Computer won't start due to virus

View previous topic View next topic Go down

Computer won't start due to virus

Post by bronbron81 on Fri Apr 24, 2009 8:16 pm

I just recently got a virus I think. I started to get a large quantity of pop ups and could not get rid of them. I exited firefox and everything but they just kept coming up. Eventually my computer restarted and wouldn't reboot to the logon screens. It gets as far as "windows is starting up" and then I get a message that says, " The system is shutting down please save all work in progress and log off. Any unsaved changes will be lost. This shutdown was intiated by The system process C:\WINDOWS\system32\lsass.exe terminated status cod 1073741819. Please help. Ohh it also wont boot into safe mode either

bronbron81
Intermediate
Intermediate

Status :
Online
Offline

Posts : 72
Joined : 2009-03-02
OS : Window Xp Media center edition 2005

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by bronbron81 on Fri Apr 24, 2009 8:22 pm

I got the computer to boot up and log on once for about 2 minutes and Adware ad-watch live had a pop up that said that it blocked digifast.exe from starting up then my computer just rebooted and had the same problem as above

bronbron81
Intermediate
Intermediate

Status :
Online
Offline

Posts : 72
Joined : 2009-03-02
OS : Window Xp Media center edition 2005

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by Belahzur on Fri Apr 24, 2009 8:43 pm

Does it give you the 60 seconds countdown shutdown warning?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by bronbron81 on Fri Apr 24, 2009 9:10 pm

yes

bronbron81
Intermediate
Intermediate

Status :
Online
Offline

Posts : 72
Joined : 2009-03-02
OS : Window Xp Media center edition 2005

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by Belahzur on Fri Apr 24, 2009 9:30 pm

Good. This can be stopped the next time it happens.
When it does happen, go to Start > Run.
In the run box, type in:

shutdown -a

Note the space between the a and -
Hit enter.

Lets get a Hijack This log.

Please download the current version of HijackThis from [You must be registered and logged in to see this link.]

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by bronbron81 on Sat Apr 25, 2009 1:54 pm

But I can't get my computer to log on. It gets to windows is starting up and then I get the countdown and it just reboots

bronbron81
Intermediate
Intermediate

Status :
Online
Offline

Posts : 72
Joined : 2009-03-02
OS : Window Xp Media center edition 2005

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by Belahzur on Sat Apr 25, 2009 1:56 pm

Ah, so you can't get to the run box.
Can you do it in safe mode?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by bronbron81 on Sat Apr 25, 2009 1:58 pm

It has the same problem in safe mode it just stops progressing when it gets to windows is starting up

bronbron81
Intermediate
Intermediate

Status :
Online
Offline

Posts : 72
Joined : 2009-03-02
OS : Window Xp Media center edition 2005

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by Belahzur on Sat Apr 25, 2009 2:01 pm

Do you have any other machines that can write to CD's? if so, we can use the avira boot disc.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by bronbron81 on Sat Apr 25, 2009 2:03 pm

yea, could you give me some intructions. I know computers at an intermediate level so detailed instructions are not needed.

bronbron81
Intermediate
Intermediate

Status :
Online
Offline

Posts : 72
Joined : 2009-03-02
OS : Window Xp Media center edition 2005

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by Belahzur on Sat Apr 25, 2009 2:17 pm

Okay, quick guide and link in this blog post:
[You must be registered and logged in to see this link.]

[link is at the bottom of the post]


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by bronbron81 on Sat Apr 25, 2009 6:59 pm

ok I burn it to a disc and ran the scanner and then I shut the computer down. Took the cd out and rebooted it and the same problem occured

bronbron81
Intermediate
Intermediate

Status :
Online
Offline

Posts : 72
Joined : 2009-03-02
OS : Window Xp Media center edition 2005

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by Belahzur on Sat Apr 25, 2009 7:35 pm

Hold on, gonna ask my colleagues for ideas here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by bronbron81 on Mon Apr 27, 2009 12:44 am

bump

bronbron81
Intermediate
Intermediate

Status :
Online
Offline

Posts : 72
Joined : 2009-03-02
OS : Window Xp Media center edition 2005

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by Belahzur on Mon Apr 27, 2009 2:59 am

Sorry for the wait, I'm still waiting to hear back from my colleagues. I know he has read the PM I sent him, but no reply as of yet.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by bronbron81 on Tue Apr 28, 2009 7:08 pm

bump

bronbron81
Intermediate
Intermediate

Status :
Online
Offline

Posts : 72
Joined : 2009-03-02
OS : Window Xp Media center edition 2005

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by Belahzur on Wed Apr 29, 2009 11:51 am

Hello.
Got a message back.
Lets use this bootable image to boot from.
Download 6.22 from here:
[You must be registered and logged in to see this link.]

