Help Please

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by mamabear0604, Oct 14, 2013.

  1. mamabear0604

    mamabear0604 Private E-2

    :(I am usually pretty good at fixing my own computer. And truth be told I havent had any major virus on my computer for 3 or 4 years now I think. I typically do maintenance and virus removal for friends and family. In fact just a week ago fixed my sisters computer that had 8 trojans and numerous other things wrong. She was not able to even log on to it in normal mode. But on this I think I am banging my head against the wall here. Malwarebytes turns up nothing. However I am not able to run tdskiller or do anything else from that step on in the read & run me first process.

    I do not know what is going on with my computer and honestly it is a bit hard to describe so I will try my best.

    It started about 4 or 5 days ago. I wasnt able to update my adobe flash player. I thought this a bit odd, so I researched it. At that time I thought it was either adobe or mozilla not talking correctly with the other. However I soon found out that in normal mode it does not want to install any .exe files. It wants to tell me that the .exe extension is not a win32 operation or something along those lines. I did research this to make sure the file association was correct and it seems to be. In safe mode with networking I am able to run the windows installer and it will install .exe files but there are a few that still wont install. At first I thought it was because some how or another the .exe file extension was deleted but then that doesnt make since for me to be able to install in safe mode with networking.

    Another thing is that in normal mode flash doesnt seem to work correctly. It says that it is if I go to the adobe site and test it. However when I try to go to one of my college classrooms online that requires flash it does not load properly and it ran just fine before. In safe mode with networking I am able to go to my virtual classroom and everything works fine.

    And the last thing in normal mode my computer does not want to shut down properly. It sits forever on shutting down and I normally have to hold the power button down until it turns off. But again in safe mode with networking it shuts down fine. It also seems slower than usual.

    Something else I remembered, for the first day or 2 my documents folder took forever to load. I normally became impatient and closed it out. It doesnt do it now because I have removed everything and put it on my external drive in case something went awry in the cleaning process.

    I have included some reports that I have ran to help. The tools that I was able to use I just ran the reports I did not fix anything yet. I also included a screenshot of task manager showing what processes are currently running. :(
    ________________________________________
    Results of screen317's Security Check version 0.99.74
    Windows 7 Service Pack 1 x64 (UAC is disabled!)
    Internet Explorer 10
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Disabled!
    WMI entry may not exist for antivirus; attempting automatic update.
    `````````Anti-malware/Other Utilities Check:`````````
    Malwarebytes Anti-Malware version 1.75.0.1300
    Java 7 Update 25
    Java version out of Date!
    Adobe Flash Player 11.9.900.117
    Adobe Reader XI
    Mozilla Firefox (24.0)
    Google Chrome 29.0.1547.76
    Google Chrome 30.0.1599.69
    ````````Process Check: objlist.exe by Laurent````````
    Bitdefender Bitdefender vsserv.exe
    Bitdefender Bitdefender updatesrv.exe
    Bitdefender Bitdefender bdagent.exe
    Bitdefender Bitdefender SafeBox safeboxservice.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:
    ````````````````````End of Log``````````````````````
    ________________________________
    Hope all of this helps. Please let me know if you need anything else.

    Thank you very much in advance for any and all help that you are able to provide.

    Christina
     

    Attached Files:

  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Try the below:

    Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop on the PC with the infection.

    • Open up this newly created folder and then open the "files" folder (...\windows repair v1.5.7\files)
    • From here, locate the fix_exe_hijack.inf file and then Right-mouse click it one time, then choose "Install".
    • Once you have done this, you should now be able to open applications again.
    • Let me know if that helped, and see if you can now get through the rest of the read and run me first?

    READ & RUN ME FIRST - Malware Removal Guide
     
  3. mamabear0604

    mamabear0604 Private E-2

    ! C:\Users\Christina\Desktop\Windows Repair\tweaking.com_windows_repair_aio.zip: The archive is corrupt
    ! C:\Users\Christina\Desktop\Windows Repair\tweaking.com_windows_repair_aio.zip: The archive is corrupt
    ! C:\Users\Christina\Desktop\Windows Repair\tweaking.com_windows_repair_aio.zip: CRC failed in Tweaking.com - Windows Repair\files\registry_backup_tool\tweaking_tabs.ocx. The file is corrupt
    ! C:\Users\Christina\Desktop\Windows Repair\tweaking.com_windows_repair_aio.zip: The archive is corrupt


    when i extract it this is what it says. should i try extracting it in safe mode? then running it in normal?

    thank you for your help
    christina
     
    Last edited: Oct 14, 2013
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Please try this instead.

    FixExec

    Attach the log once done.
     
  5. mamabear0604

    mamabear0604 Private E-2

    here is the log. do you want me to try and finish the clean process?
     

    Attached Files:

  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Yes please. :)
     
  7. mamabear0604

    mamabear0604 Private E-2

    i am not able to run tdsskiller. it never opens and when i try to run hitman it gives me an error. i have attached a screen shot.:(
     

    Attached Files:

  8. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Continue on and try all of the tools please. If ALL of them fail, try running them in safe mode.
     
  9. mamabear0604

    mamabear0604 Private E-2

    I was able to get MGTools to run. I have attached the log. Thank you for your help. :)
     

    Attached Files:

  10. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    I am not really seeing any problems. Some junk was removed by the adware cleaner you ran. Let's try running this, preferably in normal mode, if not then in safe mode:

    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Attach JRT.txt to your next message.
     
  11. mamabear0604

    mamabear0604 Private E-2

    Here is the log for the jrt. i just do not understand why im not able to run .exe files. should i attempt the clean process through safe mode?
     

    Attached Files:

    • JRT.txt
      File size:
      12.4 KB
      Views:
      1
  12. mamabear0604

    mamabear0604 Private E-2

    whatever has been going on in normal mode is now going on in safe mode. not able to run .exe and flash not working properly.:(
     
  13. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Hm, not sure what's going on here. Are you able to run Combofix in either safe or normal mode?

    Please download Combofix to your desktop. Please refer to these instructions prior to running.

    Attach log once done.
     
  14. mamabear0604

    mamabear0604 Private E-2

    I tried in normal and in safe mode. i attached a screen shot of what it told me. this is soo soo weird. i have never ran into anything like this. thank you for all of the help.
     

    Attached Files:

  15. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Yes, I'm going to seek advice on this one. In the meantime, try and run this:

    Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop.
    • Now run Repair_Windows.exe by double clicking on it ( if you are running Vista or Win 7, use right click and select Run As Administrator)
    • Now select the Start Repairs tab.
    • The click the Start button.
    • Create a System Restore point if prompted.
    • On the next screen, click the Unselect All button to first deselect all repairs.
    • Now select the following repair options:
      • Reset Registry Permissions
      • Reset File Permissions
      • Register System Files
      • Repair WMI
      • Repair Windows Firewall
      • Remove Policies Set By Infections
      • Repair Winsock & DNS Cache
      • Repair Proxy Settings
      • Repair Windows Updates
      • Set Windows Services To Default Startup
    • Now on the lower right side check the box to Restart/Shutdown System When Finished
    • Then make sure the Restart System radio button is enabled.
    • Shutdown any other programs that you are running now before continuing.
    • Now click the Start button.
    • Be patient while the tool repairs the selected items.
    • It should reboot automatically when finished.
     
  16. mamabear0604

    mamabear0604 Private E-2

    still says this. tried in both normal and safe mode.
     
  17. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    I am seeking advice, hang in there. In the mean time can you try this:

    [​IMG] For 32-bit (x86) systems download Farbar Recovery Scan Tool and save it to a flash drive.
    For 64-bit (x64) systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    Enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Choose your language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.

    To enter System Recovery Options by using Windows installation disc:

    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Choose your language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.
    On the System Recovery Options menu you will get the following options:
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    • Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please attach this log to your next reply. (How to attach)
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds