Threat Found, Heal, Now computer reboots on startup

Discussion in 'Computer Support' started by 4deadcrowsstudio, Dec 6, 2006.

  1. I am doing this on my mother's behalf who is 3 hours away from me so I
    can't see exactly what is happening. Apparently, a box came up that
    said "threat found, trojan horse, heal now" It wasn't coming from her
    virus scanner or so she thinks as AVG wasn't on the box anywhere. so
    she clicked heal..her computer shut down and now when she turns it on
    and it gets to the startup winXP screen it restarts in a loop..She just
    bought another computer because she was having probs with these trojan
    notices and her computer going screwy...The hardest thing is, I have to
    direct a computer illiterate person over the phone..I hope there is an
    easy resolve to this..har har...
    thanks
     
    4deadcrowsstudio, Dec 6, 2006
    #1
    1. Advertisements

  2. 4deadcrowsstudio

    Meat Plow Guest

    Appears that the "healing" process involved deleting system files. Good
    luck but you're not going to fix this one over the phone with a computer
    illiterate on the other side.
     
    Meat Plow, Dec 6, 2006
    #2
    1. Advertisements

  3. wrote in 80g2000cwy.googlegroups.com:

    Actually, there is!

    And it called "a good backup strategy."

    All computers with Windows should come with Partition Magic and Drive
    Image. Right when you get that puppy, you partition ~10% of the HDD space
    to (D:) BACKUP, and you run a pristine image backup from (C:) to (D:) and
    then you do so every so often. Daily is not unreasonable.

    On my newer machines, the whole backup process takes < 10 min., and a
    restore takes a little less. Admittedly, I run complete scans, then clean-
    up disk routines, then reboot to scandisk, then defrag, then image, which
    takes about 40 minutes to do. If ever I get fubared, instead of going
    nucking-futs trying to figure out all the minutiae, I only risk losing
    about 2 or 3 days of system updates, etc. My data is already stored on a
    separate partition, but it get's manually backed up to off-site as well.
    You can either access Drive Image for a restore via Windows, if it's still
    working, or via the boot CD. There are several other software options out
    there that people absolutely swear by...

    And that little bit of time invested is *so* *much* *better* than having to
    reformat and reinstall after a malicious event or a fubared update. Which
    is what it looks like you need to do.

    Bought another computer? That's a pretty steep price to pay because
    someone got bit by a virus or trojan. Seems like it might be a good
    motivation tool after a couple of episodes.



    Best wishes to all for a safe and joyous holiday season.

    --

    To me boxing is like a ballet,
    except there's no music,
    no choreography,
    and the dancers hit each other
    until the loser cries like a little girl,
    or does that whole go-to-sleep thing.

    Some people would do anything to get out of finishing the dance.
     
    Bucky Breeder, Dec 6, 2006
    #3
  4. 4deadcrowsstudio

    old man Guest

    buying a new pc because its infested wont help, unless monies no object.
    You or someone will have to visit
     
    old man, Dec 6, 2006
    #4
  5. 4deadcrowsstudio

    Leythos Guest

    Lookup the windows xp repair/reinstall process on google, all you need
    is your XP CD and you can recover from this without the loss of any of
    your data (most times) and then you can download and run the Multi-AV
    scanner written by David Lipman to clean your machine.
     
    Leythos, Dec 6, 2006
    #5
  6. 4deadcrowsstudio

    RWLipp Guest

    Same situation here. Looking at the machines, it appears the machine
    that has no problem with WinLogon.exe is at SP1. The problem machine
    looks like it doesn't even have SP1. The machine only recently got
    internet connectivity, but I could have sworn it got SP1 back when it
    was initally set up. The fact that the internet is not flooded with
    reports of this problem would support a theory that SP1 & SP2 machines
    are not affected.

    It most absolutely certainly is a case of false positive.
     
    RWLipp, Dec 6, 2006
    #6
  7. 4deadcrowsstudio

    Meat Plow Guest

    I had a false positive this morning with IE6's executable and Antivira.
    Wonder how many told Antivira to delete or quarantine it thus rendering
    IE6 inoperable?
     
    Meat Plow, Dec 6, 2006
    #7
  8. 4deadcrowsstudio

    The Grimm Guest

    The Grimm, Dec 6, 2006
    #8
  9. 4deadcrowsstudio

    Shel-hed Guest

    I forgot to mention that I decided to try scanning winlogon on the XP cd. It
    came back as infected. Further proof of my own brain-farting fault. I should
    have done that first.
    I don't know what all the non-geeky panic-proners would do though... buy another
    computer I guess.
     
    Shel-hed, Dec 7, 2006
    #9
  10. I and many others have had the exact same problem. What worked for me
    and others is to simply uninstall AVG. You know how to do this simple
    procedure? Once you do it the computer should work fine.
     
    cenorthamerica, Dec 7, 2006
    #10
  11. I and many others have had the exact same problem. What worked for me
    and others is to simply uninstall AVG in safe mode. You know how to do
    this simple procedure? Once you do it the computer should work fine.
     
    cenorthamerica, Dec 7, 2006
    #11
  12. Ok, thanks everyone for all the advise and most of you are right, I got
    mom into safe mode and ran an avg scan and found this flooder virus..so
    then I found instructions on removing it..
    http://www.suggestafix.com/index.php?showtopic=24151

    Only probelm is now my moms computer won't start up in safe mode again,
    it crashes...she doesn't have the install cd to reinstall..friggn
    viruses..who are these people with no lives...nasty creatures...
     
    nevermore studio, Dec 10, 2006
    #12
  13. 4deadcrowsstudio

    Lookout Guest

    Most are sexually frustrated former lobbyists for the republicans.
     
    Lookout, Dec 10, 2006
    #13
  14. 4deadcrowsstudio

    The Grimm Guest

    Folks, if you can get in via Safe Mode, don't bother trying to copy
    over another version of Winlogon.exe. Once you get in via Safe Mode
    uninstall AVG then reboot. I've done this on every pc I had this issue
    with... afterwards install at least SP1a on the pc and reinstall AVG.
    This should fix the problem... Grisoft has confirmed that this false
    positive is a problem with XP installs that have not had a service pack
    installed.

    Good Luck.

    TG
     
    The Grimm, Dec 11, 2006
    #14
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.