Burn it to a CD and then boot from it.
Let me know if you can get on using that, if you can, then we'll stop that 60second warning.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by bronbron81 on Wed Apr 29, 2009 8:21 pm

Well, I needed to use a program that I had on my computer and I had to use it yesterday so I used the HP recovery partition of my hard drive to do so. I backed all my files up using the ubuntu live cd. The only problem I am having now is that AVG keeps saying that there are infected files on my computer but they can't heal them, but Malwarebytes anti-malware says there are no infections on my computer. If you could help me with this problem then it would be greatly appreciated

bronbron81
Intermediate
Intermediate

Status :
Online
Offline

Posts : 72
Joined : 2009-03-02
OS : Window Xp Media center edition 2005

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by Belahzur on Wed Apr 29, 2009 8:39 pm

If you can login now, we can get some logs and I can see what's what.

Does AVG say what the variant name is? (usually, if it can't heal a file, it's a file infecter, and I need to know)

A few names would be:
Win32\Virut
Win32.Sality
Win32\Shuer


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by bronbron81 on Wed Apr 29, 2009 8:49 pm

it has stopped popping up but I think it was Win32\Virut. What log files would you like to see?

bronbron81
Intermediate
Intermediate

Status :
Online
Offline

Posts : 72
Joined : 2009-03-02
OS : Window Xp Media center edition 2005

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by Belahzur on Wed Apr 29, 2009 8:52 pm

Not good. Sad tearing

Virut is a polymorphic file infecter, which cannot be fixed. The malicious code inside Virut is buggy, so when it infects files, it corrupts them too.

See here for details and more information on Virut:
[You must be registered and logged in to see this link.]

If this log shows me signs of Virut, then your only hope is formatting, or full restore from the image on the other partition.

  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run
  • When complete, DDS.txt will open.
  • Save the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by bronbron81 on Wed Apr 29, 2009 8:59 pm

DDS (Ver_09-03-16.01) - NTFSx86
Run by Michael at 16:57:22.45 on Wed 04/29/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.479.68 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Michael.MIKES.000\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = [You must be registered and logged in to see this link.]
uSearch Bar = [You must be registered and logged in to see this link.]
mDefault_Page_URL = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe
mRun: [SunJavaUpdateSched] c:\program files\java\jre1.5.0_06\bin\jusched.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nwiz] nwiz.exe /installquiet /nodetect
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: []
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [Cpqset] c:\program files\hewlett-packard\default settings\cpqset.exe
mRun: [RecGuard] c:\windows\sminst\RecGuard.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\michae~1.000\applic~1\mozilla\firefox\profiles\v5uog4t0.default\
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPOJI610.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-4-28 325640]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-4-28 27656]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-4-28 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-4-28 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-4-28 298264]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-6 99328]

