Announcement

Collapse
No announcement yet.

What is YoYo on boot up.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • What is YoYo on boot up.

    I booted up my computer this morning to find it going no where after verifiying dmi pool.

    infact after it says Verifiying DMI Pool...

    it just says
    YoYo

    the o's look more like 2 o's that have been pushed close together kinda like doubble zero's sharing the same middle line "00", i tried restoring all defaults and such in my bios but that did nothing at all.


    I'm sure i can fix it if i slave my primary hard drive to another thats working but truth be told i'd rater use that as a 2nd last resort, other than my final choice of just wiping out my hd clean.


    Before any one tells me to google it, i tried, i tried even looking up the character that was used but i got nothing, i even searched some antivirus websites to see if they have any information, also tried microsoft's online help, that was about as usefull as sitting on a thumb tack.

    any info? suggestions?

    i'd appreciate it.
    thanks.


    *edit*

    it's on win xp.
    Last edited by Hoodoo; October 3, 2005, 10:33.

  • #2
    Well, where did you buy the computer? If custom built, who made the motherboard?
    Maybe you should ask them.....

    BTW, the symbol you are looking for, sounds alot like infinity, which is a sideways 8, sort of.
    -Ridirich

    "When you're called upon to do anything, and you're not ready to do it, then you've failed."

    Commander W.H. Hamilton

    Comment


    • #3
      Sounds like something has screwed up your MBR. http://www.trendmicro.com/vinfo/viru...OYO%2E1271%2DB might have done it. I'd try to do a virus scan on the system from protected media, then maybe an fdisk /mbr will fix it.

      Good luck.
      Aut disce aut discede

      Comment


      • #4
        Originally posted by AlxRogan
        Sounds like something has screwed up your MBR. http://www.trendmicro.com/vinfo/viru...OYO%2E1271%2DB might have done it. I'd try to do a virus scan on the system from protected media, then maybe an fdisk /mbr will fix it.

        Good luck.
        well i was able to slave the drive and do a scan on it and could'nt find anything. i even found my xp-pro disk and did a system repair on it and that did no good either, so i scanned and backed up what i absoutly needed, and i'm going to Reformat.

        Comment


        • #5
          Follow Advice Given!!

          Just formatting will NOT get rid of a virus that has decided to take up residence in your MBR. Follow the advice already given and make sure that you run fdisk /mbr.

          Comment


          • #6
            If you find out that simple re-formatting doesn't do it. You might want to choose the "cautious, but sometimes warranted" path of complete disk wipe, assuming you don't have anything on there you really need. DBAN is a great tool for doing that. I use it to wipe my drives before junking or RMAs.

            I know that if I had a drive which was acting crazy or had been hit with unknown malware, I'd want to not only wipe the drive but also write test it, which is what DBAN can do.
            Aut disce aut discede

            Comment


            • #7
              I've recently had the same issue. Y0Y0 on bootup. Just seemed to happen out of nowhere, and there is little I can find via Google.

              I tried FIXMBR and FIXBOOT, but both did nothing. I finally swapped another drive in and slaved the old and was able to reinstall Windows XP and then access my old files. I copied them off to my new drive, and then just tonight (less than a week later), it stopped booting as well. Very similar to the old sitution, but no Y0Y0 this time, just a missing NTLDR. Sometimes, nothing but a few displaced characters on the screen.

              Very annoying. Seems very virus like, but I dunno how I can get rid of it. Now it looks like I have two drives with hosed MBR's that I can't seem to clear.

              Any ideas?

              Comment


              • #8
                There are some programs that track stolen computers and supposedly cannot be wiped or deleted from the hard disk. Makes me wonder.

                Comment


                • #9
                  Hmm. Maybe related?
                  yoyo.mp.1251 is classified as a a multipartite

                  No description to tell if the symptions you have are evidence of a common payload being launched.

                  Trend Micro has a better description, but their web server software is B0RkEn (broken). Google has a cache That reads:
                  Originally posted by cacheurl
                  ...
                  YOYO.1271
                  Aliases: Tenesmus.1271, Yoyo-1271, Yoyo.1271, Yoyo.mp.1271
                  This is a File Infector virus. It is detected by the latest pattern file.

                  YOYO.1271-B
                  This is a Boot virus. It is detected by the latest pattern file.

                  YOYO.1271.A
                  Aliases: Tenesmus.1271, Yoyo-1271, Yoyo.mp
                  This is a File Infector virus. It is detected by the latest pattern file.
                  ...
                  Maybe their WebApp will get fixed and those links will work some day
                  Added:
                  Yeah, Alx Rogan found another one earlier too. The only new content is the link to the other two yoyo malware instances.

                  Comment


                  • #10
                    Originally posted by cmug
                    Any ideas?
                    I'd try to slave the drive again, and without reinstalling an OS on it, copy the data off to a storage location, then hit that location with every scanner you can lay hands on. Then use DBAN (mentioned earlier in the thread) to do a forensic wipe on the disk. Then re-install and restore your data.

                    take off and nuke the entire site from orbit, it's the only way to be sure.
                    Aut disce aut discede

                    Comment


                    • #11
                      Missing NTLDR on Bootup

                      Ok, found the issue. I came across another post that had mentioned flashing the bios fixed his similar issue. Was the same for me. I had just installed the Gyro mouse and remote keyboard when this issue started. It has a USB transmitter, which apparently must have corrupted the Boot Block of the Bios.

                      After flashing the Bios with the latest I immediately had access to my OS again, and XP booted fine. I was VERY relieved that I didn't have to reformat or deal with playing around with the data. I hope this information helps someone else with a similar issue.

                      Chris

                      Comment

                      Working...
                      X