Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarebytes/ antivirus.net related crash


  • This topic is locked This topic is locked
2 replies to this topic

#1 mickb116

mickb116

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:32 AM

Posted 02 February 2011 - 07:45 PM

My computer got attacked by the Antivirus.net virus tonight. I got into the task manager, found the process that didn't belong and shut it down. Fixed my proxy settings to get the internet working again. After a google search confirmed what I knew to be a virus, I downloaded Malwarebytes Anti-Malware and ran the scan. It detected the program and I had it remove it. At that point it told me I needed to restart to complete the removal. It shut down slowly but properly, but when it came back I never got any Windows startup screens, it gets through the ide drive scan then I get a black screen with just the LCD backlight on. I hit F8 on the next restart and got to the safe mode screen but safe mode and last known good configuration both just return the same black screen.

Don't have any logs I can post due to the impromptu lack of being able to get windows to start.

Any advice on how to get this up and running again? If it helps, its an ASUS motherboard, Intel processor, WD hard drive running Windows XP with Avast/AdAware/Spybot as my antivirus/security setup. The system and software are almost 7 years old, last Windows reinstall maybe 4 years ago when I put the new motherboard in. Ran like a champ until tonight. If not possible to recover the entire system, I would as a minimum like to attempt data recovery, it is a 200GB drive last backed up 3-4 months ago so I'd lose a fair amount of data from the past few months.

BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,093 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:32 PM

Posted 06 February 2011 - 12:16 PM

Hello, and welcome to BleepingComputer!

Try this please. You will need a USB drive.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Remove the USB & CD and insert it in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • Gently tap F12 and choose to boot from the CD
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Press Tool at the top
  • Choose Open Terminal
  • Type the following and press enter:

    dd if=/dev/sda of=mbr.bin bs=512 count=1

  • Press Enter
  • After it has finished a file will be located on your USB drive named mbr.bin
  • Remove the USB drive and insert it back in your working computer and navigate to mbr.bin, zip it up and attach it to your next reply.

This will allow me to have a look at the MasterBootRecord of your drive and see if it is infected.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,093 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:32 PM

Posted 23 February 2011 - 06:55 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users