=============== Created Last 30 ================

2009-04-29 16:18 --d-h--- C:\$AVG8.VAULT$
2009-04-29 15:51 --d----- c:\windows\system32\PreInstall
2009-04-29 15:32 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-04-29 15:32 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-04-29 15:32 --d----- c:\docume~1\alluse~1\applic~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-29 15:30 1,900,544 a------- c:\windows\system32\usbaaplrc.dll
2009-04-29 15:30 36,864 a------- c:\windows\system32\drivers\usbaapl.sys
2009-04-29 02:14 --ds---- c:\documents and settings\michael.mikes.000\UserData
2009-04-29 02:04 --d----- c:\windows\system32\appmgmt
2009-04-29 00:57 --ds---- c:\documents and settings\michael.mikes.000\Temporary Internet Files
2009-04-29 00:57 --ds---- c:\documents and settings\michael.mikes.000\History
2009-04-29 00:55 --d----- c:\docume~1\michae~1.000\applic~1\Intuit
2009-04-29 00:55 --d----- c:\documents and settings\Michael.MIKES.000
2009-04-29 00:38 185,344 a------- c:\windows\system32\Thawbrkr.dll
2009-04-29 00:38 66,594 a------- c:\windows\system32\c_864.nls
2009-04-29 00:38 66,594 a------- c:\windows\system32\c_862.nls
2009-04-29 00:38 66,594 a------- c:\windows\system32\c_720.nls
2009-04-29 00:38 66,082 a------- c:\windows\system32\c_708.nls
2009-04-29 00:38 66,082 a------- c:\windows\system32\C_28596.NLS
2009-04-29 00:38 66,082 a------- c:\windows\system32\c_10021.nls
2009-04-29 00:38 66,082 a------- c:\windows\system32\c_10005.nls
2009-04-29 00:38 66,082 a------- c:\windows\system32\c_10004.nls
2009-04-29 00:38 10,752 a------- c:\windows\system32\c_iscii.dll
2009-04-29 00:38 6,144 a------- c:\windows\system32\ftlx041e.dll
2009-04-29 00:38 5,632 a------- c:\windows\system32\kbdusa.dll
2009-04-28 23:10 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-04-28 23:10 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-04-28 23:10 325,640 a------- c:\windows\system32\drivers\avgldx86.sys
2009-04-28 23:10 --d----- c:\windows\system32\drivers\Avg
2009-04-28 23:10 --d----- c:\program files\AVG
2009-04-28 23:10 --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-04-28 22:43 --d----- c:\docume~1\michae~1.000\applic~1\Malwarebytes
2009-04-28 22:15 --d----- c:\windows\system32\SoftwareDistribution
2009-04-19 00:56 --d----- c:\program files\Any Video Converter
2009-04-18 15:49 --d----- c:\program files\ASIO4ALL v2
2009-04-17 23:01 --d----- c:\program files\common files\Digidesign
2009-04-13 23:49 --d----- c:\docume~1\alluse~1\applic~1\XemiComputers
2009-04-13 23:49 --d----- c:\program files\XemiComputers
2009-04-13 21:03 --d----- c:\program files\common files\Macrovision Shared
2009-04-13 01:36 --d----- c:\program files\VideoLAN
2009-04-12 19:00 --d----- c:\program files\winMd5Sum
2009-04-07 20:36 --d----- c:\program files\RARBG Player
2009-04-06 17:22 --d----- c:\program files\Trend Micro
2009-04-05 13:58 --d----- c:\program files\ImTOO
2009-04-04 23:58 --d----- c:\program files\K-Lite Codec Pack
2009-03-31 15:31 --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files

==================== Find3M ====================

2009-04-29 00:56 1,699 a--shr-- c:\windows\system32\drivers\103C_HP_NTBK_HP Pavilion dv6000 (RG253UA#ABA)_YN_0Pavi_QCNF6414BPK_E432250001_46_I30B7_SQuanta_V65.2B_BF.3D_T071122_WXP2_L409_M479_J80_7AMD_8Turion 64 Technology MK-36_92.01_#090302_N14E44311_(RG253UA#ABA)_XMOBILE.MRK
2009-04-06 15:32 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 15:32 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-03-02 20:18 92,819 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

============= FINISH: 16:58:36.53 ===============

bronbron81
Intermediate
Intermediate

Status :
Online
Offline

Posts : 72
Joined : 2009-03-02
OS : Window Xp Media center edition 2005

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by Belahzur on Wed Apr 29, 2009 9:05 pm

Hello.
Good news, no signs of Virut. Whatever AVG is detecting, (I don't see a reason that it should be) is probably harmless now you've done an image restore. I just wanna see what's installed because there's a VERY old version of Java that needs updating.

Please download the current version of HijackThis from [You must be registered and logged in to see this link.]

