Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problematic Malware/Virus? Problems with .exe files and scanning for virus.


  • Please log in to reply
5 replies to this topic

#1 Ebonix

Ebonix

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:19 AM

Posted 25 May 2012 - 06:04 AM

Hi Guys,

Fairly new too the site, I've been lurking over the past week reading up on topics trying to self-fix but I'm starting to run out of ideas and could do with a little guidance.

Around 4 or 5 days ago I updated Avast & Zonealarm at the same time on Windows 7. As with most updates, it makes you restart once the installation has completed. When the computer restarted, no programs would execute, the wireless signal was persistently on the busy (little blue circle next to the bars) and every time I tried loading Avast or Zonealarm, they just would sit there doing nothing. During this instance I tried doing various restarts just to see if Windows hadn't loaded properly which sometimes happens on my laptop. I left this overnight just to see if the laptop was having a funny turn.

When I came back it essentially hadn't moved over night, so I knew something was up. I managed to get into Safe mode and ran RKill but RKill is finding no issues. Super Anti-Spyware had found 4 trojans and cleaned them up. CC Cleaner did its thing fine. I then tried to reload in normal mode to see if everything had gone swimmingly. No luck though, I managed to get Avast & Zonealarm up and running but an attempt at a full scan with Avast caused the computer to restart when it noticed Explorer was acting suspiciously. So I went back into Safe mode, ran RKill, Super Anti-Spyware and CC Cleaner again but they are all coming up clean again. At this point I'd ran out of time and had come back here to lurk to see if I could find something else to help. I read that TDSSKiller was probably my best bet.

Went back to the Laptop and tried TDSSKiller in safe mode with networking, it didn't install properly first time (Froze at 80%) but a second attempt in normal Safe Mode and it finds no threats. I tried an overnight scan in safe mode with Avast and it got too a certain point and has been stuck there since.

Also I've tried a system restore but it fails each time, first time around it said because Avast was active it wouldn't be able to restore, I disabled that and tried again but still no luck.

My next thought it attempting this solution http://www.bleepingcomputer.com/forums/topic452209.html but I don't get the FakeHDD error when I boot.

Sorry if this is a bit short on specifics, it's been a frustrating few days and I've tried so much it's hard to remember error codes.

EDIT - Have used Malwarebytes a couple of times and this seems to have problem scanning too. Often freezes.

Edited by Ebonix, 25 May 2012 - 06:17 AM.


BC AdBot (Login to Remove)

 


#2 Ebonix

Ebonix
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:19 AM

Posted 25 May 2012 - 06:40 PM

*bump*

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:19 AM

Posted 25 May 2012 - 08:25 PM

Hello, did you do the steps there from
FixNCR.reg
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Ebonix

Ebonix
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:19 AM

Posted 26 May 2012 - 09:56 AM

As of yet, I've not tried fixNCR.reg as of yet. That was my next step, I'll try that this evening and update the thread with my findings.

#5 Ebonix

Ebonix
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:19 AM

Posted 29 May 2012 - 07:07 AM

Right, the problem appeared to be Zonealarm. Rkill, TDSSKiller, Spybot, Super Anti-Spyware are all coming up clean still. Uninstalled Zonealarm in Safe mode and the Laptops been fine ever since...

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:19 AM

Posted 29 May 2012 - 12:45 PM

Sometimes they will need to be set.. So you don't accidentally put yourself back int his place,now you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users