Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus(es) Gone, Problems Persisting


  • Please log in to reply
1 reply to this topic

#1 CameronB

CameronB

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 09 December 2010 - 01:47 PM

Hi everyone, my first time posting on BleepingComputer, maybe this will be my go-to troubleshooting site :)

Running Windows XP Pro, Service Pack 3

A while ago (a couple months) my computer apparently came down with a virus (or several) which were detected by avast! antivirus. After visiting some of my usual favorite, seemingly innocuous websites, I got several alerts from avast saying that it moved various infected files to the chest. A reboot and boot-time scan later, and many, many more files were quarantined. I went to the avast website, got some support, and according to the guy who helped me out, cleared out all the malware/viruses/whatever. Various scans supported this, so I'm reasonably satisfied that I'm currently infection-free.

However, several problems since that incident have persisted, which due to a lack of responses on the avast forums, I gave up trying to solve for a while.

Problem #1: When I start up the computer, everything proceeds normally until I get to the desktop, at which point the computer becomes partially unresponsive for a few minutes. I can't access the task manager, the task bar, or delve very deep into folders. After usually about 5 minutes or so, the Windows theme finally plays and the computer works normally.
Problem #2: The computer no longer seems to recognize USB flash drives. Other USB devices seem to work fine though (mouse, keyboard, printer, Wacom tablet).

Problem 1 is just inconvenient, but I'm very concerned about Problem 2, as my biggest fear is having to wipe my hard drive (which happens surprisingly often to me). I have a large external USB HD that I use to back up all my personal files, but since this incident, I have been unable to use it. If my computer fails now, I'll lose the last few months' worth of files. A recent BSOD event scared me into getting back onto figuring this out.

One final note: avast moved over 40 files into the virus chest during this virus incident, many of which were .sys files (list included at the end of the post) from C:\Windows\system32\drivers. They were labeled as being infected by Win32:Bubnix-J[Rtk]. Also of note, when I insert a flash drive, the USB Mass Storage Device listing under the Universal Serial Bus Controllers list has an exclamation mark next to it. It says under Properties that "Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged". The same message and exclamation marks appear next to Microsoft Kernel Acoustic Echo Canceller, Microsoft Kernel Audio Splitter, Microsoft Kernel DRM Audio Descrambler, and Microsoft Kernel GS Wavetable Synthesizer under Sound, video and game controllers. My theory is that avast moved several infected files necessary for these now-bugged functions into quarantine and is keeping them from running.

Whatever the problem is, I could use some advice on how to proceed. Also, here's a link to my post on avast's support forum, which explains everything more in-depth, if necessary.
http://forum.avast.com/index.php?topic=63849.15

3184580027.sys
3300054162.sys
aec.sys
ambfilt.sys
asyncmac.sys
atmarpc.sys
Cdaudio.sys
Changer.sys
Changer.sys
dmusic.sys
drmkaud.sys
Fdc.sys
Flpydisk.sys
i2omgmt.sys
ip6fw.sys
ipfltdrv.sys
ipinip.sys
irenum.sys
l8042mou.sys
lbrtfdc.sys
lbrtfdc.sys
Imouke.sys
Modem.sys
monfilt.sys
mskssrv.sys
mspclock.sys
mspqm.sys
nwInkflt.sys
nwInkfwd.sys
PCIDump.sys
PCIDump.sys
PDCOMP.sys
PDCOMP.sys
PDFRAME.sys
PDFRAME.sys
PDRELI.sys
PDRELI.sys
PDRFRAME.sys
PDRFRAME.sys
processr.sys
RDPWD.sys
secdrv.sys
Sfloppy.sys
splitter.sys
swmidi.sys

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,229 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:13 AM

Posted 09 December 2010 - 04:26 PM

In malware situations...any number of files may become directly damaged due to the malware items or the removal of same.

In such cases, a repair install of XP may be effective...if not, then a clean install may become necessary to restore the system to full health.

An alternative to running a repair install...would be to try running the sfc /scannow command.

How To Use Sfc.exe To Repair System Files - http://www.bleepingcomputer.com/forums/topic43051.html

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users