Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Reboot loop/Internet security 2010


  • Please log in to reply
3 replies to this topic

#1 Dan5553

Dan5553

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:00 AM

Posted 03 March 2010 - 12:49 AM

I'm running windows XP. Last night I got infected with the xp antivirus 2010 bug. Immediately I tried running Malware only to have it not load. I next tried SuperAntiSpyware which fortunately was still running fine. I let it do a scan and after it identified the rogue Trojans I deleted them, being prompted to then reboot. I did so, got to the little XP loading screen and...sudden reboot. It went to the "windows failed to load properly" screen...I tried safemode, same result. Eventually after a few more reboots I used f8 to bring up more options and started going through those. Running in Debug Mode works for whatever reason, although when I tried to run anything I kept getting prompted on what I wanted to use to open the program. I fixed that by setting all the extensions back to their defaults and then began running Malware, expecting to find the virus had replicated itself or some such. Much to my surprise the scan turned up clean. I repeated this with SuperAntiSpyware and again, no infections. I started poking around online...which is when the first hint of still being infected showed up. I got a single random popup ad, followed by an immense slowdown in system performance. I eventually solved that issue by closing a svchost.exe that was using up all my memory. This happened one other time, but since my last reboot has been fine. I just recently ran rkill, which closed my volume control (SNDVOL32.exe) and am now attempting another Malware scan. Through a bit of previous googling I noticed someone else reported having issues with their windows after removing this virus and were basically told that all they could do is reformat. I'm mostly wondering if the same applies to me, or if I'm still in fact infected and if so what can I do to fix it?

BC AdBot (Login to Remove)

 


#2 Dan5553

Dan5553
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:00 AM

Posted 03 March 2010 - 05:10 PM

Well, to answer my own question I'm still infected as av.exe/all those other processes associated with it came back earlier today...Malware has proven to be surprisingly inefficient, every time I run a scan it doesn't pick up a thing while SuperAntiSpyware managed to pick it up. I ran regedit as per the instructions for removing this annoying virus but didn't have any of the registry values which has left me thoroughly confused. Generally after every reboot for removing the malware a svchost will run that uses up about 90% of my CPU. I've also noticed that the windows update (yellow shield with the !) has popped up despite the fact I long ago turned off the auto updates. This is the first time I've plugged my internet back in since running scans, for the time being everything is working fine but I know it won't last so any advice for getting rid of this bugger would be appreciated.

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,109 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:09:00 AM

Posted 03 March 2010 - 08:00 PM

Hello,

I suggest that you follow the instructions in ==>This Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<==

If you can produce at least some of the logs, then please create the new topic. If you cannot produce any of the logs, then post back here and we will provide you with further instructions.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Internet Security, NoScript Firefox ext.


animinionsmalltext.gif

#4 Dan5553

Dan5553
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:00 AM

Posted 04 March 2010 - 12:45 AM

Created a new post with a Hijack this log...if the greater powers that be want to delete this topic to make room for more relevant ones that'd be fine with me.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users