| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 106572 | 2010-01-14 03:27:00 | Crash | NZHawk (4093) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 848647 | 2010-01-14 03:27:00 | Toshiba Satellite Pro L300 1Gb ram Windows XP Pro ran successfully for almost 2 hours scanning with SuperAntiSpyware, removed infections on the reboot got to the Windows windows - turned off test of ram: turned off Hirens PC Doctor: test CPU: passed Hirens PC Doctor: test motherboard: crashed boots: ok currently updating & scanning with Spyware Terminator. Can anyone help me understand why the notebook is crashing. This type of crashing generally indicates and over-heat to me. Any help would be greatly appreciated. |
NZHawk (4093) | ||
| 848648 | 2010-01-14 03:27:00 | What was it infected with? Thats probably the cause | Speedy Gonzales (78) | ||
| 848649 | 2010-01-14 03:31:00 | This is from an Avast boot scan: 01/11/2010 12:23 Scan of all local drives File C:\Documents and Settings\New user\desktop\Sue M7may09\Documents and Settings\Suzanne\Local Settings\Temp\UACe798.tmp is infected by Win32:Patched-KG [Trj], Deleted File C:\Documents and Settings\New user\desktop\Sue M7may09\Documents and Settings\Suzanne\Local Settings\Temporary Internet Files\Content.IE5\VWUBB7V1\player[1].htm is infected by JS:Agent-CK [Trj], Deleted File C:\Documents and Settings\New user\desktop\Sue M7may09\Program Files\Kazaa\kzscan.dll is infected by Win32:Trojan-gen, Deleted File C:\Documents and Settings\New user\desktop\Sue M7may09\Program Files\VirusRanger\VirusRanger.exe is infected by Win32:MailBot-N [Trj], Deleted File C:\Documents and Settings\New user\desktop\Sue M7may09\WINDOWS1\system32\drivers\UACtoirrfuxjdsbo rd.sys is infected by Win32:Alureon-AP [Rtk], Deleted File C:\System Volume Information\_restore{B1454770-AA00-4413-AC7F-3C398C9D335B}\RP140\A0034747.dll is infected by Win32:Trojan-gen, Deleted File C:\System Volume Information\_restore{B1454770-AA00-4413-AC7F-3C398C9D335B}\RP140\A0034748.exe is infected by Win32:MailBot-N [Trj], Deleted File F:\autoexec.exe is infected by Win32:Trojan-gen, Deleted File F:\Documents and Settings\User\Application Data\CCenter\ccagent.exe is infected by Win32:Malware-gen, Deleted File F:\Documents and Settings\User\Application Data\CCenter\ccmain.exe is infected by Win32:Malware-gen, Deleted File F:\Documents and Settings\User\Application Data\SystemProc\lsass.exe is infected by Win32:Rootkit-gen [Rtk], Deleted File F:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\AEAZ9OH7\dfghfghgfj[1].dll is infected by Win32:Trojan-gen, Deleted File F:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\J0MC0KU0\update4303[1].exe is infected by Win32:Trojan-gen, Deleted File F:\hiberfil.sys is infected by Int 13-512, Deleted File F:\System Volume Information\_restore{B1454770-AA00-4413-AC7F-3C398C9D335B}\RP140\A0034749.exe is infected by Win32:Trojan-gen, Deleted File F:\System Volume Information\_restore{B1454770-AA00-4413-AC7F-3C398C9D335B}\RP140\A0034750.exe is infected by Win32:Malware-gen, Deleted File F:\System Volume Information\_restore{B1454770-AA00-4413-AC7F-3C398C9D335B}\RP140\A0034751.exe is infected by Win32:Malware-gen, Deleted File F:\System Volume Information\_restore{B1454770-AA00-4413-AC7F-3C398C9D335B}\RP140\A0034752.exe is infected by Win32:Rootkit-gen [Rtk], Deleted File F:\System Volume Information\_restore{B1454770-AA00-4413-AC7F-3C398C9D335B}\RP140\A0034753.dll is infected by Win32:Trojan-gen, Deleted File F:\System Volume Information\_restore{B1454770-AA00-4413-AC7F-3C398C9D335B}\RP140\A0034754.exe is infected by Win32:Trojan-gen, Deleted File F:\WINDOWS\system32\helper32.dll is infected by Win32:Trojan-gen, Deleted File F:\WINDOWS\system32\smss32.exe is infected by Win32:Trojan-gen, Deleted File F:\WINDOWS\system32\winlogon32.exe is infected by Win32:Trojan-gen, Deleted Number of searched folders: 28541 Number of tested files: 308469 Number of infected files: 23 ---------------------------------------- 01/13/2010 16:26 Scan of F:\ File F:\Program Files\tdkmnbd\winchk.dll is infected by Win32:PureMorph [Cryp], Deleted File F:\System Volume Information\_restore{B1454770-AA00-4413-AC7F-3C398C9D335B}\RP141\A0034908.exe is infected by Win32:Zbot-MJB [Trj], Deleted File F:\System Volume Information\_restore{B1454770-AA00-4413-AC7F-3C398C9D335B}\RP141\A0034912.dll is infected by Win32:PureMorph [Cryp], Deleted File F:\WINDOWS\system32\sdra64.exe is infected by Win32:Zbot-MJB [Trj], Deleted Number of searched folders: 9693 Number of tested files: 89012 Number of infected files: 4 Also, SuperAntiSpyware found: Trojan.DNSChanger-Codec Trojan.Agent/Gen |
NZHawk (4093) | ||
| 848650 | 2010-01-14 03:33:00 | What was it infected with? Thats probably the cause Yes. After scanning and cleaning with everything and if it won't boot even in safe mode, then its trashed system files - do a repair install. |
pctek (84) | ||
| 848651 | 2010-01-14 04:20:00 | Spyware Terminator found only 1: Remove Invalid Startup Items Deleted Registry : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run NDSTray.exe Closing System Restore Point |
NZHawk (4093) | ||
| 848652 | 2010-01-14 04:35:00 | Had you concidered removing the hard drive & scanning it on another system. | Driftwood (5551) | ||
| 848653 | 2010-01-14 04:36:00 | Done 1st thing that is how I got the Avast report above. Thank you |
NZHawk (4093) | ||
| 848654 | 2010-01-14 04:39:00 | Might need something stronger. | Driftwood (5551) | ||
| 848655 | 2010-01-14 04:44:00 | Such as? 10lb hammer? |
NZHawk (4093) | ||
| 848656 | 2010-01-14 04:50:00 | If its been infected by Alureon-AP, then atapi.sys has probably been screwed. It needs to be replaced. I guess thats what you get, if you use Kazaa | Speedy Gonzales (78) | ||
| 1 2 | |||||