Malware Problem Leading to XP Profile Freezing

Jkellehe · Jul 28, 2007

Hi All,

Alright, here's my situation. A few weeks ago, Symantec alerted me to a generic trojan horse on my system (in windows/system32/) that it was unable to remove. Sbybot had not detected it. After searching some forums I downloaded AVG 7.5 and Stinger. Stinger did not catch the trojan horse, but AVG did notice it.

I was unable to remove the trojan horse. With AVG, the program would indicate it was moving the trojan horse to the vault and prompt me to reboot. After rebooting, the file was still there - either because AVG failed to get rid of it or it was re-installing itself. Trying to delete the file manually - even after booting in safe mode - didn't work. The file was always in use by something or another.

Tonight - after reading through this Forum's Malware manual, I removed stinger and AVG from my system. AVG seemed like it might be Anti-Virus Gold, which was on your problem list. The computer rebooted itself at this point and now it freezes anytime I try to load a profile, whether in normal mode or safe mode.

I'm kind of at my wits end for how to deal with this. Any help would be greatly appreciated.

Thanks!
Jason

chaslang · Jul 29, 2007

Welcome to Major Geeks!

No AVG is not Anti-Virus Gold. You need to have an antivirus installed so reinstall AVG. You can get the current version here:AVG Free Edition

You did not tell us exactly what AVG was finding and where it was finding it. If it was something in System Volume Information then that is why it could not be removed and kept reappearing. That is the System Restore folder and the only way to remove things from System Restore is to disable system restore and then re-enable it.

If you are still having problems, please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, renaming, running, and posting HijackThis logs as attachments.

Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

Make sure you check version numbers and get all updates.

Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

Downloading, Installing, and Running HijackThis
Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.

When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:

CounterSpy - only for Windows XP, 2K, & NT users

AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy. - only for Windows XP, 2K, & NT users

Bitdefender - from step 6

Panda Scan - from step 6

runkeys.txt - the log from GetRunKey.bat

newfiles.txt - the log from ShowNew.bat

HijackThis

NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!

Log in or Sign up

Malware Problem Leading to XP Profile Freezing

Jkellehe Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member