Trojan "cleaner" crashed my computer

By jjrogers68 ยท 5 replies
Aug 7, 2008
  1. OS-XP Home. On Mon. Aug 4th, after being away from my computer for approx. 2 hours, I came back and there was a message stating that my computer had been affected by a trojan\system32 file. The message looked legitimate (I only have Windows Live Onecare), and it did NOT ask me to download anything. The only options were: Clean All or Cancel. I selected Clean All and it indicated that it was a system file and did I want to delete it. In an act of hubris (I know trojans can masquerade as system files) I said yes. I then received a pop up window stating that my computer would restart at the end of a countdown/timer of approx. 10 seconds. All's well until it reboots. I am able to get through the Windows splash screen and then nothing - just a blank, black screen. I can see my mouse and move it, and the lights are on my keyboard, so I am pretty sure these drivers loaded correctly, so I tried to reboot into safe mode (with and without command prompt, last known configuration...none worked) and got the same response. I noticed that the last good driver to load was mup.sys. I performed a chkdsk /p and it said there were some bad sectors, so I ran a chkdsk /r and after it completed I rebooted into the same abysmal mess. I read that it may be an AGP440 error so I ran listsvc to see if it was there and it wasn't (even so, I tried to disable it as stated on the Windows site and it couldn't be located). Low and behold, my daughter informs me that her computer wasn't working either and after questioning her, she had gotten the EXACT same thing, with the same end result. She is using XP Media Center. (Sorry about the plethora of vague details). Unfortunately, I did not write down the actually trojan name and all I can remember about the screen that popped up is that it looked like the Live Onecare symbol, only it was red. After much searching, I believe it may have also looked like the Trend Micro Logo. I have removed my hard drive and have attached it to another computer as a secondary drive and all my information is still there but I would really like to know what is going on. I HATE having to re-install everything on both computers but mostly I guess I want to give a heads up that there is something nasty lurking out there. Any help or information would be greatly appreciated.
  mailpup

    mailpup

    Will Windows start in safe mode?
  jjrogers68

    jjrogers68

    Nope, I have tried several safe mode alternatives and none of them have worked on either computer.
  mailpup

    mailpup

    It looks like you will have to try a Windows repair. If that doesn't work, perhaps due to the malware that still resides in your PC, you may have to reinstall Windows.
  jjrogers68

    jjrogers68

    I tried the chkdsk /r after booting from the XP disc. It took a while but completed just fine but when I rebooted I still had the same problem. Any ideas which trojan/virus this might have been?
  mailpup

    mailpup

    Sorry, no clue.
