Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't run any programs, Win7 Internet Security 2012 [Solved]


  • This topic is locked This topic is locked

#16
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Joeturf,

Good news is that you have backup file on your system and we don't need installation disk.

Step 1

NOTE: This fix is custom made for this system only and for current system state! Don't try to run it on another system!

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Files
    c:\windows\SysWow64\Drivers\atapi.sys|C:\Windows\ERDNT\cache64\atapi.sys /replace

    :Commands
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

Step 2

Download aswMBR.exe ( 511KB ) to your desktop.

  • Double click the aswMBR.exe to run it
  • Click the "Scan" button to start scan
  • On completion of the scan click save log, save it to your desktop and post in your next reply

Step 3

Download Virus Removal Tool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow Virus Removal Tool to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post


Step 4


Please don't forget to include these items in your reply:

  • OTL fix log
  • VRT log
  • aswMBR log
It would be helpful if you could post each log in separate post
  • 0

Advertisements


#17
Joeturf

Joeturf

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 158 posts
Hi again! Here's the OTL fix log:


All processes killed
========== OTL ==========
========== FILES ==========
File c:\windows\SysWow64\Drivers\atapi.sys successfully replaced with C:\Windows\ERDNT\cache64\atapi.sys
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: JoeBot
->Temp folder emptied: 104527 bytes
->Temporary Internet Files folder emptied: 352454515 bytes
->Java cache emptied: 17233444 bytes
->FireFox cache emptied: 59494990 bytes
->Google Chrome cache emptied: 275934448 bytes
->Flash cache emptied: 60328 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67429 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 673.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 12202011_222527

Files\Folders moved on Reboot...
C:\Users\JoeBot\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\JoeBot\AppData\Local\Temp\~DFC5202568E3643EE8.TMP moved successfully.

Registry entries deleted on Reboot...
  • 0

#18
Joeturf

Joeturf

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 158 posts
The VRT log:


Status: Deleted (events: 1)
12/20/2011 10:58:38 PM Deleted unknown threat UDS:DangerousObject.Multi.Generic C:\Documents and Settings\JoeBot\Desktop\explorer.exe High

Note: I think this was the exe I downloaded from you earlier that it removed
  • 0

#19
Joeturf

Joeturf

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 158 posts
And the aswMBR log:


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-12-20 22:29:31
-----------------------------
22:29:31.810 OS Version: Windows x64 6.1.7600
22:29:31.810 Number of processors: 8 586 0x1E05
22:29:31.811 ComputerName: JOEBOT-PC UserName: JoeBot
22:29:32.479 Initialize success
22:30:41.016 AVAST engine defs: 11122001
22:31:05.005 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:31:05.009 Disk 0 Vendor: SAMSUNG_ AXM0 Size: 244198MB BusType: 3
22:31:05.014 Disk 0 MBR read error 0
22:31:05.019 Disk 0 MBR scan
22:31:05.028 Disk 0 unknown MBR code
22:31:05.034 MBR BIOS signature not found 0
22:31:05.039 Service scanning
22:31:06.741 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
22:31:07.632 Modules scanning
22:31:07.641 Disk 0 trace - called modules:
22:31:07.652 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys sppw.sys hal.dll
22:31:07.660 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007f25790]
22:31:07.667 3 CLASSPNP.SYS[fffff8800124d43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007bc9050]
22:31:08.359 AVAST engine scan C:\Windows
22:31:16.810 AVAST engine scan C:\Windows\system32
22:35:25.723 AVAST engine scan C:\Windows\system32\drivers
22:36:00.566 AVAST engine scan C:\Users\JoeBot
22:40:32.022 AVAST engine scan C:\ProgramData
22:46:52.378 Scan finished successfully
22:51:28.735 Disk 0 MBR has been saved successfully to "C:\Users\JoeBot\Desktop\MBR.dat"
22:51:28.741 The log file has been saved successfully to "C:\Users\JoeBot\Desktop\aswMBR.txt"
  • 0

#20
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Looking good. Few questions...

  • Can you change your home page in Internet Explorer and Firefox?
  • Are you limited only in Chrome?
  • Any other problems you see now?

  • 0

#21
Joeturf

Joeturf

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 158 posts
Awesome!

Yep, I am able to change my homepage in IE and Firefox just fine. Chrome is the only browser not letting me change my homepage right now, even when I reinstall. I don't notice any other problems :)
  • 0

#22
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Joeturf,

I really don't know what is causing this. Your system is clean now. You should open new topic in Applications and explain your problem there. Note them that you are clean and include link to this topic. There are guys that can help you more them me and I hope you'll resolve this problem.

Your logs and system are clean now. I'm glad we fix up your computer. We need to clean up your PC from programs we used.

Step 1

Please start OTL one more time and click CleanUp button. OTL will restart your system at the end. Remove all other application we used to clean your PC.

General recommendations

Here are some recommendations you should follow to minimize infection risk in the future:

1. Enable Windows Update
  • Click Start, click Run, type sysdm.cpl, and then press ENTER.
  • Click the Automatic Updates tab, and then click to select one of the following options. We recommend that you select the Automatic (recommended) Automatically download recommended updates for my computer and install them option.
  • Click OK button

2. Delete Temp files

Download TFC to your desktop
  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

3. Make Backups of Important Files

Please read this article Home Computer Data Backup.


4. Regularly update your software

To eliminate design flaws and security vulnerabilities, all software needs to be updated to the latest version or the vendor’s patch installed.

You should download Update Checker from here. The program will automaticly check for newer version of software installed on your system.
  • 0

#23
Joeturf

Joeturf

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 158 posts
Me neither! With some googling, I was able to successfully change my home page and default search engine in Chrome through the registry without any problems. I'm glad that my system is clean now, thanks for your help!
  • 0

#24
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Thank you for supporting my work here. Goodbye and stay safe :thumbsup:
  • 0

#25
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP