Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus, Malware Not Sure What The Problem Is.


  • Please log in to reply
21 replies to this topic

#1 heartland

heartland

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:44 PM

Posted 24 September 2008 - 09:39 PM

Trying to complete the removal of some type(s) of malware or a virus. Initially was getting popups from Zedo so we applied the technique outlined in topic 154967. That seemed to help the immediate popups. However when we would logon to the internet (homepage is google) and perform a search with google the it would either NOT return a search result or if it did and we clicked on it....no navigation just loops working.... I am able to naviate to msn.com by typing the the url and do some searches but very limited and frequently not at all.

Seem the beast will open Internet Explorer and open numerous windows all on it's own.

I attempted to do a system restore to a date a couple months back and now it cannot get past the safe mode screen, states there is a probem with the setup file. I try to reboot to the last know working point, but no luck....

At this point I am at a total loss.

Running Kaspersky 9.0
Ran ATF-Cleaner in safe mode
Ran SUPERAntispyware in safe mode
Ran CCleaner

Any help is appreciated

BC AdBot (Login to Remove)

 


m

#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,571 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:44 PM

Posted 24 September 2008 - 09:56 PM

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 heartland

heartland
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:44 PM

Posted 25 September 2008 - 09:49 PM

At this point I can no longer get past the safe mode screen on boot. When I select safe mode it continues to boot until I have a black screen and "safe mode" in each of the four corners, windows never loads on the display. If I let the computer boot normally it simply locks up.....black screen....

Any suggestions at this point?

OBTW I don't have a rescue disk.........I know!!!

HELP!!!

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,571 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:44 PM

Posted 25 September 2008 - 09:57 PM

Try running chkdsk from the Recovery Console.

See this topic for more information. Post back if you have any questions.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 heartland

heartland
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:44 PM

Posted 25 September 2008 - 10:28 PM

Ran chkdsk /r and the command prompt returns "The volume appears to contain more than one unrecoverable problems"

#6 heartland

heartland
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:44 PM

Posted 25 September 2008 - 10:30 PM

I also noticed while in the black safe mode screen I did a ctrl del to bring up the apps window......I left for a bit and came back to see some type of google screen saver affect.....said google in the top left and small 3x3 pics being placed on the screen......never seen this before???

#7 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,571 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:44 PM

Posted 25 September 2008 - 10:32 PM

What is the make and model number of your computer?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#8 heartland

heartland
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:44 PM

Posted 25 September 2008 - 10:39 PM

Gateway GM5066E

#9 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,571 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:44 PM

Posted 25 September 2008 - 10:55 PM

If chkdsk is reporting unrecoverable problems then you may have a defective hard drive. Check in your user manual if there is a hard drive diagnostic test you can run. If not, try running the Hitachi Drive Fitness Test, as I'm pretty sure your computer has a Hitachi hard drive.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#10 heartland

heartland
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:44 PM

Posted 25 September 2008 - 11:06 PM

This problem began after I tried to restore to a point two months ago....It never could complete the restore and that's how I ended up with the safe mode screen. I performed the restore to try and mitigate the virus/malware I spoke of originally.......Does this still seem like a HD problem???

#11 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,571 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:44 PM

Posted 25 September 2008 - 11:12 PM

It might not be, but I would still check it out. Especially with chkdsk reporting unrecoverable problems. Once we rule that out we can try other things.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#12 heartland

heartland
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:44 PM

Posted 25 September 2008 - 11:22 PM

Thanks I'll make anothe run at it tomorrow!

#13 heartland

heartland
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:44 PM

Posted 26 September 2008 - 10:58 PM

OK....thanks for hanging in ...... you were correct it is a Hitachi drive.......ran the quick and advanced fitness test.....everythings OK

When I'm in the command prompt running the chkdsk I tried changing to drive D, E....got their but when I run DIR states unrecoverable and not files...don't know if that's normal or not.

Anyway, is the virus basically blocking the ability to SEE the HD's at this point and how do you recover from that?

#14 heartland

heartland
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:44 PM

Posted 27 September 2008 - 10:09 AM

I've made some progress.....
I've now been able to get to windows safe mode and run Malwarebytes, ATF cleaner and SuperAntispyware.....
Still cannot get boot to normal windows.
I noticed that during boot in the top left it flashes invalid boot.ini
Next flashes a recover mode press F11.......when I do it enters an environment regarding system restore.
It pops up a window stating: System restore environment is incomplete - Please insert restore CD/DVD #1 now

......uhmm I don't have the CD it is asking for .......what is my next move?????
Thanks!!!

#15 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,571 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:44 PM

Posted 28 September 2008 - 04:43 PM

Boot into the Recovery Console and type the following command:

bootcfg /rebuild

More info here.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users