Jump to content

Recommended Posts

Hello everyone, this is my first post here. I'm from India so the reply timings may not match.

This is going to be a long post.

Yesterday I connected my camera to my XP machine, and I saw a folder named avp root or something like this I can't remember, I opened it because the name was similar to mp-root a folder which contains videos. It contained an exe file in the disguise of a folder named Music. I.. double clicked it...

I am aware of this and similar files but at that time I wasn't alert.

I tried to remove it but it was well past 1:00 AM so I switched off the pc.

Today I downloaded the trial version of MBAM and scanned my pc, uh.. without updating the DB. It still detected 10 threats, with the familiar Trojan names (and expected too), Forever.exe, System.exe, Music.exe, and userinit.exe, along with some malicious registries. I know that userinit.exe is a safe executable from ms, but taskmgr showed two instances of it, one on termination opened the explorer(?) and the second one just kept recurring without any effect, so I knew this was a trojan. Forever.exe and music.exe were not running. BTW system.exe and userinit.exe were not using the cpu at all and used 6 MB of ram together. My system was running fine.

--I quarantined the threats and allowed MBAM to restart to completely remove the malware, and here is when the real problem started.

When I clicked ok, a popup about blocking Autorun popped and the pc turned off, upon restarting, it got to the 'loading your settings' screen showing a blank blue screen(maybe my background, I use a solid blue color with classic theme) but doesn't show any GUI, and immediately shut-down showing the 'saving your settings' screen and this continues endlessly. I noted that sometimes the MBAM blocker pops up for an instant before shut-down.--

Please help me, I can't even boot into safe mode.

Link to post
Share on other sites

Hello and welome,

 

P2P/Piracy Warning:

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Thanks,

 

Kevin..

Link to post
Share on other sites

Please print this guide for future reference!

 

You will need a blank CD, a clean computer and a flash drive.

 

Please follow the steps below and let me know if you were successful. If you were unable to create the UBCD4win, please tell me what error messages you got and/or what steps you got hung up on.

 

Stage 1

 

1. Download and Run http://www.ubcd4win.org/downloads.htm Ultimate Boot CD for Windows

 


Save it to your Desktop.
Double-Click on the UBCD4Win.EXE that you just downloaded to your desktop.
Follow all of the instructions/prompts that come up.
 
NOTES:
 
Do not install to a folder with spaces in it's name.
Your Anti-Virus may report viruses or trojans when you extract UBCD4Win, these are "False-Positives." Read HERE for information regarding the files that normally trigger AV software.

 

2. Insert your XP CD with either SP1/SP2/SP3 into the CD Rom drive

 


Double-Click on UBCD4WinBuilder.exe located in your C:\ubcd4win folder.
Click "I agree" to the Builders License.
Click NO to Search for Windows Installation Files

 

Make the following selections from the Main Screen that pops up:

 

Builder

 

Source:(path to Windows installation files)

 


Enter the path to the drive where your XP CD is located.
You can click on the "..." button on the right to navigate to the path as well.

 

Custom: (include files and folders from this directory)

 


No information is necessary, leave blank.

 

Output: (C:\ubcd4win\BartPE)

 


Keep the default BartPE
 
Media output:
 
Choose Create ISO image
Do not choose Burn to CD/DVD

 

Please note: If your XP install disc is SP1 then please .....

 


Disable- DComLaunch Service
Enable- LargeIDE Fix

 

This can be done by pressing the "Plugin" button and checking or unchecking the appropriate selections

 

Also note: If you have a Dell XP install disc you will need to follow the instructions here:

 

http://www.ubcd4win.com/faq.htm#dell

 

 

3. Click on the "Build" button

 


You will see the Windows EULA message. Click on I Agree
You will now see the Build Screen. Let it run it's course
When the Build is finished you can click close, then exit

 

4. Burn your ISO file to CD

 

    Please see Here on how to burn an ISO to CD.

 

=====================================

 

Stage 2

 

 

Next, from your clean computer:

 

Download Farbar Recovery Scan Tool and save it to your flash drive.

 

Now plug your flashdrive back into your sick computer and follow the next instructions:

 

=====================================

 

Stage 3

 

1. Restart Your sick Computer Using the UBCD4Win Disc That You Have Created

 


Insert the UBCD4Win disc in to one of your CD/DVD drives.
Restart your computer.
The computer should choose to boot from the UBCD4Win CD automatically. If it doesn't and you are asked if you want to boot from CD, then choose that option.

 


In the window that pops up select Launch The Ultimate Boot CD For Windows and press Enter.
It may take a little longer for the Desktop to appear than it does when you start your computer normally. Just let the process run itself until the desktop appears.
 
Once the desktop appears, you will receive a message asking: Do you want to start Network support?
Click on Yes if you want to use the PE environment to get online post your log and reply by way of an Ethernet connection.

 

You should now have a desktop that looks like this:

 

ud4bc.png

 

===================================

 

Stage 4

 


Single click My computer from your UBCD4W desktop to navigate to the Farbar Recovery Scan Tool you saved to your flash drive.
Double click on it to begin running the tool.
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the flash drive.

 

Please copy and paste the log to your next reply.

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.