Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Think Hitman Pro deleted an essential file


  • Please log in to reply
2 replies to this topic

#1 ray192

ray192

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:13 PM

Posted 30 April 2010 - 06:24 AM

Hi, I believe I have into a truly nasty situation. I have a Lenovo T60 laptop, with XP Home edition SP3. I have symantec firewall and AVG antivirus.

One important question first: which startup items and system services are required for wireless internet? If you can answer this it will help me a lot. The full problem is described below.

Summary of problem: On every start up, the PC freezes, though sort of differently. On safe mode everything works fine. On safe mode with networking, computer freezes right after the "this is safe mode" window shows up and I click "yes" (the screen remains black and nothing happens). On normal start up, it actually displays my desktop, and several utilities like my antivirus and firewall also load (though very slowly... the computer seems to pause for 2-3 minutes before starting to load antivirus, and then pauses 2-3 minutes before loading firewall), and it looks functional, but ctrl-alt-delete is ignored and task manager does not appear, and once I do anything, like load an application or open up a directory, the system freezes. System does boot up correctly on a diagnostic start up, and I'm currently trying to add services back in to try and determine the cause of it, and see if I can add in networking ability without crashing it. I suspect something critical to networking has been destroyed.


Possible cause: I think it might be wise for me to describe the story from very beginning.

Yesterday afternoon I seemed to have gotten a nasty bug, which I think was disguised as a java update (lapse of attention on my part... didn't notice the system warning about not being able to verify the package). It included, among other things, a redirector that prevented me from using chrome. I spent a few hours trying to get rid of it, with AVG, Spybot, Malwarebytes, Superspysweeper. They got rid of a lot, but there was still something there. I suspected there was a rootkit, so I got tdsskiller. Tdsskiller found that iaStor.sys was infected, but didn't manage to heal it (it told me that it would be healed on a reeboot and it didn't work). I then read online that tdsskiller sometimes misdiagnoses, so the problem might be elsewhere; I subsequently downloaded Hitman Pro 3.5, which found a rootkit in some .sys file in the system32/drivers directory (I think), and I believe it was something like iexxxx.sys, where x denotes letters I don't remember (I didn't think of it much at the time, so I didn't write it down), and Hitman Pro promptly deleted it. And ever since then, I have been having this problem. At the very least I think the damn virus is gone.

Things I have tried: I attempted to do a system restore, but all of my system restores to a point before the virus attack failed, and my system restore to go back to before Hitman Pro deleted the .sys file worked for a little bit, but after a single restart the problem resurfaced. I am desperately trying to avoid having to reinstall XP, since final project time is looming, which requires the use of my laptop. I also don't have my XP disc with me (way back in my permanent residence), so I'm pretty unprepared for this trouble.

Any possible ideas? I'm trying to hold on to the slim hope that this is just a virus removal problem, and not caused by a deletion of a critical file...

Edited by Pandy, 30 April 2010 - 07:16 AM.
Moved from Windows XP Home and Pro to a more appropriate forum ~Pandy


BC AdBot (Login to Remove)

 


#2 ray192

ray192
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:13 PM

Posted 30 April 2010 - 07:10 AM

Okay, I enabled all the Microsoft-created services, and booted up fine in the end (took a long time though), but couldn't get into the internet. Subsequently enabled my symantec services (all except the antivirus), and computer promptly froze while loading the firewall. Anybody think it's a good idea to uninstall symantec?

#3 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:13 PM

Posted 30 April 2010 - 02:58 PM

Can you provide any logs such as MBAM, SAS, and GMER?

http://www.malwarebytes.org/mbam.php

http://www.superantispyware.com

http://www.gmer.net

Run those tools and post the logs here.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users