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • When Hijack This opens, click "Open the Misc Tools section"
  • Then select "Open Uninstall Manager"
  • Click on "Save List..." (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by bronbron81 on Wed Apr 29, 2009 9:08 pm

5 Card Slingo from Hewlett-Packard Laptops (remove only)
Adobe Reader 7.0.5
Apple Mobile Device Support
Apple Software Update
AVG 8.5
Bejeweled 2 Deluxe from Hewlett-Packard Laptops (remove only)
Big Kahuna Reef from Hewlett-Packard Laptops (remove only)
Blackhawk Striker 2 from Hewlett-Packard Laptops (remove only)
Blasterball 2 from Hewlett-Packard Laptops (remove only)
Boggle Supreme from Hewlett-Packard Laptops (remove only)
Bonjour
Bookworm Deluxe from Hewlett-Packard Laptops (remove only)
Bounce Symphony from Hewlett-Packard Laptops (remove only)
Chuzzle Deluxe from Hewlett-Packard Laptops (remove only)
Conexant HD Audio
Crystal Maze from Hewlett-Packard Laptops (remove only)
Customer Experience Enhancement
DivX
Easy Internet Sign-up
ESPNMotion
FATE from Hewlett-Packard Laptops (remove only)
Final Drive Nitro from Hewlett-Packard Laptops (remove only)
Flip Words from Hewlett-Packard Laptops (remove only)
GemMaster Mystic
HijackThis 2.0.2
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB909095)
Hotfix for Windows XP (KB910728)
Hotfix for Windows XP (KB912436)
HP Game Console and games
HP Help and Support
HP Imaging Device Functions 6.0
HP Photosmart Premier Software 6.0
HP Quick Launch Buttons 6.10 A2
HP QuickPlay 2.3
HP Rhapsody
HP Update
HP User Guides 0031
HP Wireless Assistant 2.00 G2
Insaniquarium Deluxe from Hewlett-Packard Laptops (remove only)
iTunes
iTunesFolderWatch
J2SE Runtime Environment 5.0 Update 6
Jewel Quest from Hewlett-Packard Laptops (remove only)
Lemonade Tycoon 2 from Hewlett-Packard Laptops (remove only)
Lexibox Deluxe from Hewlett-Packard Laptops (remove only)
Macromedia Flash Player 8
Macromedia Shockwave Player
Mah Jong Quest from Hewlett-Packard Laptops (remove only)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mozilla Firefox (3.0.10)
muvee autoProducer 5.0
Netscape Browser (remove only)
NVIDIA Drivers
Oasis from Hewlett-Packard Laptops (remove only)
Office 2003 Trial Assistant
Otto
Polar Bowler from Hewlett-Packard Laptops (remove only)
Polar Golfer from Hewlett-Packard Laptops (remove only)
Puzzle Express from Hewlett-Packard Laptops (remove only)
Quicken 2006
QuickTime
SCRABBLE from Hewlett-Packard Laptops (remove only)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Slingo Deluxe from Hewlett-Packard Laptops (remove only)
Slyder from Hewlett-Packard Laptops (remove only)
Snowboard SuperJam
Soft Data Fax Modem with SmartCP
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic MyDVD Plus
Sonic Update Manager
SonicAC3Encoder
SonicMPEGEncoder
Super Granny from Hewlett-Packard Laptops (remove only)
Synaptics Pointing Device Driver
TourSetup
Tradewinds from Hewlett-Packard Laptops (remove only)
Update for Windows Media Player 10 (KB910393)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB911164)
Vongo
Windows Installer 3.1 (KB893803)
Windows Media Connect
Windows Media Format Runtime
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885855
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB890546
Windows XP Hotfix - KB891220
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892559
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB915381
Wireless Home Network Setup
Yahoo! Toolbar for Internet Explorer
Zuma Deluxe from Hewlett-Packard Laptops (remove only)

bronbron81
Intermediate
Intermediate

Status :
Online
Offline

Posts : 72
Joined : 2009-03-02
OS : Window Xp Media center edition 2005

View user profile

Back to top Go down

Re: Computer won't start due to virus

Post by Belahzur on Wed Apr 29, 2009 9:18 pm

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

  • Adobe Reader 7.0.5
  • J2SE Runtime Environment 5.0 Update 6


Download and install [You must be registered and logged in to see this link.]

Updating Java:

  • Download the latest version of [You must be registered and logged in to see this link.].
  • Select the first option where it says "This release includes the highly anticipated...".
  • Click the "Download" button to the right.
  • In the Window that opens, select your platform and language, check the "agree" box, and click Continue.
  • Click on the link to download Windows Offline Installation and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Then from your desktop double-click on jre-6u13-windows-i586-p.exe that you downloaded to install the newest version.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum