Killer Problem

Discussion in 'Malware Help (A Specialist Will Reply)' started by trone, Jun 26, 2005.

  1. trone

    trone Private E-2

    Here is the major symptom for an XP (home edition) PC:

    Touch a key (any key) and the PC hangs. Mouse cursor sits and a cold boot is required. So have to work only by GUI controls -- can't fire up task mgr.


    Here is what has been done so far.

    Ran the anti-virus and spyware tools (norton, stinger, adware, spybot) and many others -- which found and removed host of issues (worm, trojans etc)
    Cleanup temp dirs, host file, defrag drive, and other stuff (all without touching the keyboard). Even went to some of the online virus scan sites.

    One issue that seems to be the crux of the problem, that hijackthis reports as O4 and adware, spybot and others see and want to remove at boot-up, but this beast has a bear-lock on it.

    There is a directory with a random like name and exe files and dll and some config files (created early this year) that somehow keeps on getting recreated when trying to fix via HJT.

    Need a tool to bootup with and access NTFS filesystem to remove the exe files in that mystery directory. Or something that can identify this beast so I can get a better handle on what to do next.

    Thnks for any help.
     
    trone, Jun 26, 2005
    #1
  2. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    If possible, follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

    After doing ALL of the above if you still have a problem:


    http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

    http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

    http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

    http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

    http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

    http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

    http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting
     
    bjgarrick, Jun 26, 2005
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds