Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Constant Restarting At Startup, Am I Still Infected?


  • Please log in to reply
15 replies to this topic

#1 blueskyz888

blueskyz888

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 28 September 2008 - 01:59 AM

hi, i recently got spyware /adware on my computer. I've used spyware doctor, SUPERantispyware, Malwarebytes, S&D, ad-aware to remove all the spyware/adware and it seems to be all okay from there , but after i rebooted the computer, my computer kept rebooting when windows was just about to log in... " the screen where is says "welcome"" (my OS is Vista ultimate).. the only way i can log back onto windows is if i select the boot option "Last Known Good Configuration" at the boot menu.. I cannot log into Safe Mode as it will restart at the same screen where it welcomes me into windows.. ive tried full system scans on all the spyware removal tools mentioned above and none can detect and fix any problems associated to the constant auto rebooting..

can someone offer me another removal tool that may fix my problem. everytime i turn on my computer i have to forcefully reboot the computer inorder to boot at "Last known good configuration" which looks quiet damaging..
Your Help is Appreciated! and i would like to know the name of the virus/spyware if you recognise this problem

Thanks,

Edited by blueskyz888, 28 September 2008 - 02:47 AM.


BC AdBot (Login to Remove)

 


#2 blueskyz888

blueskyz888
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 28 September 2008 - 11:37 PM

help anyone?

#3 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:11:29 AM

Posted 29 September 2008 - 07:23 AM

http://www.bleepingcomputer.com/tutorials/windows-vista-system-restore-guide/

How far back can you go with system restore?

Al the directions given for Superantispyware and Malwawarebyte's in this forum by knowledgeable helpers furnish detailed instructions and specify posting logs for an analysis

Those logs might identify the infection and help us give a reccomendation
Chewy

No. Try not. Do... or do not. There is no try.

#4 blueskyz888

blueskyz888
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 29 September 2008 - 09:39 AM

thats the problem, i didnt have any previous restore points

#5 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:11:29 AM

Posted 29 September 2008 - 10:00 AM

http://www.bleepingcomputer.com/forums/t/78386/bleeping-computer-vista-tutorials/

Have you tried any of the vista repair options?
Chewy

No. Try not. Do... or do not. There is no try.

#6 blueskyz888

blueskyz888
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 29 September 2008 - 08:41 PM

yeh, i inserted vista cd and tried repair options but it didnt detect any problems.

#7 blueskyz888

blueskyz888
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 29 September 2008 - 08:52 PM

.

Edited by blueskyz888, 29 September 2008 - 09:40 PM.


#8 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:11:29 AM

Posted 29 September 2008 - 08:56 PM

Download this file to your Desktop: http://downloads5.kaspersky-labs.com/devbuilds/AVPTool/
Start the setup_.exe-file and click "Next".
The tool will be unzipped now to his own folder on the Desktop, confirm this by pressing "Next" again.
Now, click "Scan" to start the quick scan.
When it's finished, the found malware will be showed to you, press "Delete".
Now click the button "Reports" in the main screen and save the logfile to your Desktop.
Post this logfile in your next reply
After that you'll get this message: "Do you want to uninstall?", choose "Yes".
The tool will be deleted then.
Chewy

No. Try not. Do... or do not. There is no try.

#9 blueskyz888

blueskyz888
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 29 September 2008 - 09:52 PM

heres the report

Duration: 00:01:17
Finish time: 30/09/2008 12:50:07 PM


Detected
--------
Status Object
------ ------


Events
------
Time Name Status Reason
---- ---- ------ ------


Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------


Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Prompt for action when the scan is complete
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes


Quarantine
----------
Status Object Size Added
------ ------ ---- -----


Backup
------
Status Object Size
------ ------ ----



#10 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:11:29 AM

Posted 29 September 2008 - 11:10 PM

If there are no more problems or signs of infection?

http://www.bleepingcomputer.com/forums/ind...mp;#entry943994
Chewy

No. Try not. Do... or do not. There is no try.

#11 blueskyz888

blueskyz888
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 30 September 2008 - 02:08 AM

i tried creating a restore point and then disk cleanup to clean up the old restore points but the problem still exists..

#12 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:11:29 AM

Posted 30 September 2008 - 04:44 AM

Update Malwarebytes, run another scan and post a log
Chewy

No. Try not. Do... or do not. There is no try.

#13 blueskyz888

blueskyz888
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 30 September 2008 - 09:28 AM

updated and still no infections

Malwarebytes' Anti-Malware 1.28
Database version: 1223
Windows 6.0.6001 Service Pack 1

1/10/2008 12:27:12 AM
mbam-log-2008-10-01 (00-27-12).txt

Scan type: Full Scan (C:\|)
Objects scanned: 211862
Time elapsed: 1 hour(s), 32 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



#14 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:11:29 AM

Posted 30 September 2008 - 09:55 AM

start

run

cmd

tasklist

rightclick/select all

enter

paste into a reply
Chewy

No. Try not. Do... or do not. There is no try.

