Posted 13 May 2010 - 10:49 AM
Someone has been helping me in the "Am I infected? / Virus, Trojan, Malware..." forums with a strange problem that appeared. When the computer booted I was presented it stalled on a black screen with only a small box with the name "C:\Windows\System32\cmd.exe", and inside was text in DOS with the line "C:\Windows\System32\*, Are you sure (Y/N) ?". I also had an issue with network activity: the little meter showed enormous alternating spikes in activity and the computer slowed to a halt (this problem has vanished). I was asked to run an MBAM scan and a GMER as well but had a problem running GMER. In the instructions for GMER I read that i should run it in safe mode if I experienced any problems, so I did. I didn`t go very well and kept freezing in safe mode. Somehow it ended up managing to work without freezing. I posted the log and mentioned an issue I had with the keyboard not responding properly, which is still irritating me as I type this. It appears the apostrophe and quotation mark key isn`t working properly right now (look at the apostrophe in the word *isn`t*).
I was told to create a DDS log and start a new topic in Virus, Trojan, Spyware, and Malware Removal Logs and to include the GMER log as well. Then I was asked to run OTL, then MBAM again, and an ESET Online Scanner. It was determined that there were no problems.
In order to clean up the pc I was asked to take several steps. This became problematic when attempting to disable and enable system restore, when I got this message:
There was an unexpected error:
The parameter is incorrect. (0x80070057)
System Restore will now close.
I was then asked to disable system restore in safe mode, which resulted in freezing.
Then I ran chkdsk and sfc which seemed to find nothing wrong.
Next was safebootkeyrepair, resulting in an error stating that this was an unsupported version and would only run on windows 2000 or XP.
SReng also came back with a message about not being able to repair something.
And finally, running startup repair from the vista recovery disk provided this:
Problem Event Name : StartupRepairV2
Problem Signature 01: unknown
Problem Signature 02: 6.0.6000.163184.108.40.206.0
Problem Signature 03: 0
Problem Signature 04: 65537
Problem Signature 05: unknown
Problem Signature 06: NoOsInstalled
Problem Signature 07: 0
Problem Signature 08: 1
Problem Signature 09: FixPartitionTable
Problem Signature 10: 1168
OS Version: 6.0.6000.2.0.0.256.1
Locale ID: 1033
And that would be where we left off, and I was instructed to start a topic in the Vista forum and hopefully get some answers.