Jump to content

Manual Removal of Bancos!A2


etzeppy
 Share

Recommended Posts

I cannot attached the a-squared log file because I ran the program from a recovery disk and cannot find away to get the fill off of the machine.

I know that the problem file is network.exe

HKEY_USERS\DEFAULT_ON_C\Software\Viewpoint\Content Debugger -->Viewpoint Manager

Was also listed in the log file as infected with Bancos!A2. As of now, this machine will not boot in Windows XP Home normal or Safe Mode. Any help is greatly appreciated.

Link to comment
Share on other sites

What error message if any, are your receiving at system boot?

I think that Bancos! warning is a false alarm as it is associated with network.exe on the X: drive. X: is the UBCD4Win CD I used to boot into a Win PE shell. I search the local disk (C:) and network.exe does not exist.

Here is an update on the problem and things I have tried (with no luck).

The PC was running and then locked up...no programs or task manger would respond. After trying everything I could, I performed a powerdown. After that the PC boots to a black screen with mouse control. If I attempt to boot in safe mode, I get the same black screen and white mouse along with the normal safe mode text at the top of the screen but the desktop does not load. Booting with the Last known good config also yields the same results.

I originally assumed this was malware because I was attempting to fix a hacked web site (via FTP) when this happened. Further, I moved to a 2nd PC (different make and model) and it eventually went into the same bad state. Now I have 2 dead PC's with the exact same symptoms. I was able to finsh restoring the web site files with a 3rd PC.

Using the UBCD4Win CD on both PCs I was able to boot in a Win PE shell and run the some basic anti-mal/vir programs. They found a few low level threats and this Bancos!A2 (on X:\i386\network.exe)

I have also run chkdsk and fixmbr in the event that I had a disk error or a virus moved the mbr, but nothing seems to help. On one of the two PCs, I also ran a Windows XP repair install. Still no luck.

I am stumped.

Link to comment
Share on other sites

Boot to the XP Recovery Console and log on to the Windows partition that needs to be repaired.

type bootcfg /rebuild

press Enter

The bootcfg /rebuild command scans the hard disks of the computer for Windows NT 4.0, Windows 2000, or Windows XP installations, and then displays the results. You can add the detected Windows installations.

You may receive a message that is similar to the following message:

Total Identified Windows Installs: 2

[1] C:\Windows

Add installation to boot list? (Yes/No/All):

Enter Load Identifier: (Custom description for an operating system loading from the Boot menu)

Enter Operating System Load Options: (that is: /fastdetect)

[2] D:\Windows

Add installation to boot list? (Yes/No/All):

Enter Load Identifier: (Custom description for an operating system loading from the Boot menu)

Enter Operating System Load Options: (that is: /fastdetect)

type exit

press Enter

The system will reboot

What happens?

Link to comment
Share on other sites

Boot to the XP Recovery Console and log on to the Windows partition that needs to be repaired.

type bootcfg /rebuild

press Enter

The bootcfg /rebuild command scans the hard disks of the computer for Windows NT 4.0, Windows 2000, or Windows XP installations, and then displays the results. You can add the detected Windows installations.

You may receive a message that is similar to the following message:

Total Identified Windows Installs: 2

[1] C:\Windows

Add installation to boot list? (Yes/No/All):

Enter Load Identifier: (Custom description for an operating system loading from the Boot menu)

Enter Operating System Load Options: (that is: /fastdetect)

[2] D:\Windows

Add installation to boot list? (Yes/No/All):

Enter Load Identifier: (Custom description for an operating system loading from the Boot menu)

Enter Operating System Load Options: (that is: /fastdetect)

type exit

press Enter

The system will reboot

What happens?

Thanks for the sugestion. I tried it but I get the same result. Just the black screen...

Link to comment
Share on other sites

You may have to resort to completely reinstalling the Operating System.

That is where I will end up if nothing else works.

Here are a few more facts about this "case". I originally assumed this was malware related and not just an OS problem because I have two PCs with the same issues. They both died on the same day while I was repairing a web site (via FTP) that had been hacked. PC1 locked up while I was attempting to edit a remote file with Notepad. I do not recall if it was a .php or .js file. After 10 minutes with no response, I powered down and the PC never booted again.

I moved to a 2nd PC to continue repairing the web site. I was almost done when the same thing happened to the 2nd PC. I guess it is possible that I killed two OS's in exactly the same manner but some sort of virus or malware seemed more likely.

Link to comment
Share on other sites

It very likely was a virus that killed both Operating Systems; without any error messages or ability to get logs, I don't have a lot of information to work with.

I can boot from a UBCD4Win CD, which includes several anti-virus/malware tools. The only thing significant that the tools have found is is the Bancos!A2 warning, which I assumed was a false positive since network.exe is on the CD and not the C: drive. Is it possible that I really do have a Bancos infection? Any suggestions on how I could confirm?

Is there anything else you would suggest before giving up.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...