#15 blueskyz888

blueskyz888
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 30 September 2008 - 10:38 AM

heres tasklist

Microsoft Windows [Version 6.0.6001]
Copyright 2006 Microsoft Corporation. All rights reserved.

C:\Users\Kevin>tasklist

Image Name PID Session Name Session# Mem Usage
========================= ======== ================ =========== ============
System Idle Process 0 Services 0 24 K
System 4 Services 0 3,108 K
smss.exe 464 Services 0 540 K
csrss.exe 588 Services 0 5,140 K
wininit.exe 648 Services 0 3,480 K
csrss.exe 660 Console 1 10,484 K
services.exe 692 Services 0 6,620 K
lsass.exe 704 Services 0 8,152 K
lsm.exe 712 Services 0 4,696 K
winlogon.exe 820 Console 1 4,436 K
svchost.exe 892 Services 0 5,568 K
svchost.exe 952 Services 0 6,912 K
svchost.exe 992 Services 0 15,716 K
svchost.exe 1112 Services 0 10,048 K
svchost.exe 1180 Services 0 83,704 K
svchost.exe 1192 Services 0 20,760 K
audiodg.exe 1268 Services 0 10,536 K
SLsvc.exe 1308 Services 0 3,724 K
svchost.exe 1368 Services 0 9,688 K
svchost.exe 1616 Services 0 12,988 K
ccSvcHst.exe 1732 Services 0 5,852 K
AppSvc32.exe 1848 Services 0 3,776 K
aawservice.exe 1916 Services 0 1,828 K
dwm.exe 1924 Console 1 88,332 K
explorer.exe 1964 Console 1 49,264 K
smax4pnp.exe 544 Console 1 5,552 K
ccApp.exe 560 Console 1 1,428 K
realsched.exe 592 Console 1 308 K
pctsTray.exe 760 Console 1 1,540 K
sidebar.exe 456 Console 1 26,708 K
msnmsgr.exe 640 Console 1 25,432 K
ehtray.exe 708 Console 1 3,296 K
wmpnscfg.exe 900 Console 1 4,832 K
SetPoint.exe 1052 Console 1 9,572 K
ehmsas.exe 2088 Console 1 4,048 K
taskeng.exe 2132 Console 1 9,768 K
spoolsv.exe 2196 Services 0 8,532 K
svchost.exe 2284 Services 0 9,864 K
aaCenter.exe 2308 Console 1 7,064 K
KHALMNPR.exe 2356 Console 1 4,880 K
taskeng.exe 2624 Services 0 5,528 K
AppleMobileDeviceService. 3308 Services 0 3,356 K
AluSchedulerSvc.exe 3352 Services 0 460 K
mDNSResponder.exe 3396 Services 0 4,992 K
ccSvcHst.exe 3412 Services 0 388 K
MDM.EXE 3488 Services 0 4,044 K
sqlservr.exe 3648 Services 0 7,208 K
PnkBstrA.exe 3744 Services 0 3,628 K
svchost.exe 3760 Services 0 4,316 K
pctsAuxs.exe 3772 Services 0 1,480 K
pctsSvc.exe 3820 Services 0 32,652 K
sqlbrowser.exe 3040 Services 0 3,232 K
sqlwriter.exe 2044 Services 0 4,380 K
StarWindServiceAE.exe 2892 Services 0 4,328 K
svchost.exe 2392 Services 0 4,796 K
svchost.exe 1608 Services 0 3,888 K
SearchIndexer.exe 2536 Services 0 23,660 K
SDWinSec.exe 1572 Services 0 7,944 K
sidebar.exe 3984 Console 1 20,008 K
wmpnetwk.exe 5420 Services 0 7,712 K
usnsvc.exe 5668 Services 0 3,932 K
unsecapp.exe 5920 Console 1 5,588 K
WmiPrvSE.exe 2060 Services 0 5,336 K
WINWORD.EXE 1996 Console 1 32,036 K
wweb32.exe 4808 Console 1 8,240 K
LastFM.exe 5192 Console 1 12,196 K
symlcsvc.exe 4980 Services 0 300 K
AcroRd32.exe 4592 Console 1 20,756 K
taskmgr.exe 5452 Console 1 10,028 K
msnmsgr.exe 3612 Console 1 9,904 K
iexplore.exe 2832 Console 1 93,640 K
BitComet.exe 4120 Console 1 100,740 K
cmd.exe 768 Console 1 4,864 K
tasklist.exe 3276 Console 1 5,828 K
WmiPrvSE.exe 5132 Services 0 7,208 K

C:\Users\Kevin>


Edited by blueskyz888, 01 October 2008 - 03:20 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users