 Xp Does't Start After Combofix Run, Cannot start XP after running Combofix to remove Virtumonde infection |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
When posting your problem, do not run and post a ComboFix logs. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.
To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.
  |
 Mar 23 2008, 06:02 PM
Post
#1
|
|
|
New Member  Group: Members Posts: 2 Joined: 23-March 08 Member No.: 198,304  |
sorry,I know, I had to ask for expert advise earlier, but here it goes: I had my Windows XP pro SP2 infected with Virtumonde malware and after my unsuccessful attempt to remove it using FSecure I decided to try Combofix to fix it and I’m now totally terrified by the result as the XP doesn’t start, OS loader appears, but later I can see only a black desktop. In the end of Combofix clean there were a few error messages regarding windows security files back-up and smth else, but I cannot recall them exactly. I did not swith antivirus (FSecure) and did not install XP recovery console before running ComboFix. I'm terrified by the thought that I 'll lose all the files on my harddrives. Please help me if you can! |
 |
 
|
|
Mar 24 2008, 01:41 PM
Post
#2
|
|
 Bleep Bleep! Group: Admin Posts: 32,432 Joined: 24-January 04 From: USA Member No.: 3 |
Atriad, your new topic is here:
http://www.bleepingcomputer.com/forums/topic138002.html Laska, please be patient while we get someone to help you. -------------------- |
|
|
|
|
Mar 24 2008, 01:59 PM
Post
#3
|
|
 Surgeon General Group: Malware Response Team Posts: 1,839 Joined: 4-March 06 From: Puerto Rico Member No.: 57,930 |
Hi, Laska
 Welcome to Bleeping Computer. In order to restore your computer, we will need the XP Installation CD to boot the computer to the Recovery Console. Boot the computer using the XP CD. You may need to change the boot order in the system BIOS so the CD boots before the hard drive. Check your system documentation for steps to access the BIOS and change the boot order. At boot, you will be prompted with the following options: A. To setup Windows XP, press Enter. B. To repair Windows XP installation using recovery console, press R. Choose the option, "To repair the Windows XP installation using recovery console", press R. If an Administrator Password have been established, you will be prompted to type it in. If no Administrator Password exists, just press ENTER. You will be presented with the following: QUOTE Microsoft Windows® Recovery Console The Recovery Console provides system repair and recovery functionality. Type EXIT to quit the Recovery Console and restart the computer. 1: C:\WINDOWS Which Windows Installation would you like to log onto (To cancel, press ENTER)? Press the number 1 on your keyboard and hit Enter. At the command prompt, type the following command and press Enter: cd erdnt\hiv-backup At the next prompt, type the following bolded text, and press Enter: batch erdnt.con The erunt backups will begin copying. Type exit when finished, and then press ENTER to quit Recovery Console. Remove the CD and let the computer start. Let us know how it goes. -------------------- No request for help throughout private messaging will be attended. If I have helped you, consider making a donation to help me continue the fight against Malware!  |
|
|
|
|
Mar 25 2008, 05:58 PM
Post
#4
|
|
|
New Member Group: Members Posts: 2 Joined: 23-March 08 Member No.: 198,304 |
Hi JSntgRvr
thanks a lot for this , you made my day! I did as instructed and everything seems to be running fine now and those nasty Virtumonde pop-ups went away  , but I keep getting 2 strange error messages on the start up though: RUN DLL Error loading C:\WINDOWS\system32\gytjjrhx.dll The specified module cannot be found RUN DLL Error loading C:\WINDOWS\system32\joycsaio.dll are they related to the infection? and how can I check that my machine is 100% clean now? Many thanks again for your help! |
|
|
|
|
Mar 25 2008, 06:11 PM
Post
#5
|
|
|
Surgeon General Group: Malware Response Team Posts: 1,839 Joined: 4-March 06 From: Puerto Rico Member No.: 57,930 |
Hi, Laska
You are welcome! I would suggest you open a topic in the Malware forum and have that computer check by one of the authorized team members (You must include a Hijackthis log when posting): http://www.bleepingcomputer.com/forums/forum22.html Best wishes! 
-------------------- No request for help throughout private messaging will be attended. If I have helped you, consider making a donation to help me continue the fight against Malware! |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 20th March 2010 - 01:56 PM |
© 2003-2010 All Rights Reserved Bleeping Computer LLC.