Malware antispyware reboots computer and does not allo programs to run

View previous topic View next topic Go down

Malware antispyware reboots computer and does not allo programs to run

Post by kewlncguy on Tue 22 Jun 2010, 7:39 pm

This is a little embarrassing as I am a 3 tim3 MCSE and MCITP Enterprise. I mainly do server clustering and virtualization and my desktop skills have suffered a bit..anyway.

Computer is XP 64-bit running AVG. The virus has released its payload and when I boot it starts with the "your computer is infected you need to purchase anti virus and gives and alert prompt with yes or no, I clicked yes to see what type of virus it was and it tried to go to If I try to execute any program like malwarebytes it says some thing to the effect of "You cannot execute this program because wcaulaudit (or whatever) is infected. If I try to beat it to execute a file it eventually starts rebooting over and over.

I then boot into recovery console and run chkdsk /r twice and it comes up looking normal but the payload is soon released again. I am a contractor and one of my clients had it on their system and it infected my flash drive evidently. I have tried to download the os customization package and make an eset bootable disk from my laptop but can only find the vista/2007 server one.

Any Ideas.. TIA



Posts : 1
Joined : 2010-06-22
Operating System : xp 64-bit

View user profile

Back to top Go down

Re: Malware antispyware reboots computer and does not allo programs to run

Post by Belahzur on Wed 23 Jun 2010, 1:48 am


We need to use the RKill Tool by Grinler <--- Download site

  • Please Download Save it to your Desktop.
  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.

  • NOTE: If you are unable to connect to the site to download rkill, then you should download it to a clean computer and copy it to the infected one via a USB flash drive or CDROM.

  • Once it is downloaded, double-click on the in order to automatically attempt to stop any processes associated with Rogue programs.
  • Please be patient while the program looks for various malware programs and ends them.
  • When it has finished, the black window will automatically close and you can continue with the next step.
NOTE: If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by the rogue program, when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate the rogue program. So, please try running Rkill until the malware is no longer running. You will then be able to proceed with the rest of the steps.

If you continue having problems running, you can download:
iExplore.exe or eXplorer.exe
which are renamed copies of, and try them instead.

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.

@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

View previous topic View next topic Back to top

Permissions in this forum:
You cannot reply to topics in this forum