Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

maleware .. or hard disk fail ?


  • This topic is locked This topic is locked
31 replies to this topic

#1 dell5010laptop

dell5010laptop

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 27 November 2015 - 12:22 PM

Hi all

I have similar case as in this post
http://www.bleepingcomputer.com/forums/t/532013/hard-drive-fail-warning-or-virus/

I have 2 windows 7 on different partitions .. worked for 3 years.. but for a long time I used to use one having avast antivirus
Recently I installed a software then i discovered it contains a maleware "ads by cinema-p" then "ads by name" .. I couldn't remove it by any antivirus or tool .. but I just deleted any existance of it from data files or registery .. and reinstalled browsers
Afterwords windows started to hang till it stopped
I just returned back to the other old windows 7 system .. i installed microsoft antivirus (i don't remember name) but it didn't find any viruses .. but system started to hang as well .. I tried installing bitdefender 2016 i couldn't complete installing as the page of registering became all white .. I installed panda antivirus but it didn't complete scanning .. sometimes i saw it turnes deactivate so i activate it then it deactivate again .. which seems as a virus preventing ..
I reinstalled windows but the 1st message was that I have a hard disk fail and i have to back up my data

I'm trying copying important data but system is hanging often .. system repair says also I have a hard disk proplem
Pleasr advice .. thanks on advance

BC AdBot (Login to Remove)

 


#2 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:27 AM

Posted 27 November 2015 - 02:57 PM

Hello dell5010laptop and Welcome to the BleepingComputer. :welcome:  
 My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • Ensure your external and/or USB drives are inserted during always the scan.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here

Thanks
---------------------------------------------------------------------------------------------------------
 Please do the following.
 

Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

  • Click the "Windows Orb" Start button, then click Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.

A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.
To open Event Viewer and view the log:

  • Click the "Windows Orb" Start button -> type "eventvwr" without the quotes -> press the key.
  • The Event Viewer window will open.
  • In the left pane, expand "Windows Logs" and then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
  • Click on that Wininit entry to select it.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.

=================================================================================

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.

:hello:
 
Sincerely


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#3 dell5010laptop

dell5010laptop
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 27 November 2015 - 04:21 PM

Thanks a lot for ur reply

Now windows has been totally crashed .. it doesn't even start to users menu
I tried reinstall windows 7 .. it keeps loading after i choose install .. with no end
I tried now installing windows 10 .. i had the following log msg
Your pc needs to be repaired
A component of the operating system has expired
File :\ windows\ system32\boot\winload.exe
Error code 0xc0000605
You'll need a recovery tool

#4 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:27 AM

Posted 27 November 2015 - 04:44 PM

 Does the installation is not yet complete and Is there  operating system CD DVD ?


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#5 dell5010laptop

dell5010laptop
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 27 November 2015 - 05:10 PM

Yes .. it don't complete

I tried pressing in f8 & chose repair .. it even don't open
I rebooted with f12 .. to get boot menu .. i chose diagnostics .. then i got error code no 2000-0146
Hard drive 0

I couldn't press continue test as i have a not working 'y' letter :(

#6 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:27 AM

Posted 27 November 2015 - 05:39 PM

Sorry my friend,
For this problem,windows partition, you better may be help there
Please open a topic there.You explain this problem and you give the link here
I hope, you understand me. please Look


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#7 dell5010laptop

dell5010laptop
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 27 November 2015 - 06:02 PM

Thanks for try .. I'll

#8 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:27 AM

Posted 27 November 2015 - 06:42 PM

You're welcome, :thumbup2: Good luck

 

Best regards.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#9 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:27 AM

Posted 28 November 2015 - 10:57 AM

This topic has been re-opened at the request of the person who originally posted.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#10 dell5010laptop

dell5010laptop
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 28 November 2015 - 11:43 AM

Thanks a lot
I difenetely facing a strong virus problem!

I couldn't complete scan for errors as it became deadly slow

When I tried making scan for virus with the tool .. network suddenly turned off ..
I restarted again & making scan .. it reached 26% then it became very slow
1 infected files till now ..
a variant of win32/Toptools.A potentially unwanted application
A message shown that windows has encountered a critical problem and it will restart automatically in a minute. Please save your work now
I didn't press close .. it continued for 10 minutes .. then it restarted

Edited by dell5010laptop, 28 November 2015 - 11:44 AM.


