue
Computer stops at verifying dmi pool data.

Cause
This issue can be caused by any of the below reasons.

Corrupt boot files on the computer.
Settings for hard disk drive are not correct.
Floppy diskette or CD in computer causing issue.
Boot devices not set properly.
BIOS corrupt or misc. setting not set properly.
Connections loose or disconnected.
Bad Hard disk drive or other bad hardware.
Solution
Corrupt boot files on the computer

If the computer has no bootable files on the drive it is attempting to boot from it is possible that the computer may halt at " verifying dmi pool data..."

To resolve this Issue

Boot from a bootable floppy diskette. Ensure that this diskette was made on the same Microsoft Windows operating system that is installed on your computer.
Once at the A:\> prompt type "sys c:" and press enter. This should report the message "File system transferred." Once transferred remove the diskette and reboot the computer.
If the computer continues to not boot re-create the master boot record by booting from the bootable floppy diskette again. Once at the A:\> prompt type "fdisk /mbr" and press enter. This should return you to the prompt without giving you any message. Once at the prompt remove the diskette and reboot the computer.

Do you have additional information on FDISK /MBR?
Note: The above information only applies to Microsoft Windows users. If you are running a Linux / Unix variant or other operating system such as OS/2 and the computer is freezing at this DMI message ensure that Linux / Unix has been properly installed first or your boot manger is not corrupt.

Settings for hard disk drive are not correct

The computer freezing at "Verifying dmi pool data..." may be caused when the hard disk drive settings within CMOS are not set properly. Enter CMOS setup and verify that the hard disk drive settings are set properly and that it is set to Auto Detect.

Floppy diskette or CD in computer causing issue

Verify no floppy diskette or CD is in the computer. In some cases the computer may be trying to boot from either of these drives causing issues with the boot sequence.

Boot devices not set properly

The computer stopping at " verifying dmi pool data..." can be caused when the boot devices on your computer are not set properly in CMOS. First, verify that no CD or diskette is in your computer. If a CD or diskette is in the computer remove this first to determine if it was attempting to boot from it.

If No CD or diskette is in the computer and your computer still halts at the DMI message enter CMOS setup and verify that the boot options are set properly. We commonly recommend that the floppy be set the first boot device, hard drive as the second boot device and the CD-ROM as the third boot device.

BIOS corrupt or misc. setting not set properly

If none of the above recommendations have resolved your issue reset the BIOS / CMOS settings to the factory or default settings.

Connections loose or disconnected

If the computer has been recently moved or new hardware has been installed in the computer it is possible that a connection may be loose or even disconnected. Verify that the hard disk drive, floppy and CD-ROM cables are properly connected.

Bad hard disk drive or other bad hardware

If you computer continues to freeze at the DMI message after attempting all of the above recommendations it is possible that the computer may be freezing because of a bad hard disk drive or other bad hardware in the computer.

Before replacing any hardware we first recommend you erase everything on the hard drive and start over.

If you're unable to get to the point of re-installing the operating system it's likely your computer has a hardware issue and it's suggested that the hard drive be replaced. If that doesn't resolve the issue then have the motherboard replaced.

If you try to boot up normally you dont get any options or anything?

Is the XP install CD pretty old and has been used a
lot? Could you try making a new copy of it to a new CD?
If you have a commercial machine you should visit the vendors website for more information and possible solutions.
See if this link (http://www.michaelstevenstech.com/XPrepairinstall.htm) helps any.

the problem with the computer it wont read CD's and DVD's. but when i do insert the windows XP cd and i press enter to install it, it just says it cant read it. and there's only the windows recovery option. and the CD is quite old, but i dont think its the problem.

just to let you know, a relative that i try to reinstall windows, via USB stick. but im still worried it might not work. and i dont really want have to reinstall everything on my computer and lose all my music files. is there something i could type in to the windows recovery repair that will fix it, without having to start all over again?

and i dont get why safe mode did not work by pressing the f8 key a few times.

If you are concerned with losing stuff, like mp3's then you should attempt to get them off first, just in case your HD is toast or before proceeding with a fix/mbr. Its hard to say what the problem may be right now. You can try this in the recovery console to repair hd errors:


windows recovery repair that will fix it,

you can boot into the windows recovery console,
you should get this on the screen:


Microsoft Windows(R) Recovery Console

The Recovery Console provides system repair and recovery functionality.
Type EXIT to exit the Recovery Console and restart the computer.

1: C:\WINDOWS

Which Windows Installation would you like to log on to ?
hit 1 and then enter

at the C:\Windows prompt type chkdsk /p (note the space after the k and before the /)
click ok or enter.
If you get "errors detected" on this short check then back at the prompt type:

chkdsk /r and click enter. This test may take some time to finish and will attempt to repair hard drive errors. Once done, back at the prompt type chkdsk /p again to see if any errors have been repaired.
I believe typing exit at the prompt will reboot the machine, and you can let it try and boot up normally.


the CD is quite old CD's that are used often can and do go "bad". Just look at the bottom of one.

i cant access the recoveryconsole yet, as a relative tried fixing the computer with no success and its still stuck on the verifying DMI pool data page and managed to get in to a fake windows. so when i put in the windows xp CD, it doesnt boot. but next weekened im taking the computer over to a friends house, so can try and fix it.

