The QBasic / QB64 Discussion Forum      Other Subforums, Links and Downloads
 
 


Re: That sounds nasty.

by Michael Calkins (Login MCalkins)
Moderator

 
It's a long story, but I'll shorten it:

Also, neither were on my computer, but on different customer computers.

Well, first, I got a bit aggressive in HiJackThis, removing references to other stuff. When I rebooted, I thought I had screwed something up, because the system seemed to freeze on the black screen between when the XP splash disappears, and when the mouse cursor appears. I did a repair from my Dell XP CD, but it eventually froze on that logo that you see when you boot XP the first time after an installation. at some point, I renamed the malware's executable. Also, I undid the changes from HJT. I did another repair, but I still wasn't able to run .exes from Windows Explorer.

The registry file at:

http://filext.com/faq/broken_exe_association.php

restored seemingly normal .exe behavior.

One of the other quirks is that the regular installer for CCleaner 305 kept crashing at the point where it would give you the option to install Chrome. The 236 version worked, and so did the 305 "slim" version, without Chrome.

The computer still delays for about a minute or so, between the splash and the appearance of the mouse cursor, which makes me think that the initial repair may not have been necessary. It might have booted had I waited long enough. (It did it in safe mode also.) I downloaded bootvis, but couldn't make much sense of the results. It seemed that the CDROM file system was taking a little bit of time, and so was fs_rec.sys. There was a long delay after fs_rec.sys and the next activity of any kind. However, I am too inexperienced with the Windows boot process and Bootvis in particular to make much sense of it.

I installed MSE, Spybot, and MBAM, and ran scans.


As to the TDL4 infection, which was on a different computer, see:

http://www.bleepingcomputer.com/forums/topic370818.html

Note that the forum thread was locked before I could post a final thank you, so I sent it by PM instead.

Regards,
Michael

Posted on Apr 6, 2011, 9:50 PM

Respond to this message   

Return to Index

Response TitleAuthor and Date
I have the same startup delay on my XP ProClippy on Apr 8

 Copyright © 1999-2014 Network54. All rights reserved.   Terms of Use   Privacy Statement  

Newbies usually go to www.qbasic.com and click on The QBasic Forum
Forum regulars have their own ways, which include The QBasic Community Forums