#11 dell5010laptop

dell5010laptop
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 28 November 2015 - 01:33 PM

I restarted .. it crashed again with DBS ..

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033

Additional information about the problem:
BCCode: 7a
BCP1: C047D760
BCP2: C0000185
BCP3: 63F69820
BCP4: 8FAEC996
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\112815-21574-01.dmp
C:\Users\MODY\AppData\Local\Temp\WER-33852-0.sysdata.xml

Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt


I'm trying now again to scan

Edited by dell5010laptop, 28 November 2015 - 06:27 PM.


#12 dell5010laptop

dell5010laptop
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 28 November 2015 - 02:28 PM

again I got hanging before it complete .. & this DBS again

 

Problem signature:

Problem Event Name: BlueScreen

OS Version: 6.1.7600.2.0.0.256.1

Locale ID: 1033

Additional information about the problem:

BCCode: 7a

BCP1: C0414F00

BCP2: C0000185

BCP3: 3ECAB860

BCP4: 829E02B9

OS Version: 6_1_7600

Service Pack: 0_0

Product: 256_1

Files that help describe the problem:

C:\Windows\Minidump\112815-18751-01.dmp

C:\Users\MODY\AppData\Local\Temp\WER-32105-0.sysdata.xml

Read our privacy statement online:

http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:

C:\Windows\system32\en-US\erofflps.txt



#13 dell5010laptop

dell5010laptop
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 28 November 2015 - 03:23 PM

Please advice a good antivirus for that case .. i restarted in safe mode & I scanned more files .. I got about 35 different threats .. variant of win32/.. files, unwanted & unsafe applications , trojans & a virus .. then it hanged & shut down .. I'm trying again ..
Samples of threats :
Win32/gamehack.Ad
Win32/keygen.dy
Win32/gamehack.ew
Win32/softonicdownloader.A
Win32/pswtool.EFSkey.A
Win32/toolbar.conduit.b
Win32/opencandy
Win32/hotspotshield
Win32/toptools.A

Edited by dell5010laptop, 28 November 2015 - 06:23 PM.


#14 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:27 AM

Posted 28 November 2015 - 07:21 PM

There are also hardware problems !
If you are using crack-keygen software, remove all. If you do not remove, i have to close the topic.
 Crack and keygen !
This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Before posting for help, we ask that you uninstall any such applications, as indicated in this sticky topic.

Referring to the Forum Rules which you should have read at the time of Registering at this forum, BC does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machine.

In 2006, a study revealed that 59% of keygens and crack tools downloaded from peer-to-peer networks contained malicious or "unwanted" software.
 

Step 1:
 Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete or Clean.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Step 2:
Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista / 7 / 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3:

Please download ZHPcleaner to your desktop.

  • Double click on ZHPCleaner to run the tool.
  • If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click ZHPCleaner and select "Run as Administrator".
  • Please klick Ashampoo_Snap_20140819_13h09m50s_001__zp
  • Then press ''Repair'' button.
  • Browsers will automatically shut down.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile wit

Step 4:
 Scan with Malwarebytes Antimalware:

Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#15 dell5010laptop

dell5010laptop
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 29 November 2015 - 11:48 AM

Thanks a lot for helping

* I don't have any software now installed on this version, it's a fresh one on a formated partition, I even havn't install an antivirus yet
* Keygen software if exixst, it might be in another drive within my software sources .. but it's not installed, or I didn't do it
* I only could performed the 1st three tests .. it's just scanned C drive wich don't have threats yet .. all yesterday results through eset tool were on the other partition


today's logs  

 

# AdwCleaner v5.022 - Logfile created 29/11/2015 at 18:48:15
# Updated 22/11/2015 by Xplode
# Database : 2015-11-29.2 [Server]
# Operating system : Windows 7 Ultimate  (x86)
# Username : MODY - MONG
# Running from : C:\Users\MODY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WDFOJ053\adwcleaner_5.022[1].exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [637 bytes] ##########


 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Ultimate x86
Ran by MODY (Limited) on Sun 11/29/2015 at 18:52:56.51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

File System: 0

 

Registry: 0

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 11/29/2015 at 18:53:28.16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

* for the third test it finished with no threats, but it shut down machine twice whenever it finish scan
* I installed the fourth application .. but it don't open






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users