Ok thanks for the update. Good Luck.

hi, just to update you again, my cousin managed to get past the windows start up, but unfornately had to reinstall xp windows. and he managed to fix the CD rom problem too, as the drive now open and closes with no problem. but in inside the computer case it was extremely dusty and dirty inside, so tried to clean it out as much as possible with a vaccum cleaner and tissue.

i just reinstalled web of trust add on. i remember there was another add on i had along with WOT, whenever i do google searches. i think its called site advisor, do you know if it is that one?

I think there are several of them that work along the same lines. SiteAdvisor is one (http://www.siteadvisor.com/) of them.

The best thing to protect yourself from a malicious site that host exploits is to stay updated:

No vulnerability present, no hack can take place. Its that simply.

See item 1 and 2,4,5 and 6 below. Malware is moving more and more to being browser based, however social engineering is still the number one way people get malware on there machines, ie: you install it yourself.

Now that you have a clean install here are some tips to help you stay malware free:

10 Tips for Prevention and Avoidance of Malware:
There is no reason why your computer can not stay malware free.

No software can think for you. Help yourself. In no special order:

1) It is essential to keep your operating system (Windows) browser (IE, FireFox, Chrome, Opera) and other software up to date to "patch" vulnerabilities that could be exploited. Visit Windows Update (http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us) frequently or use the Windows auto-update feature. (http://www.microsoft.com/windows/downloads/windowsupdate/automaticupdate.mspx) Staying updated is also essential for other web based applications like Java, Adobe Flash/Reader, iTunes ,browser plugins and add-ons. More and more third party applications are being targeted. Not sure if you are using the latest version of software? Check their version status and get the updates here. (http://secunia.com/vulnerability_scanning/online/)

2) Know what you are installing to your computer. Alot of software can come bundled with unwanted add-ons, like adware, toolbars and malware. More and more legitimate software is installing useless toolbars if not unchecked first. Do not install any files from ads, popups or random links. Do not fall for fake warnings about virus and trojans being found on your computer and you are then prompted to install software to remedy this. See also the signs (http://www.malwarevault.com/signs.html)that you may have malware on your computer.

3) Install and keep updated: one antivirus and two or three anti-malware applications. If not updated they will soon be worthless. If either of these frequently find malware then its time to *review your computer habits*.

4) Refrain from clicking on links or attachments via E-Mail, IM, IRC, Chat Rooms, Blogs or Social Networking Sites, no matter how tempting or legitimate the message may seem. See also E-mail phishing Tricks (http://www.fraud.org/tips/internet/phishing.htm).

5) Do not click on ads/pop ups or offers from websites requesting that you need to install software to your computer--*for any reason*. Use the Alt+F4 keys to close the window.

6) Don't click on offers to "scan" your computer. Install ActiveX Objects with care. Do you trust the website to install components?

7) Consider the use of limited (non-privileged) accounts for everyday use, rather than administrator accounts. Limited accounts (http://www.microsoft.com/protect/computer/advanced/useraccount.mspx) can help prevent *malware from installing and lessen its potential impact.* This is exactly what user account control (UAC) in Windows Vista and Windows 7 attempts to address.

8) Install and understand the *limitations* of a software firewall.

9) The why and how to secure (http://www.cert.org/tech_tips/securing_browser/) your browser for safer surfing.

10) Warez, cracks etc are very popular for carrying malware payloads. If you look for these you will encounter malware. If you download/install files via p2p networks you will encounter malware. A file can be named anything, be nothing but malware or have malware bundled in it.
Do you really trust the source?

More info/tips with pictures in links below.

Happy Safe Surfing.

i just downloaded site advisor and installed it, then it required a reboot. and when i go to mozilla firefox, tools and select add- ons, it says MC Afee site advisor 3.3.1 is incompatible with firefox 5.0.1.

I think that kind of software is pretty much useless now days.

Like I said keep everything updated. No script, a FF add on looks (http://noscript.net/) like it could be useful, i have never used it though.

ok,i have installed no script

ok good. And you have been to Windows Updates or have it set to check/download updates automatically?

A visit to Secunia (http://secunia.com/vulnerability_scanning/online/) wouldnt hurt either, plenty of vulnerabilities in other software to. Not just MS products.

More about NoScript here. (http://www.dedoimedo.com/computers/noscript-use.html)

i have automatic update enabled. after the reinstallation of windows, i get a lot of windows updates to install.

Alot of those updates are for patching vulnerabilities. These can be exploited and if successful are a way into your machine. Windows update only covers MS products.
Secunia scan will cover the other products that are also exploited like java, Adobe (http://web.nvd.nist.gov/view/vuln/search-results?query=Adobe&search_type=all&cves=on) products, media players etc. Malware attacks are moving to the web and are looking for outdated unpatched web applications to take advantage of.

well i dont have anymore problems with the computer now, so you can close the thread now..

oh 1 more thing. how do i get windows update for firefox, since i dont use internet explorer.

Just to clarify, Windows Updates are for Microsoft Products only. FireFox is put out by Mozilla. (http://www.mozilla.org/)

I believe in Microsoft Windows FireFox will automatically check for updates by default. Check this Link (http://support.mozilla.com/en-US/kb/Updating%20Firefox#w_how-do-i-configure-update-options) to be sure. I use FF in linux so I get updates via the distribution.

Even though you dont use Internet Explorer its still necessary to keep it updated, why? to patch possible vulnerabilities that could be exploited. The best thing to do is just leave the auto update feature on- which you do-so you will get all the updates when they are released.

yup, just checked firefox is updated.

ok. Happy Safe Surfing out there.

thanks for your help, sloving the computer problems. much appreciated