Getting into a continuous booting loop every time I attach the network cable

Status
Not open for further replies.
K

koo-jii

I have a Windows XP machine that was recently attacked by a bunch of malware programs. I have been cleaning it and hope that most of the rubbish is gone. The Windows works OK, until I attach the network cable (that leads to my Xyzel Prestige 643 ADSL router). In a few (very few!) moments the computer will boot itself and get into continuous booting loop.

It will reach the Windows XP Home splash screen, show the mouse cursor for a brief moment and boot again. As soon as I detach the network cable, the Windows will start OK. Safe mode works OK.

What should I do? Any suggestions are welcome. Thank you in advance.
Koo-Jii
 
Some additional information

I have tried the following since writing the first question:
- installed SP2
- removed and reinstalled the LAN driver
- installed an external (D-Link USB2) LAN card

No help! When I try to open the network properties, it flashes a hundreth of a second on the screen, so I can't actually see what's in my network (e.g. TCP/IP settings etc).

If I disable the network connection, the computer won't start the boot loop. The loop is started whenever I enable my network connection and the computer is starting to get an IP address. It searches for it for a moment, then suddenly reboots.

After I detach the network cable and the Windows reappears "healthily", I'll get a message on the screen telling something like "the system has recovered from a fatal error".

The malware removed from the computer includes but isn't limited to:
- porynt.dll
- Saristar
- comload.dll
- MediaTicketsInstaller
- topantispyware
- several GAIN and Claria variants
- etc etc etc

By the way: I have to admit, that it isn't my computer, but a friend's. He ran it with a NATless ADSL modem and without a firewall...

Again: any help is welcome, regards, koo-jii
 
Yes, but what is wrong?

I am quite aware that "the computer isn't clean yet". However, I have done exactly as you suggested and downloaded (with my own safe, clean and protected machines) all the relevant programs (spybot, ad-aware, cwshredder, hijackthis, M$antispyware etc). They all say that the computer is clean.

Well, HJT shows me a few program names that I (or Google) doesn't recognise:
- fkis.dll
- calt.exe (Stda)

Everything else is recognised, more or less :confused:


I am, however, somewhat confused about: "what malware can put my computer into a booting loop instantly after I attach the network cable?". Is it possible, that the networking system of my Windows is "hurt" somehow. You remember, that I can't go to see my networking properties, the window just doesn't show!. I didn't, however,get any error messages when updating to SP2


Regards, koo-jii
 
That post of mine helps get the worst offenders out, but as stated is by no means complete!
So post your HJT-log as a hjt.txt attachment please.
 
Status
Not open for further replies.

Similar threads

Gustav 4657
Input devices and screen turns off but the fans to the computer are still spinning. What should I do?
Replies
2
Views
2K
Gustav 4657
Gustav 4657
J
UEFI restore defaults settings every time I turn on the PC
Replies
5
Views
17K
Cycloid Torus
Cycloid Torus
A
Solved High Processor usage and 'windows has encountered a critical problem'
Replies
15
Views
8K
Broni
Broni

Latest posts

Back