johnz
2013-01-22, 22:35
3 computers on home network - wifes laptop went last week. Went from normal to crawl and freeze - one blue screen - Windows Essentials updated and no virus found with complete scan, also use Malware removal on Advanced System Care 6 Pro - no issues. Tried to use a restore point - thinking it may have been related to a monitor driver I updated earlier in the week - no restore points at all except one from the morning I was working on it - restore turned on. We disconnected - took it to shope - awaiting their advice.
Second computer began acting up 2 days later - yesterday - blue screen and shut down in middle of internet browsing - was also moving files to backup disk on third computer over our router at the time so unsure what the cause was.
Rebooted - scanned with McAffee and ASC6.0Pro-no issues. Downloaded Spybot as I had used it successfully on an earlier computer - found new version - ran scan - no issue. Immunized - seemed to work fine. Ran root kit and the quick scan advised it might have found issues (reported "unknown MBR's and listed PhysicalDrive 2, 3,4,5,6 - suggested deep scan). Ran deep scan yesterday - but it took too long as I had to go out - stopped it and shut down machine. Rebooted this morning - half hour into browsing - blue screen again and shut down. Upon starting in safe mode (with networking) got notice (pup up) that McAffee was having trouble -computer might be at risk - real time scanning was off and trying to start - but it just kept trying to start. Powered down - back up - McAffee says it is there - actually it is running a scheduled scan in the background as I type this. Ran the Root Kit test on Spybot - took over an hour. generated a significant list with 2 registry key items (in the details they both say "No admin in ACL") 19 folder items (which all say the same thing - "No admin in ACL")and several pages of file items which either say "No admin in ACL" or "Unknown ADS".
Joined your forum after reading a bit there - and am posting now to see if there is help available. Likely - if these two compters are infected, which the signs seem to indicate, the third is as well.
I have downloaded ERUNT - and upon running it the first time - saved a backup copy - but upon looking more closely at the instructions - I had checked two boxes - the default - instead of only "System" and so I tried running it again - now every time I run it, with only system checked - it bets 5 or so % of the way thru the progress bar and says: "error saving file RegCreateKeyEx:5 - Access Denied...I still have the first Erunt backup but seem to be no longer able to run the program.
I also did the DDS thing - and have two reports on my desktop (DDS.TXT and ATTACH.TXT)
So am unsure how to proceed from here - would appreaciate any asssistance one of you might have to offer. Thank you...Johnz
Second computer began acting up 2 days later - yesterday - blue screen and shut down in middle of internet browsing - was also moving files to backup disk on third computer over our router at the time so unsure what the cause was.
Rebooted - scanned with McAffee and ASC6.0Pro-no issues. Downloaded Spybot as I had used it successfully on an earlier computer - found new version - ran scan - no issue. Immunized - seemed to work fine. Ran root kit and the quick scan advised it might have found issues (reported "unknown MBR's and listed PhysicalDrive 2, 3,4,5,6 - suggested deep scan). Ran deep scan yesterday - but it took too long as I had to go out - stopped it and shut down machine. Rebooted this morning - half hour into browsing - blue screen again and shut down. Upon starting in safe mode (with networking) got notice (pup up) that McAffee was having trouble -computer might be at risk - real time scanning was off and trying to start - but it just kept trying to start. Powered down - back up - McAffee says it is there - actually it is running a scheduled scan in the background as I type this. Ran the Root Kit test on Spybot - took over an hour. generated a significant list with 2 registry key items (in the details they both say "No admin in ACL") 19 folder items (which all say the same thing - "No admin in ACL")and several pages of file items which either say "No admin in ACL" or "Unknown ADS".
Joined your forum after reading a bit there - and am posting now to see if there is help available. Likely - if these two compters are infected, which the signs seem to indicate, the third is as well.
I have downloaded ERUNT - and upon running it the first time - saved a backup copy - but upon looking more closely at the instructions - I had checked two boxes - the default - instead of only "System" and so I tried running it again - now every time I run it, with only system checked - it bets 5 or so % of the way thru the progress bar and says: "error saving file RegCreateKeyEx:5 - Access Denied...I still have the first Erunt backup but seem to be no longer able to run the program.
I also did the DDS thing - and have two reports on my desktop (DDS.TXT and ATTACH.TXT)
So am unsure how to proceed from here - would appreaciate any asssistance one of you might have to offer. Thank you...Johnz