Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


lowsec malware removal and boot problems

  • This topic is locked This topic is locked
2 replies to this topic

#1 eng69


  • Members
  • 2 posts
  • Local time:02:25 AM

Posted 29 October 2010 - 11:16 AM

Hi, I had the virus that goes into the c:\windows\system32\lowsec area. I installed malwarebytes and it found it and removed it. However when i reboot the computer it comes up with the windows splash screen and then almost immediately it gives me a blue screen of death with 0x0000007B as the error code. I cannot boot the computer to safe mode, etc. If i use hirens boot cd and choose the 'advanced boot options, boot from hard drive -- windows xp (ntldr)' it boots off the hard drive fine. I have run fixmbr and fixboot from the recovery console off an xp boot cd.

I am following the guide here :http://www.bleepingcomputer.com/forums/topic34773.html

attached are the logs.

pre advanced thanks!!

Attached Files

BC AdBot (Login to Remove)


#2 eng69

  • Topic Starter

  • Members
  • 2 posts
  • Local time:02:25 AM

Posted 29 October 2010 - 12:46 PM

It looks like combofix detected whistler II and now it comes up with a clean bill of health. Also bootkitremover shows no infections. Computer is now working fine. Thanks!!!

#3 Budapest


    Bleepin' Cynic

  • Moderator
  • 23,579 posts
  • Gender:Male
  • Local time:07:25 PM

Posted 29 October 2010 - 04:47 PM

As this issue appears to be resolved I am closing the topic. Please send me (or any other Moderator) a Personal Message (PM) if you would like the topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users