Hello Guys.
Well, I'm working on a Gateway P4 with Windows XP home edition. It has 760 megs of ram.
The problem is it would hang at the desktop. You could see the hour glass, and move it, but no response on clicking on anything or trying to get into task manager via con,alt,delete.
I could go into safe mode and run Malwarebytes and SuperAntiSpyware with all updates and it all came back clean..Weird huh?
I then went into msconfig, services tab, hid microsofts services and disabled all others. Rebooted and it went to the desktop fine and all is working... I even ran Malwarebytes and SuperAntiSpyware in here and all came back clean.
I went back to msconfig, services and stared to turn things on one at a time. The first I turned on was Avast AntiVirus. Rebooted and it locked up at that desktop.. So, there was my problem. However, I did do a boot time scan with Avast and it found the powrprof.dll Tr/patched.FO1 Trojan, and several others, but it could not do anything as they were system files. Anyway, I wound up uninstalling Avast and installed Avira AntiVirus. I get this with Avira AntiVirus, but unable to remove it.. Looks like a system file as well.
C:\WINNT\$NtUninstallKB959426$\kernel32.dll
[DETECTION] Is the TR/Patched.FM.1 Trojan
[WARNING] The file was ignored!
Here is what Kaspersky shows when I did a online scan.
File name / Threat name / Threats count
C:\WINNT\$NtUninstallKB959426$\kernel32.dll Infected: Trojan.Win32.Patched.fm 1
C:\WINNT\ie7updates\KB963027-IE7\wininet.dll Infected: Trojan.Win32.Patched.fn 1
C:\WINNT\system32\nwklr.ini Infected: Trojan.Win32.Patched.fm 1
C:\WINNT\system32\nwwlnt.ini Infected: Trojan.Win32.Patched.fn 1
I cold not understand why Avast or AntiVira would not take care of this.
Ok, the fix was to just delete those files that Kaspersky was showing..
Now I know if you delete those windows update folders, you can't uninstall those specific updates I believe, which I don't attend to do anyway. I was manually able to delete them. Run scans with several different Anti Virus programs and all is coming up clean now. Now, I did get some malware that SuperAntiSpyware found and cleaned. All was good except for a random windows critical Stop sound.. I was doing nothing.. Ok, the fix for that was, the malware that I had, had a schedule in Task scheduler. Even that it was gone, Task scheduler would try to call it every hour, but it was not there and that is why I got the critical stop sound from windows.. I just deletetd the job and all is good on this pc..
Here is a picture of the Task Sheduler job.
I like to give special thanks to DoorTodoorGeek (Steve McLaughlin from Episode 30 of www.podnutz.com). With out him, I could not have done this.
1 comment:
Mitch, I heard you on Podnutz, I've been listening to some old episodes. I was just wondering if you ever started your own business. fredmarkle@gmail.com
Post a Comment