Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer infected, some removed, no exe file will run


  • Please log in to reply
1 reply to this topic

#1 jjmcgaffey

jjmcgaffey

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:07 AM

Posted 06 November 2014 - 05:02 PM

I'm an independent computer tech. I'm used to clearing viruses off machines, and dealing with the damage left behind. This one has me stumped.

 

I have a computer from a new client - Dell laptop, Windows 7 Ultimate, 4 Gb, Core2 Duo (I can give more details if needed). It was booting incredibly slowly - literally 5-8 minutes from on to desktop showing and icons clickable. Other problems too, but I can deal with them when this is fixed. Running AVG Free 2015 (previously installed).

 

I was able to install and run CCleaner. Removed some startup files, there wasn't anything odd in the installed programs, ran the cleaner and registry and both ran normally.

 

Took it home, tried my usual tactic of installing MBAM. It wouldn't install, even trying all the chameleons. The visual is - click on the EXE file, it asks if I want to run the program, I click Yes, the screen greys out...and about a minute later the screen clears up. No other action - the program is not run. I'd think there was a dialog waiting for a response from me, but I can't find it - one screen, resolution at recommended so it's not off the edge, and nothing in the taskbar. ???

 

Stormwatch ads in the browser - but it's neither in Installed Programs nor in the Extensions/Add-ons lists. ???? Eventually removed (I think) - see 2nd paragraph below.

 

I've turned the firewall on - twice so far. Then I reboot and it's off again (or at least, after a reboot I notice it's off. Not sure exactly when it's being turned off).

 

I went into Safe Mode and was able easily to install MBAM. Ran it and it found some 400 adware items - but no malware. Ran twice, once without and once with rootkit search installed - no difference. Quarentined all found items (Stormwatch, Gameo, a couple others). Ran another scan, it said all was well. But back in normal mode, .exe files don't run.

 

Used RKill, TDSSKiller, SuperAntiSpyware - they'll run in Safe Mode and find nothing, won't run in normal mode. RKill.com does the same thing.

 

Tried a Microsoft Fixit for exe files - did nothing. I can't run Regedit and look for myself, because that's an exe. And can't get into elevated CMD - same greying out. A non-elevated CMD will open, but I can't run the useful things from there.

 

Browsers run (thank goodness). Adobe Flash tried to update, downloaded but failed to run (same thing, temporary grey).

 

I haven't tried a live CD yet, nor Repair Computer from the F8 menu. Can't do an SFC /scannow without the elevated CMD.

 

Oh - and Safe Mode boots a lot faster. Regular is faster than it was - only about 3-5 minutes from on to ready - but still slow. Safe Mode boots at the speed I expect, about 1-2 minutes to ready (even with the delay of hitting F8 and choosing SM with networking). But I can't get into MSConfig, either (and nothing much shows in CCleaner).

 

I can't tell whether it's still infected, with something I can't find, or if this is aftereffects of something that's been removed. And in either case, I can't figure out how to fix it. Suggestions?



BC AdBot (Login to Remove)

 


#2 jjmcgaffey

jjmcgaffey
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:07 AM

Posted 06 November 2014 - 07:07 PM

Huh. So I did a disk check (through Tools on drive C:)... and suddenly everything's working. RKill has run, MBAM is running. And the boot was much (much much) faster than it has been. I did manage to get into MSConfig and put it on Selective Start (before the disk check), so it may have been something in there - but that I can work with. Thanks for letting me rant, and work out what I'd done and not done! I'll come back and note if I figure out that it was an item in startup that caused my problems.


Edited by jjmcgaffey, 06 November 2014 - 07:07 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users