Please Help

Discussion in 'Malware Help (A Specialist Will Reply)' started by gayneene, Apr 23, 2009.

  1. gayneene

    gayneene Private E-2

    A friend of mine called me to assist with their computer. The CD Drive is stuck and will not allow them to use it. Upon investigating I found they have no antivirus protection and decided to help clean up the computer hoping this would help with the other problem. When I went to go to your forum thread to get the superspyware the computer will not allow me to pull up the majorgeeks website. It takes me to google search. I tried typing the address in, searching for the website, and copying and pasting the address all with the same results it kept sending me to the google search engine.

    I tried going to the SUPERAntiSpyware website to download it directly and it did the same thing. I can go to random websites like msn.com or yahoo.com But when I try to pull up any website associated (at least in my findings) with antivirus protection it will send me to a random website or back to google.com web search. From my computer I downloaded they spyware, anti-malware and all those programs to a jumpdrive and tried to install but the other computer just freezes up on the installation. I am semi-computer literate but I don't know where to go from here. Any help would be appreciated. Thanks
     
    gayneene, Apr 23, 2009
    #1
  2. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    Try to boot into safe mode with networking. Tap f8 while the computer starts then choose safe mode with networking. This infections can take hour for even an experienced person, so you might consider having your friend take it to a shop.
     
    Major Attitude, Apr 23, 2009
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    If you still need help, the note/tips in the below may help you to get started. i.e., you will have to download what you need using another PC and then copy to this PC with a flash drive since your CD does not work.

    Please follow the instructions in the READ & RUN ME FIRST link given futher down and attach the requested logs when you finish these instructions.
    • If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First.
    • If something does not run, write down the info to explain to us later but keep on going.
    • Do not assume that because one step does not work that they all will not.
    READ & RUN ME FIRST. Malware Removal Guide
    • After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
    Helpful Notes:


    1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
    2. If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
    3. To avoid additional delay in getting a response, it is strongly advised that after completing the READ & RUN ME you also read this sticky:
    Any additional post is a bump which will add more delay. Once you attach ​
     
    chaslang, Apr 27, 2009
    #3
  4. gayneene

    gayneene Private E-2

    I followed the directions to disable the TDSSserv.sys and located it and disabled it. I was then able to run all of the scan programs. I am attaching the logs. The CD drive still does not work but I noticed on rebooting the system I recieve a message in the booting
    "Drive 1 not found: Serial ATA, SATA-1
    Stike the F1 key to continue, F2 to run the setup utility"

    If you have any suggestions on this I really appreciate all the help you are giving me.
     

    Attached Files:

    gayneene, Apr 27, 2009
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    This is an issue you need to post in the Hardware Forum. You should however check the obvious things like all cables are connected and that you have the correct settings in the BIOS.


    Your logs are clean, but you need to ininstall Java(TM) SE Runtime Environment 6 Update 1 which is way out of date and a security risk.

    Then download and install the current version of Sun Java from: Sun Java Runtime Environment

    If you are not having any other malware problems, it is time to do our final steps. Make sure you complete all steps including the last one so that you get this PC protected since it currently has no protection.
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /u
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
      • Delete the C:\combofix folder from combofix (if it exists)
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    6. Go to add/remove programs and uninstall HijackThis.
    7. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    8. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    9. After doing the above, you should work thru the below link:
     
    chaslang, Apr 30, 2009
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds