Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer slow, Malwarebyte shows no malicious items [Solved]


  • This topic is locked This topic is locked

#46
heathermb769

heathermb769

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 107 posts
Well.... I guess my system is pretty messed up :-(
Is this the log you were looking for?


More details





Antivirus

Result

Update




AhnLab-V3

-

20120910



AntiVir

BOO/TDss.O

20120911



Antiy-AVL

-

20120910



Avast

MBR:SST [Rtk]

20120910



AVG

-

20120911



BitDefender

Rootkit.MBR.Sst.C (Boot image)

20120911



ByteHero

-

20120910



CAT-QuickHeal

Bootkit.TDSS.TDL4A

20120910



ClamAV

-

20120911



Commtouch

Alureon.A

20120911



Comodo

-

20120911



DrWeb

-

20120911



Emsisoft

Trojan.DOS.Alureon!IK

20120911



eSafe

-

20120907



ESET-NOD32

-

20120910



F-Prot

Alureon.A

20120910



F-Secure

Rootkit.MBR.Sst.C \(Boot image\)

20120911



Fortinet

BOOT/Sst.A!tr.rkit

20120830



GData

Rootkit.MBR.Sst.C

20120911



Ikarus

Trojan.DOS.Alureon

20120911



Jiangmin

-

20120911



K7AntiVirus

Virus

20120910



Kaspersky

Rootkit.Boot.SST.a

20120911



McAfee

-

20120911



McAfee-GW-Edition

-

20120911



Microsoft

Trojan:DOS/Alureon.L

20120911



Norman

Alureon.A

20120910



nProtect

-

20120910



Panda

-

20120910



PCTools

-

20120911



Rising

-

20120911



Sophos

Troj/TdlMbr-D

20120911



SUPERAntiSpyware

-

20120910



Symantec

-

20120911



TheHacker

-

20120910



TotalDefense

-

20120910



TrendMicro

-

20120911



TrendMicro-HouseCall

-

20120911



VBA32

-

20120910



VIPRE

Trojan.Win32.TdlMbr.d (v)

20120911



ViRobot

-

20120911



VirusBuster

-

20120910
  • 0

Advertisements


#47
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Do you have the Recovery Console on your computer?

If you are unsure then do this:

Restart your computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
See if the option Repair your computer is there:

Posted Image

Come back and tell me. :)
  • 0

#48
heathermb769

heathermb769

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 107 posts
Ok. The option for "Repair your computer" is there - but when I select it, it goes into "windows is loading files" and hangs. I waited about 4 minutes, but nothing happened at all with the status bar.
  • 0

#49
heathermb769

heathermb769

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 107 posts
I've got to call it a night. I'll check in the morning for any next steps. Thanks for sticking with me!
  • 0

#50
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Ok. The option for "Repair your computer" is there - but when I select it, it goes into "windows is loading files" and hangs. I waited about 4 minutes, but nothing happened at all with the status bar.


Hmm... so it goes straight to "windows is loading files" i.e. it doesn't ask you which OS or somesuch first? The reason I ask is because this is the instruction I was going to give you:

  • Start the safe mode menu by rebooting and pressing and holding F8
  • Select Repair your computer.
  • Select the operating system you want to repair, and then click Next.
  • Select command prompt
  • Type in the following command

    Bootrec.exe /FixMbr (note the space... it should be there)
  • Once finished type Exit
-------------------------------------------------------------------------------------------
So if you can't carry out the above instruction move on to this:

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Put a checkmark beside loaded modules.
    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    Posted Image
  • Click the Start Scan button.
    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Posted Image
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

  • 0

#51
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

I've got to call it a night. I'll check in the morning for any next steps.


Okay, catch you tomorrow. :)

Thanks for sticking with me!


No problems... it's certainly turning into and interesting one. :lol:
  • 0

#52
heathermb769

heathermb769

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 107 posts
Unfortunately, I can't do either of the above options.

When I try to run Kaspersky TDSS Killer, I have the same response as when I tried to run aswMBR, in that I get the popup asking me if I want to allow it to make changes. I select yes, the popup window goes away, and nothing happens.

I tried running it as Administrator, with the same (lack of) results.

I also right-clicked and did troubleshoot compatibility. I come up with the same "incompatible application as aswMBR.

Are the viruses affecting the computer's ability to run these items?

Glad that I'm providing you with a challenge :-)
  • 0

#53
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Are the viruses affecting the computer's ability to run these items?


Yes I think so. Malware often interferes with our tools.

Let's see if this will work.

Download Rogue Kill

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious.

Double-click on rkill.com to run it. You will probably need to run this program a few times to stop the malware process running. The malware will probably complain about being stopped but please ignore this. Do not reboot your computer after running rkill as the malware programs will start again.

Then..

Run TDSSKiller.
  • 0

#54
heathermb769

heathermb769

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 107 posts
Here is the log from Rogue Kill.

I still can not run tdss killer

Rkill 2.3.11 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingc...opic308364.html

Program started at: 09/11/2012 06:44:54 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/11/2012 06:44:57 PM
Execution time: 0 hours(s), 0 minute(s), and 2 seconds(s)
  • 0

#55
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
See if you can run TDSSKiller in Safe Mode.
  • 0

Advertisements


#56
heathermb769

heathermb769

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 107 posts
No luck in safe mode.
  • 0

#57
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Removed.

Edited by emeraldnzl, 11 September 2012 - 10:28 PM.
After consultation potentially misleading

  • 0

#58
heathermb769

heathermb769

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 107 posts
Thank you for all your hard efforts.

Before I go and purchase the recovery CD - which I am certain is the same as I have here, and requires a back up and reinstall of Windows 7, can I ask a few questions (that are probably stupid...)

1) I have an external hard drive that I have used to back up another laptop and a PC. If I connect it to this laptop and back up my documents / music / etc., what is the risk of me copying those viruses / MBR infection onto my external hard drive?

2)On my desktop, I have the option of burning recovery CD's such as when I first got this laptop. I did burn a set of recovery cd's - (because I have extraordinary luck, disk one of 3 is missing, but I'm still on the hunt for it.) Can I burn a new set of recovery cd's from this program, or will that carry the infection with it?

3) I know I had a third question, but it has slipped my mind as of right now. I remember - your last post indicates that a reformat / reinstallation of windows won't resolve the problem. How can I be sure that any recovery disk I purchase won't be the same as the one I have here that only reformats?
  • 0

#59
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Hello heathermb769,

I am going to consult on this one before answering you. Want to make sure I give you the best advice I can. ;)

Might take a bit of time as we are in different time zones.

I will get back to you. :)
  • 0

#60
heathermb769

heathermb769

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 107 posts
Thank you again... just wanted to add a little postscript... I found disk one of the three recovery discs created when I first got the laptop. Don't know if that helps, but.... :-)))
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP