Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

Several issues, not sure if virus, but could be


okstout4
 Share

Recommended Posts

Hello,

 

First of all, we are having several issues w/this laptop computer and cant figure out whats going on.  Here are my issues...

 

It wont let me download Malwarebytes or the Scan tool. Once I finally got it to save to my computer I tried to run the .exe file and they both ask me what program I want to use to open it. I choose IE each time. When I do this a box pops w/all my saved downloads and so I Open the file and it tells me the file cannot be verified and asks if I want to open it anyways and I say yes. Once I do that, it opens the program list again and asks what program I want to use again. I tried to download other malware programs and it wont let me do it.

 

I cannot remove program files. Tried to remove two we no longer needed and its a no go.

 

We get a error message where its saying the file is corrupt when we try to save something. It did this on the malewarebytes and scan tool download (and Others I did the other day), but I choose a different file tonight and it finally worked. My daughter edited a video she made and was trying to download it to Youtube and we get the same error message.

 

My daughter says when she logs into a program (user name and password), it logs her right back out and has to log in again. She also says it makes a beeping noise a lot. I thought I heard too, but I think I hit a wrong key?

 

I did do some google research on the "corrupt file" issue and it said to search Command and when the box pops up to key in a command to run a scan disk, but it wont let me do it. It pops some kind of Admin error message (or what I understand to be such a message).

 

The other thing it wont let me do is a System Restore. I get an error message on that as well.

 

I did make screen shots, but I cannot seem to find them.  My computer created a "screen shot" folder and stores everything there, but this computer didn't do that. :(

 

This is a Aspire/M Core i5 Ultrabook and is about 1yr 8mos old. Havent had issues before all this trouble and I cant seem to figure out what is going on.

 

Hope you can help. Maybe you can tell me how Im to get copies of the files you are needing to you. Ive done this before but on a desktop computer and I know what you are needing, but just don't know how to get it to you.

 

Tina Stout

Link to post
Share on other sites

  • Root Admin

Hello and :welcome:

Please read the following and post back the logs when ready and we'll see about getting you cleaned up.

General P2P/Piracy Warning:
 
 

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 


 
Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.

  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly
  • Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive
  • Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you.
  • The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue.
  • You can check here if you're not sure if your computer is 32-bit or 64-bit
  • Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners.
  • When we are done, I'll give you instructions on how to cleanup all the tools and logs
  • Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.
  • Your topic will be closed if you haven't replied within 3 days
  • (If I have not responded within 24 hours, please send me a Private Message as a reminder)

STEP 0
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.
 


Link 1
Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.
  • Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe

STEP 02
Please run a Threat Scan with MBAM.  If you're unable to run or complete the scan as shown below please see the following:  MBAM Clean Removal Process 2x
When reinstalling the program please try the latest version.

Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

 

Thank you

Link to post
Share on other sites

Hello,

 

Before we begin, I do have an issue. I am now unable to get past the Win 8 log in screen. This past weekend, I was looking for a way to access SafeMode in order to get the logs I knew you would need to help me w/my issues. When I made it to the "Troubleshooting" screen, my only options were "Turn off your PC" and "UEFI Firmware Settings". I chose the UEFI Firmware Settings. Since this screen was useless to me, I chose ESC to get out of it. It asked me "Are you sure you want to Exit without making any changes?" and I chose Yes. When re-booted (it did this automatically), it took me back to the Win 8 Log in screen. I entered the password and it instantly changed to a dark blue screen that had the photo incon directly in the middle. It absolutely will NOT let me get past this screen. If I click on the picture, it takes me back to the Sign In screen. All I wanted to do was find an alternate way to ge to SafeMode since when I tried it another way, it would NOT let me chose SafeMode. This is the info that I found that might be a fix for the UEFI issue. It said that I needed to download a Windows 8.1 ISO File on another computer and use that ISO file to create a bootable UEFI USB flash drive. Once I do that, then I can boot from that flash drive to be able to do a system restore at boot. So if this is a good solution or if you have a better one, then I am up for it. I will tell you that before contacting MB, I was not able to do a System Restore. When I tried it, nothing happend. This is usually what I do to my own computer if it should run into issues and I have been successful w/it. Just not on the computer that is having the problems.

 

I have a screen shot, but I am not sure that I can attach it or if you guys allow it.

 

Thank you!

 

Tina

Link to post
Share on other sites

So far nothing. I made an ISO file so I could create a bootable UEFI USB flash drive to be able to boot from it, but there is actually no way to boot from it. From my understanding, I have to be able to tell my computer to boot from the flash drive. This cant happen as I cant get into my computer at all. Its stuck on the sign in screen and there is no way past it.

 

Now I am working on making a recovery disk. That is my absolute last option. If this does not work, I will probably have to just throw a less than 2 yo computer in the trash. I cant see any way past this issue and I dont even understand how it got so messed up. I made ABSOLUTELY no changes. It just makes me mad that you can go into a file and once you go out, your screwed.

Link to post
Share on other sites

  • Root Admin

Well you should be able to boot into Recovery Mode and from there backup your data to an external USB drive. Then you can look at doing a System Recovery Restore back to factory defaults. Most laptops and desktops these days have a partition with the Windows Recovery on it to do such a restore.

You could also take it to a local computer shop and have them help you. Not free, but cheaper than replacing the computer.

Link to post
Share on other sites

Follow up...I made the recovery disk but it still did not work. It was suggested to me on EightForums.com to try rebooting the computer by holding down shift, the power button and hitting the restart button at the same time.  Well, worked and got me to the Advanced screen. At that point in the Advanced setting, I should have had the options of Refresh and Reset and none of those options were there. The ONLY option was the UEFI Firmware settings.
 
It was later suggested I reboot from the recovery USB flash drive using a link to an Acer tutorial. I followed all instructions and finally was able to get more options to appear under Advanced. I was able to choose Refresh. I finally got a message that said it could not complete the restore because "the drive where Windows is installed was locked". When I tried to do a System Restore I got a message similar to the above but that I needed to select an operating system. I completed a reboot the exact same way I did before and finally Win 8.1 button finally came up to choose. So I tried the System Restore option again chose Win 8.1 and I chose a restore point that was the farthest point away (because my daughter said the issue I contacted you about were happening even before that restore point). It ran for a while, then came back w/an error message. It said that it could not do the restore, that nothing was changed, it could not access a file and that it was probably an Anti Virus program doing it. Only problem is that she did have McAfee as a trial, but it ran out and was not renewed. Not sure its running. Tried to uninstall it before all this happened and it would not allow me to do so. Tried other restore points, no go. Tried doing a Refresh again, and it was a no go. Tried to do a Repair didnt work either.
 
I was told that they werent sure what else to do as I may need to just do a factory recovery and see if that works. I just need to figure out how to do a back up of the hard drive, so we dont loose photos or files.
 
If this doesnt work, then yeah I will have to take it in. Sad that it had to get to this point w/out getting it resolved myself, but maybe its something that requires more attention that what I can give.

Link to post
Share on other sites

  • Root Admin

So are you able to start in any type of Normal or Safe Safe Mode ?

 

Do you have access to an external USB drive ?

 

If you can start in some type of Safe or Normal Mode you should be able to use one of the backup software programs.

 

Backup Software
 

 

 

If not but you can start into a Recovery environment that has a DOS prompt then you could probably use RoboCopy to backup your data.

 

 

Here is an example command assuming the USB drive is plugged in and is using D: as it's drive letter.

ROBOCOPY "C:\Users" "D:\Users" /s /xo /xj  /r:0 /w:0

That will go through all the User profiles and attempt to copy ALL files that are not locked to the USB drive.

 

 

Link to post
Share on other sites

No, I dont have access to an external USB Drive and I looked int some and they are $60 and up.

 

Cant get into Safe Mode that I now of. What I was told a while back was to start the computer and press F8 and it never worked before I had these issues. When I log in I get the choice to choose US and then then the Advanced screen comes up. I can only go where that screen is and try some of the options like Reset and Restore, etc. I have not tried all the options available.

 

Im still working on it though.

Link to post
Share on other sites

  • Root Admin

Well unfortunately there really isn't much else I can do here to help you at this point. This appears to be a broken installation of Windows or hardware related which is beyond the scope of malware removal.

 

The guys at the eight forum should be able to help you with general items to check on and fix if needed otherwise you may be forced to take it into a local repair shop to get it fixed.

 

Thanks

 

Ron

Link to post
Share on other sites

  • 2 weeks later...

NP Ron. I will see what I can do to get this resolved. If there are issues after I get Windows back up, then I'll come back here with a new request.

 

I also have desk top with issues, so when I find the time I'll be back with that issue as well.

 

 

Thanks again for your time in this matter. Hopefully I can figure out what in the world happened and get it resolved.

 

Happy Holidays!

 

Tina

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.