Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malwarebytes can't finish removing virus/trojans b/c restart problems


  • This topic is locked This topic is locked
124 replies to this topic

#1 Terri13th

Terri13th

  • Members
  • 256 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:28 PM

Posted 28 June 2011 - 02:29 PM

I'm trying to repair infected xp computer which won't boot into windows b/c corrupt ole.32dll. Using boot cd, I was able to run malwarebytes which found assortment of Trojans/malware/hijackers, but after cking all for removal, it needs to restart to complete removal. I do restart, however nothing is removed as same exact results appear on re-scan. It seems a catch-22 as I believe the malware is corrupting my ole32.dll as soon as I replace it, but I can't get rid of them without a working restart of computer. Please advise, and thanks. Terri

Edited by hamluis, 09 July 2011 - 12:26 PM.
Moved from MRL, no logs, to Am I Infected.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,411 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:28 PM

Posted 09 July 2011 - 12:35 PM

OP made 3 posts re same topic.

1st was made in MRL, no logs, which I have now moved to AII (this topic).

2d was made in XP forum, which I just closed, http://www.bleepingcomputer.com/forums/topic408259.html .

3d was deleted as dupe by Mod.

Louis

#3 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:28 AM

Posted 09 July 2011 - 12:42 PM

can you post the logs that Mbam is creating?

#4 Terri13th

Terri13th
  • Topic Starter

  • Members
  • 256 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:28 PM

Posted 09 July 2011 - 12:52 PM

I'm sorry for doing wrong thing w/my post. I originally posted as malware problem b/c when running malwarebytes from boot disk, items found couldn't be removed as required restart, and pc won't boot up Windows at all. After not receiving reply, I contacted Malwarebytes, which in the end couldn't help me due to the unreliability of using their program from CD! So, I reposted my original problem, which was not being able to boot pc due to corrupt ole32.dll error. I was just getting feedback when my post was moved. How can I continue my communication w/Allan. listed as 'BC Advisor' in XP forum, or will I just start all over here? I noticed my entire string didn't move over.

#5 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:28 AM

Posted 09 July 2011 - 12:55 PM

You need to keep the topic here. We need to find out what you are infected with. Can you please post the logs.

What boot disk are you using?

#6 Terri13th

Terri13th
  • Topic Starter

  • Members
  • 256 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:28 PM

Posted 09 July 2011 - 12:56 PM

[quote name='cryptodan' timestamp='1310233368' post='2327241']
can you post the logs that Mbam is creating?
I worked with malwarebytes last week, really couldn't post logs as working from boot disk and it never wd work for me, but the bottom line is that they said it was unreliable using malwarebytes loaded onto cd, as opposed to obtaining it directly, which I couldn't do on the down computer. I did send them the list of items found, and response was that nothing really stood out which wd cause my corrupt ole32.dll problem. They couldn't help me.

#7 Terri13th

Terri13th
  • Topic Starter

  • Members
  • 256 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:28 PM

Posted 09 July 2011 - 01:00 PM

You need to keep the topic here. We need to find out what you are infected with. Can you please post the logs.

What boot disk are you using?

I've tried Hiren's and also Kapersky's so far, but it seems as if allot of content is unusable. So, I loaded some virus programs onto seperate disks to run. The stopper is always that if things are found, I must restart to remove, which does nothihng as Windows won't start w/o boot disk. Last nite I ran antispyware but it seemed to only find problems on the mini XP drive, not my C drive, but did scan all drives.

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:28 AM

Posted 09 July 2011 - 01:01 PM

Can you try malwarebytes in safe mode via hitting F8 after post screen?

#9 Terri13th

Terri13th
  • Topic Starter

  • Members
  • 256 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:28 PM

Posted 09 July 2011 - 01:07 PM

Here's my other post from the wrongly placed original post of my problem, to help bring you up to date--
The stop error is at BSOD, and is "C0000221 (Bad Image Checksum) The Image ole32.dll is possibly corrupt. The header checksum does not match the corrupted checksum."
The computer is unbootable w/o boot disk. It happened when doing a cut/paste to notepad, but exact details unclear as I wasn't using pc at the time. But, I've had a series of 'corrupt file' errors since a repair/install of XP that was a nightmare event. The big problem is that I only have orig. HP issued XP Home disk which came w/pc, and has no service packs. I had tried slipstreamed cd for repair, but then when I came to product code screen, wd not accpet my original product code. So, I had to do repair w/orig. disk, and loaded service pack 2+3 off created cd form microsoft site,while offline, then immmed virus scans, etc. That was in April, and have had series of issues ever since, so was hoping to repair this w/o doing that again!
Now I have tried just replacing just the ole32dll file using recovery console but that didn't help things. Ran check disk again, but nothing changed. I wd appreciate any suggestions you have.

#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:28 AM

Posted 09 July 2011 - 01:10 PM

Run chckdsk /f and see if that fixes things.

#11 Terri13th

Terri13th
  • Topic Starter

  • Members
  • 256 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:28 PM

Posted 09 July 2011 - 01:11 PM

No safe mode works of any type at all. Tried restore to last working config back when first had problem to no avail. The only way the pc boots is from bootable disk. Recovery console works from XP Home disk. Opera online access works w/Hiren's but limited download ability due to mini-xp version's memory.

#12 Terri13th

Terri13th
  • Topic Starter

  • Members
  • 256 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:28 PM

Posted 09 July 2011 - 01:12 PM

[quote name='cryptodan' timestamp='1310235048' post='2327300']
Run chckdsk /f and see if that fixes things.
Have run ck dsk multiple times, it always says it finds error or errors and fixes, but pc still unbootable.

#13 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:28 AM

Posted 09 July 2011 - 01:15 PM

Are you running chkdsk /r or chkdsk /f

Those are different.

#14 Terri13th

Terri13th
  • Topic Starter

  • Members
  • 256 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:28 PM

Posted 09 July 2011 - 01:19 PM

[quote name='cryptodan' timestamp='1310235313' post='2327320']
Are you running chkdsk /r or chkdsk /f

Those are different.

Chkdsk /r and it comes back saying it found and fixed one or more errors.

#15 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:28 AM

Posted 09 July 2011 - 01:22 PM

Run chkdsk /f it is more thorough then chkdsk /r.

When quoting posts please do not remove the bottom

[/quote]

Tag it messes up your post formatting.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users