When I first started working on it the laptop was infected with Vundo. I have the initial MBAM log, which I had to run in Safe Mode. I posted the log in the "Am I Infected" forum:
After much frustration at not being able to run anything in Normal Mode, I backed up all of the stuff on an external HD and Restored the Factory Image from the D: partition.
I then went through the process of TRYING to download and install all of the Windows Updates. Windows Update could not download and install all of the updates because of Error Code 80070017. A search of this error code suggested running CheckDisk to resolve the matter. I did this and still had the problem. Another search suggested the following:
For Windows Vista and for Windows Server 2008, follow these steps:
Note When the updates are installed successfully, you can safely delete the rename.bat file.
- Click Start, type notepad in the Start Search box, and then click notepad in the Programs list.
- Copy the following commands, and then paste them into the Notepad file: net stop wuauservCD %systemroot%\SoftwareDistributionRen Download Download.oldnet start wuauserv
- On the File menu, click Save as.
- In the File name box, type rename.bat, and then click All Files (*.*) in the Save as type box.
- Save the rename.bat file to the desktop.
- Right-click the rename.bat file, and then click Run as administrator.
If you are prompted for an administrator password or for a confirmation, type the password, or click Continue.
- Try to install updates again.
After doing this I was able to get the computer completely updated. I told my friend the computer was fixed and did a little disc cleanup (created a Restore Point, ran Disc Defrag).
I had installed Avast Free and MBAM after the reformat and Factory Image install, and had ran a MBAM scan without any errors or problems before all of the Windows updates were installed. I decided to do one more MBAM update and scan before going to dinner last night. That is when things went wrong.
MBAM stopped responding when it reached this file:
Thinking this was nothing more than a tmp file that wasn't needed, I decided to move it to a flash drive and rescan with MBAM. During the move I received this Error Message:
A search of this suggested the following (during the Update error code it also suggested running ChkDsk, and there were some bad sectors):
Start - Run - (type) cmd - Enter
This will bring up a DOS style box with blinking cursor,
At the blinking cursor, type:
chkdsk /f /r - Enter <--- notice the required space before the "/"s.
CHECKDISK will inform you that it cannot be run because files are in use/locked, etc. and will invite you to allow CHECKDISK to run the next time you reboot your machine.
Type "Y" for yes, and then reboot.
After doing this, the screen went to this:
I am not exactly sure how long this ran, but it started at around 5:00 pm and was still running at 11:00 pm. When I got up this morning, the computer was up and running. I went to the Computer Manager Console to retrieve any reports I could find:
When I clicked on the Errors, this is what happened:
After clicking OK, this popped up:
Does anybody have any ideas on what I can do to resolve the problems? Is there a problem with the HD and should I just replace it? The checkdisk found a lot of bad sectors.