ross
join:2000-08-16
 ·Digizip
| reply to MGD
Re: [XPAV infection?] Cannot log in to windows, nor safe mode
You could try this method:
Download the Ultimate Boot CD ISO, and add your favorite anti-virus, -trojan, -spyware software to the ISO image, then burn the image to CD. Set your BIOS to boot from the CD/DVD-ROM, and use the software you have at hand to scrub the hard drive of malware. Reset the BIOS to boot from the hard drive. Boot into Safe Mode with networking enabled, then run an on-line scanner like the one available at Kaspersky, or at Trend Micro. |
|
MGD
Premium,MVM
join:2002-07-31
Fort Lauderdale, FL
1 edit | Thank you for your help,
Prior to reading your post, I booted into a command prompt with a windows cd. I renamed beep.sys in the windows/system32/drivers folder to .old. I then copied in a beep.sys from a known good system. I was then able to successfully boot into safe mode. The now beep.old was a 17KB file that was dated today at noon, the time of infection. The correct beep.sys is ~5KB
This is apparently a new strain of the XP Antivirus. I am now examining the system in safe mode prior to running the scans. I suspect those symptoms may start showing up with many others.
MGD
EDIT = corrected directory path |
|
MGD
Premium,MVM
join:2002-07-31
Fort Lauderdale, FL
| reply to ross
I uploaded beep.sys to virustotal, they report a prior submission:
File has already been analysed:
MD5: 7f61fb6dd535d902a9f19e35c68f5bea
First received: 09.24.2008 09:08:13 (CET)
Date: 09.25.2008 22:39:52 (CET) [>2D]
Results: 8/36
Permalink: analisis/0b5d2a757d1337267ab80af888014d0c
MGD |
|
MGD
Premium,MVM
join:2002-07-31
Fort Lauderdale, FL
| reply to ross
To add, Virustotal currently shows a 17/36 detection level:
»www.virustotal.com/analisis/fdd2···dadfe2fe and ThreatExpert »www.threatexpert.com/report.aspx···c68f5bea
MGD |
|
