Can't clean computer (experience programmer)

Discussion in 'Malware Help (A Specialist Will Reply)' started by CyberSurfer409, Mar 26, 2009.

  1. CyberSurfer409

    CyberSurfer409 Private E-2

    Hey guys. Hope someone here can help me. Let me start by saying I am a programmer and skilled with computer (not bragging, just letting you know my experience).

    Anyways I offered to clean a friends computer (getting something in return). Had no idea the mess I was getting into. I booted in safe mode and ran Ad-Aware, Spybot. Then I rebooted into safe mode with networking and ran an online virus scan (trendmicro). As soon as I rebooted the computer, it seemed to redownload every virus/spyware/etc I removed. I ran hijack this and tried to disable anything I felt comfortable removing. But this hasn't helped. I have run all 3 programs several times, and as soon as I restart the PC, its filled with viruses again. I have no idea what I can do. I'm hoping someone can help before I just have to tell my friend to take it out back and shoot the thing.

    I can post a recent HiJack log if it helps. Most of the virus seem to change each time. The only one I have seen with some consistancy was Vundo, and Vundo.prx. I have download two Vundo removes and neither detect it, but spybot says its there. Any help anyone could give would be greatly appreciated.


    Thanks
    Cyber
     
    CyberSurfer409, Mar 26, 2009
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Welcome to Major Geeks!


    Please follow the instructions in the READ & RUN ME FIRST link given futher down and attach the requested logs when you finish these instructions.

    • If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First.
    • If something does not run, write down the info to explain to us later but keep on going.
    • Do not assume that because one step does not work that they all will not.
    READ & RUN ME FIRST. Malware Removal Guide


    Helpful Notes:


    1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can run steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

    2. If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
    3. To avoid addtional delay in getting a response, it is strongly advise that after completing the READ & RUN ME you also read this sticky Don't Bump! It Only Hurts You!!!. Any additional post is a bump which will add more delay. Once you attach the logs, your thread will be in the work queue and as stated our system works the oldest threads FIRST.
     
    TimW, Mar 30, 2009
    #2
  3. CyberSurfer409

    CyberSurfer409 Private E-2

    Tim.

    Sorry for the delay in responding. I usually only have the weekend to work on this. I began running the programs you had suggested. I had just downloaded ComboFix and began to run it as the link you provided told me. It stated that it would take some time to run, so I stepped away for a moment and when I returned it was in the process of a reboot. It then began an endless reboot cycle.

    I have tried booting to safe mode, and and just reboots. I tried looking at the recovery console but was not able to make any progress. I tried changing the boot order to boot from a windows recovery CD and now I just get a message to insert bootable disk into drive A. I have reverted the boot order back to the original setting, but still get the insert bootable disk message.

    Would you have any advice or suggestions as to how I can repair this . I would like to repair the system in order to preserve the data that was on the system, but now I'm not even sure how I would rewrite the system. I am totally stumped right now. I really hope you can help. I have never had this much difficulty with a system in my life, and I feel it is a personal challenge to overcome this difficulty.


    Hoping for Help

    Cyber
     
    CyberSurfer409, Apr 13, 2009
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Do you get to the log in screen when you boot? If you do, it means that userinit.exe file has been deleted, infected or corrupted or the registry keys associated with it may have been deleted or corrupted. Have you tried logging into safe boot mode? if that does not work then you will need to do the below:

    http://support.microsoft.com/default.aspx?scid=kb;en-us;307545&sd=tech

    If that is not the case, then your only resort is to remove the hard drive and slave it to another computer, transfer your important data and files to a cd. Then wipe the drive and reinstall windows. :(
     
    TimW, Apr 16, 2009
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds