Computer Boot Problems / Blue screen now? :(

Beret · Sep 1, 2010

Alright, I have a major problem. A couple of days ago, my computer would sporadically shut off without any sort of prompt and would not automatically restart unless I would manually do so. I assumed it was a virus due to the fact I accidentally clicked on a malicious link which downloaded a fake anti virus program, you know the ones that tell you even your taskmanger.exe is infected and you have to buy their program to fix it? Right, well, I tried starting in safe mode to restore to a previous point but this proved futile due to the fact my computer would improperly shut down again without prompt before the restore could finish. Shortly thereafter, my mouse cursor disappeared. I disassemble my hardware and removed 1 stick of RAM 2GB, GTX 260 graphics card, and Wireless card. I tried repairing windows, via the 2nd window screen, and after a long wait, it finished. Now, I am able to load in Safe mode; however, I cannot in normal mode. My desktop background appears and as does my windows default mouse cursor, but not my start menu or icons or anything.

I hooked up 1.5 TB HD as a slave and ran an antivirus program, Avast, standard scan, and found 46 infected files.

Is there any file i need to check or program I can find or a log that will tell me the problem?

---------

UPDATE: Did everything in the R&R thread. New problem. I did everything in that thread. Ran all the scans and deleted everything I could. I have my infected hard disk hooked up as a slave (E:/) to this brand new hard disk (C:/) Now, when I try tooking up E as my primary, I get a blue screen after my kernal loading screen; however, I can access my desktop in safe mode. Though, here is the catch, in safe mode, my computer will improperly shut down completely and not restart.

I am running on a rilaible HD with my original boot drive E:/ hooked up as a slave. And In my log, my date was off, yes, but i have that fixed now.

I have did a chkdsk last night, left it on all night since my E is 1.3TB worth of information, and no luck. I am still getting a blue screen and restarting after my kernal loading screen, and this is a stop error blue screen.

Some help would be appreciated, thank you.

Beret · Sep 1, 2010

attachments are at this post: http://forums.majorgeeks.com/showpost.php?p=1529523&postcount=3

TimW · Sep 1, 2010

Just so I understand, you have put the drive back into the computer and can operate in safe mode but not normal boot up? What little malware there was seems to have been removed by the scans, other than the one item in your system restore folder.

Your log is missing the HJT log, so please go to C:\MGTools\analyse.exe and run it so I can see the log. You can attach it seperately rather than attaching the whole MGLogs.zip.

At present, I am not seeing any malware on your system.

Beret · Sep 1, 2010

Here is that log.

TimW · Sep 1, 2010

That is clean as well. I suggest you go back to your thread in the software forum as this is not a malware issue.

If you are not having any other malware problems, it is time to do our final steps:

We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.We recommend them for doing backup scans when you suspect a malware infection.

If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)

Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required

"%userprofile%\Desktop\combofix" /uninstall

Notes: The space between the combofix" and the /uninstall, it must be there.

This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.

Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.

If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.

If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.

Go to add/remove programs and uninstall HijackThis.

Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.

If you are running Win 7, Vista, Windows XP or Windows ME, do the below:

Refer to the cleaning procedures pointed to by step 7 of the READ ME
for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.

Then reboot and Enable System Restore to create a new clean Restore Point.

After doing the above, you should work thru the below link:

How to Protect yourself from malware!

Support MajorGeeks with Geek Wear!

Log in or Sign up

Computer Boot Problems / Blue screen now? :(

Beret Private E-2

Beret Private E-2

Attached Files:

MGlogs.zip

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

Beret Private E-2

Attached Files:

hijackthis1.log

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member