Slower Performance, IE Crashing

You may not be having malware problems because your logs are clean. However let's run a couple more tests to be sure.


Goto the below link and follow the instructions for running TDSSKiller from Kaspersky

• TDSSkiller - How to run

Be sure to attach your log from TDSSKiller


Please also download MBRCheck to your desktop

• Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
• It will show a Black screen with some information that will contain either the below line if no problem is found:
  • Done! Press ENTER to exit...
• Or you will see more information like below if a problem is found:
  • Found non-standard or infected MBR.
  • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
• Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
• MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.
• Attach this log to your next message. (See: HOW TO: Attach Items To Your Post )

 

Okay MBRCheck shows that your MBR was modified.

Do you have your Vista boot DVD so that you can boot into the System Recovery Environment to repair your Master Boot Record? If not you want try making the below CD and use it to boot your PC to repair the MBR.

Vista and Win7 Recovery disc


To run the Bootrec.exe tool, you must start Windows RE. To do this, follow these steps:

• Put the Windows Vista or Windows 7 installation disc in the disc drive, and then start the computer.
• Press a key when you are prompted.
• Select a language, a time, a currency, a keyboard or an input method, and then click Next.
• Click Repair your computer.
• Click the operating system that you want to repair, and then click Next.
• In the System Recovery Options dialog box, click Command Prompt.
• Type the below command and hit enter inorder to run bootrec to repair your MBR. Note the space after bootrec.exe
  
  bootrec.exe /fixmbr

 

No snapshot was attached.


Did you actually boot from the CD or did you boot to a preinstalled Vista System Recovery Environment because you must be sure to use the CD. The preinstalled one will likely not work even if it says it does.

 

You need to get into your BIOS and change the boot order so that your CD/DVD drive is booted before the hard disk. When you do this correctly, and startup with the CD in the drive, you should automatically see a message about booting from the CD which is what you want.

What you did is possibly allowing the infected MBR from the hard disk to load which means the rewrite of the infected MBR will fail because the infection will be present in memory and would stop it from actually working.


See the below for some additional info:

http://www.computerhope.com/issues/ch000217.htm

 

Note if MBRCheck still shows a problem after retrying this and being sure that you are directly booting right off the CD from the start, then boot to the System Recovery Environment again and run the below command instead:

bootrec.exe /ScanOs


Then reboot normally and come back and tell me exactly what output your received from the above command.

 

Do you ever see any message like "bootmgr is missing?

When you made the CD from the link I gave you, did you download and use this link to make the CD? Download Windows 7 64-bit (x64) Recovery Disc

Or did you use the other link for 32 bit OS

 

Well then I'm not sure there is any other way of fixing this other than a total clean reinstall which means you would have to erase partitions and recreate them too before formatting and reinstalling. But there is a chance that the factory recovery partition on your PC can restore you to the state your PC was in when it came out of the box. Before you do this, you would have to backup all of your data to another drive ( not one of the partitions in your PC now since they will be erased ) or to DVDs.

Your current setup shows you have one physical drive of about 640GB in size and it has the below partitions. The first is likely the factory recovery:

Code:

Partition Disk #0, Partition #0 
Partition Size 20.00 GB (21,474,836,480 bytes) 
Partition Starting Offset 1,048,576 bytes 
Partition Disk #0, Partition #1 
Partition Size 286.54 GB (307,665,829,888 bytes) 
Partition Starting Offset 21,475,885,056 bytes 
Partition Disk #0, Partition #2 
Partition Size 289.63 GB (310,990,675,968 bytes) 
Partition Starting Offset 329,141,740,032 bytes 

 

The benefit of fixing it would be to possibly improve your performance issues and stop the crashing. Additionally to stop potential theft of personal information, like credit card #s, banking information, social security info, email lists and persoanl email itself, ....etc

The consequences are that none of the above are resolve and your PC not only remains instable, it also is potentially very insecure.