new virus ?

I am running several pc’s all still using xp pro as i removed vista (total junk) and windows 7 ( modified junk) , on these pc’s i run several different security suites , mostly for comparision purposes and just plain curiousty , over the last week i have been infected on 3 pc’s , each running different security suites including comodo, avg , and mcafee , all three have been bypassed and on rebooting i go into the loop of start windows normally etc screen , tried to enter bios to change boot sequence to do a repair , no go , tried rescue disc , no go , only option was a reformat , no error messages although i assume it was the mbr that was infected , only thing i forgot to try was a live unbuntu cd as that can be used to repair the mbr , anyone know what the cause is and has anyone else been hit by it , similiar attacks like this in the past have deleted the ntldr file , easily fixed if you have access to a floppy disk , this appears to be something new , any ideas or suggestions would be appreciated .

Do u run more then one security suit of any of these machines? ???

Running more then one av/firewall/hips at the same time is not advisable problems because these programs (can) interfere with eachother and thus cause problems, like yours. My advise, format and install W7. It’s a better OS then XP (especially security wise). Comparing them is like comparing a 10 year old car to a brand new one (which is better?)
If you want to test a security suit, remove your current security suit or use a virtual machine to test.

It's a better OS then XP (especially security wise). Comparing them is like comparing a 10 year old car to a brand new one (which is better?)
Is such an assertion only off topic non sense, or are you able to bring whatever evidence to it?

First of all, MS changed a lot of security related features with Vista:

And since W7 is Vista++, MS improved some security features: Features new to Windows 7 - Wikipedia

A nice report:


Something similar to your problem has happened to a friend of mine and the culprit was the battery from the mb ! Don’t know if it applies to your case but maybe you should check.
Also another similar issue that I know of, was an incompatibility between the memory modules and the mb, the mb was an Epox 8rda3i and the memory modules were a model from Kingston. Later the Epox company updated the bios version of that mb model to solve the incompatibility but it was too late for my friend as his mb no longer responded to any attempt in fixing it, it was like fried or something but without any sign of it, weird, like it was hit with an electromagnetic pulse or something, like in those sci-fi shows.
My advice is to go on the mb manufacturer site and see what memory modules that mb model supports.
I hope you are lucky and is just a software issue.
Good luck !

Thanks to all that replied , some seem somewhat confused tho , i dont run more than one security suite on any pc , i run 5 pc’s at least sometimes more , each has a different security suite (none has more than one) on them , yet 3 pc’s have been hit with the same issue in the last 2 weeks , all are running xp pro , i have a hp 3.0ghz HT 500gb hd , lenovo 2.10ghz athlon x 2 250gb hd , dell 5100 1000gb 3.2ghz HT , acer aspire laptop 1,66ghz x 2 3gb 160gb hd , plus several others , now the problem is this each of the infrcted systems has done excactly the same , on reboot gone into a continous loop showing start windows normally , i have tried everything as i said bar the unbuntu live cd and checking the mbr , hope that makes it clearer , thanks one and all .

Not really as i took part in the original vista and windows 7 trials , right up to the public release , the best microsoft system for security believe it or not was actually windows 98 , also anyone running vista or windows 7 on 2gb of ram or less has one real slow pc , where as xp will out perform both on 2gb of ram even on xp pro 64 bit , vista and 7 rely heavily on ram to run the graphics at least 512kb , thus reducing your overall ram , even twin or quad processors work in unison as its a misnoma to think a twin cpu is faster than a single one , as the 2nd cpu cant work fully if it needs part of a process running on the other cpu , the fastest cpu’s are usually pentium d ht’s (hyper-threaded) clocking between 2.8 and 3.2 ghz , the fore runner of dual core , plus you also have to take into account the max working temp , and even intel or amd have yet to fully resolve this issue .

For the computer running CIS which version was it and how was it configured? Also, were any alerts allowed?

Also, were the PC’s updated recently? I’m just wondering if this isn’t malware related at all.

It was the latest version of CIS and was up to date , so was malwarebytes , and all microsoft updates , no new software had been installed or downloaded , i was each time just browsering different topics there were no alerts at all , i just seemed to slow down on certain pages , i thought it was a slow server , it was a bit like the old days when a porn pop up would loop you into that site until you manually rebooted , which is what i did only to go straight into the continuous loop of basically safe mode page , only thing was it wouldn’t allow me to move the options up or down , it was stuck on start windows normally , which it did repeatedly , like i said tried a rescue cd , loads of other things bar using ubuntu live cd as that allows you access to the mbr , in the end i reformated then ran kill disk on one , nuke and boot on another and just an ordinary format on the other , this may seem time consuming but that was done for comparision reasons to and anyway a quick format is only a hour to do , thanks for all the replies .

What tools installed by you have these computers in common? Did you get those tool(s) from the " dark side" ?

They were all clean , by the “dark side” i guess you mean cracked software or chat booters etc , none of the three that this happened to were used for any of those purposes , i use two other pc’s for that sort of thing and all network sharing is blocked , even flash drives and cd/dvd’s are marked for each pc , so there is no cross infection , the only common issue was just browsing out of curiosity at so called newly released progams , thankyou for your reply .

I’m still waiting for Comodo to add boot sector scan, as that kind of infection is really hard to detect and remove, or did they add it already?. I can only suggest you to use some portable AV program like DrWeb to see if it’s a MBR virus or not (if it can detect it anyway).
I can only tell you that by personal experience (I repair PCs) that AVG may support MBR scan but many viruses will pass by, as I had many boot-sector infected PCs to repair, and DrWeb was always able to detect the virus and remove it. McAfee also kinda fails at it, as I’ve got a good share of infected PCs running that AV.
The only lack of Comodo AV right now is the lack of such feature, which can’t help in such situations.

I hoped that people would be smarter than that, trusting the maker’s company telling you their product is cool and safe is like the worst thing that anyone can do. Trusting wikipedia that blindly is also wrong. I can go and edit those pages and write that Win7 is less safe than win95 and people will trust it.
It’s the internet, take everything with a grain of salt please :stuck_out_tongue:
I know that all that shiny stuff of win7 and vista attracts kids like honey for bears, but there’s something more behind an OS.