Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Logging in problem


  • Please log in to reply
13 replies to this topic

#1 Mr_Twister

Mr_Twister

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 19 April 2009 - 08:30 PM

I decided to revise my old topic because it wasn't easy to read.
A week ago I started this topic :

http://www.bleepingcomputer.com/forums/t/219536/cant-remove-trojans/

and today I logged on and decided to do a scan with Malwarebytes', after the scan found seven infections I clicked on the remove button and it then asked me to restart. I did and when i tried signing onto my User Account it logged in but then automatically logged me off. I'm wondering if there is anything I can do to fix this problem or is there nothing I can do and should just do a full system restore?

Also, if I were to re-install the OS is there a chance that the trojan would reappear?

BC AdBot (Login to Remove)

 


#2 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:13 AM

Posted 19 April 2009 - 08:35 PM

Hello.

I replied to your topic over here...

Also, if I were to re-install the OS is there a chance that the trojan would reappear?

I assume in this case you have the Windows Disk. A re-install is a good idea. This trojan is very nasty and it infects your windows userinit.exe file which is a very important windows file. This infection is usually very dangerous and is considered a backdoor. Many do not know how severely their computer is infected once their userinit.exe file is infected.

After the re-install if you need to backup any data do so, but no executables or web pages should be saved, compressed files/archive files should also be avoided.

Then a full Format is a good idea.

Posted ImageBackdoor Threat

IMPORTANT NOTE: Unfortunatly One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#3 Mr_Twister

Mr_Twister
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 19 April 2009 - 09:58 PM

Hello.

I replied to your topic over here...

Also, if I were to re-install the OS is there a chance that the trojan would reappear?

I assume in this case you have the Windows Disk. A re-install is a good idea. This trojan is very nasty and it infects your windows userinit.exe file which is a very important windows file. This infection is usually very dangerous and is considered a backdoor. Many do not know how severely their computer is infected once their userinit.exe file is infected.

After the re-install if you need to backup any data do so, but no executables or web pages should be saved, compressed files/archive files should also be avoided.

Then a full Format is a good idea.

Posted ImageBackdoor Threat

IMPORTANT NOTE: Unfortunatly One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.

With Regards,
Extremeboy


Thanks for the info Extremeboy. I have tried logging in in safe mode and the same thing happens. I do have the install disk but was wondering if it is possible to recover a file if I'm not able to sign in?

#4 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:13 AM

Posted 20 April 2009 - 03:48 PM

Hello.

A reinstall may be easier here. After the reinstall you probably can log in and then from that you can backup any files you need.

Do not backup any executables however. If you don't want to do a repair install right now I can give you instructions on repairing the userinit.exe file via the Windows Disk if you want.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#5 Mr_Twister

Mr_Twister
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 20 April 2009 - 05:06 PM

Hello again Extremeboy, I was wondering if it would be safe to backup my yahoo chat history? And if I reinstalled the OS without reformating would I be able to backup the history or would it be easier to recover it by repairing the userinit.exe file ? Would I be able to see my old bookmarks? I'm not lookng to copy them, I just want to be able to see the links so I can then write them on paper for the meantime. I know it's asking a lot but I just want to make sure before I go and do anything.
Thanks again fo all the help.

#6 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:13 AM

Posted 20 April 2009 - 08:39 PM

Hello.

Reinstalling Windows will not remove any of your files etc... Therefore any files in your My Document folder or any music files will be still there. If you have anything in your Windows folder, which I doubt you will have any, will be removed also. If you choose to FORMAT, then everything WILL be gone. When doing the reinstall, confirm you are doing a repair install. Then afterwards you can backup anything you may need with the exception of any executables and webpages.

If you need help let me know. Also, you might want to start a topic over here on how to do a reinstall if you don't feel comfortable doing it for the first time.

Good Luck!

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#7 Mr_Twister

Mr_Twister
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 21 April 2009 - 10:39 AM

Hello, in an earlier post you stated that it would be a good idea to reformat after I retrieve the files I wanted. What I wanted to know is that if I simply reinstall with no reformat would I run the risk of getting the same infection?
Thanks.

#8 Mr_Twister

Mr_Twister
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 21 April 2009 - 01:18 PM

Hello

I was able to recover a few files I didn't want deleted from the program files folder within the backup folder but when I click on the on the folder for my old profile a pop-up saysthe access is denied. Also when I hover over the folder it says that the folder is empty, the properties also shows that it has nothing in it. Is there anthing I can do?
Thanks in advance.

#9 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:13 AM

Posted 21 April 2009 - 03:02 PM

Hello.

What I wanted to know is that if I simply reinstall with no reformat would I run the risk of getting the same infection?

Yes, because reinstall doesn't do anything except repair the windows, anything else is not touched and thus, your computer is still compromised..

I was able to recover a few files I didn't want deleted from the program files folder within the backup folder but when I click on the on the folder for my old profile a pop-up saysthe access is denied. Also when I hover over the folder it says that the folder is empty, the properties also shows that it has nothing in it. Is there anthing I can do?

If it's empty it's empty... There's nothing I can do about that.. Not sure what you mean there..

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#10 Mr_Twister

Mr_Twister
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 21 April 2009 - 06:01 PM

Hello

Okay, I just wanted to make sure. I'll go and reformat the computer now.
Thanks for all the help extremeboy.

#11 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:13 AM

Posted 21 April 2009 - 09:34 PM

You're welcome.

Good luck!

Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#12 Mr_Twister

Mr_Twister
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 22 April 2009 - 09:54 AM

Hello again

I hate to be a bother once again but I ran into a problem after I formatted. I inserted the System restore CD and everything went as usual. Half way through the installation it asks me to insert the second disk but when the comouter attempts to eject the first one the disk tray doesn't open on its own. I've had the disk tray problem for a bit now, I always had to manually open it with a small pin. I've noticed that when it tries to eject and can't it sort of spins the same disk for a little before I'm able to manually eject it. So I change the disks and everthing continues as usual but when its done it asks me to remove the disk and press any key to reboot; it tries to eject the disk and can't and it seems like it spins that one again as well. After manually ejecting the disk tray I press any key and it starts up normally but when its about to fade into the windows logo screen it restarts. It continues to do this even if I try to start it in safe mode. Is there anything that I can do? Is this probably attributed to the disk tray not being able to automatically eject?

Thanks

#13 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:13 AM

Posted 22 April 2009 - 05:26 PM

Hello.

I suggest you start another topic over here: http://www.bleepingcomputer.com/forums/f/76/operating-systems/

Post in the correct operating system forum.

Regarding the format problems you had and the situation you are currently. You can just copy and paste what you have right here and start another topic there.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#14 Mr_Twister

Mr_Twister
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 23 April 2009 - 09:46 AM

Hello

Okay, thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users