Options
Virus causing problems
Hello.
The other day I got a virus. I didn't think it was so bad, but lately I've been thinking otherwise. When I got it, it didn't really effect my computer so much. It just blocked me from running any anti-virus software, so I booted up in Safe Mode. From there, I still couldn't run Spybot, but I could run other programs. I wanted to be thorough, so I went with a few programs:
-Adaware
-McAfee
-RootRepeal
-HijackThis
-ComboFix
-Malwarebytes
-SuperAntiSpyware
-GMER
-Spybot (once it started working)
RootRepeal probably helped the most, as it showed me where and what the virus was. There were about 14 files in my System32 folder that weren't supposed to be there. They were mostly .dll files, there was one .sys file, a couple .dat files, and a couple .tmp files in my C:\Windows\temp folder. To be sure, I googled the files, and they turned up as bad files. So with RootRepeal, I deleted the files.
I restarted my computer, and booted up in normal mode. I thought it was gone since I could then run anti-virus programs again, but about 10 minutes later, my computer froze. I thought it was just a glitch, so I rebooted, but it happened again a few more times. It runs longer when I play games, but if I run firefox or am doing something else, it freezes faster.
I thought maybe the virus messed with my registry, so I ran CCleaner to check/fix for errors. Some errors came up, but they were the normal errors you'd get, nothing odd. I fixed them and rebooted, and it still froze. I then tried a system restore, but it failed, probably due to corrupt files. So I turned System Restore off, and turned it back on, as per instructed on virus removal suggestions.
So now is where I'm left dead in the water. I've scanned my computer a lot with the said programs above, yet they all turn up nothing. There's not one harmful file on my computer according to them, yet it still freezes. Not only does my computer freeze, but sometimes it boots up with a black screen, and just recently I tried Windows Update, and when it connected to the server to download the files, the top screen of my compter turned red with black lines going through it. Thinking it was the virus messing with something, I shut my computer off.
It's not a hardware issue, I just took my computer apart and put it back together properly while looking for any damaged hardware. It's not a heat issue, as I just cleaned it of all the dust, and it's running cooler than ever. I would just reformat my HDD, but unfortunatley it's not so easy. I have way too many important files that it's not even practical just to back them up. I'd like to see if I can fix this before doing anything so drastic.
I'll attatch some scan logs to this post. All from RootRepeal, ComboFix, and HijackThis.
Edit: Also, it seems combofix found a couple more of the files I was talking about:
c:\windows\system32\UACphqmfdookiqarmftt.db
c:\windows\system32\uactmp.db
I don't know how I'd get rid of them. I turned off the hidden files/folders setting in Folder Options, but I still cant find it. I tried using Command Prompt to delete them, but it couldn't find them.
Edit2: Now I can't even get in, it says that my \windows\system32\config\system file is missing or corrupt.
The other day I got a virus. I didn't think it was so bad, but lately I've been thinking otherwise. When I got it, it didn't really effect my computer so much. It just blocked me from running any anti-virus software, so I booted up in Safe Mode. From there, I still couldn't run Spybot, but I could run other programs. I wanted to be thorough, so I went with a few programs:
-Adaware
-McAfee
-RootRepeal
-HijackThis
-ComboFix
-Malwarebytes
-SuperAntiSpyware
-GMER
-Spybot (once it started working)
RootRepeal probably helped the most, as it showed me where and what the virus was. There were about 14 files in my System32 folder that weren't supposed to be there. They were mostly .dll files, there was one .sys file, a couple .dat files, and a couple .tmp files in my C:\Windows\temp folder. To be sure, I googled the files, and they turned up as bad files. So with RootRepeal, I deleted the files.
I restarted my computer, and booted up in normal mode. I thought it was gone since I could then run anti-virus programs again, but about 10 minutes later, my computer froze. I thought it was just a glitch, so I rebooted, but it happened again a few more times. It runs longer when I play games, but if I run firefox or am doing something else, it freezes faster.
I thought maybe the virus messed with my registry, so I ran CCleaner to check/fix for errors. Some errors came up, but they were the normal errors you'd get, nothing odd. I fixed them and rebooted, and it still froze. I then tried a system restore, but it failed, probably due to corrupt files. So I turned System Restore off, and turned it back on, as per instructed on virus removal suggestions.
So now is where I'm left dead in the water. I've scanned my computer a lot with the said programs above, yet they all turn up nothing. There's not one harmful file on my computer according to them, yet it still freezes. Not only does my computer freeze, but sometimes it boots up with a black screen, and just recently I tried Windows Update, and when it connected to the server to download the files, the top screen of my compter turned red with black lines going through it. Thinking it was the virus messing with something, I shut my computer off.
It's not a hardware issue, I just took my computer apart and put it back together properly while looking for any damaged hardware. It's not a heat issue, as I just cleaned it of all the dust, and it's running cooler than ever. I would just reformat my HDD, but unfortunatley it's not so easy. I have way too many important files that it's not even practical just to back them up. I'd like to see if I can fix this before doing anything so drastic.
I'll attatch some scan logs to this post. All from RootRepeal, ComboFix, and HijackThis.
Edit: Also, it seems combofix found a couple more of the files I was talking about:
c:\windows\system32\UACphqmfdookiqarmftt.db
c:\windows\system32\uactmp.db
I don't know how I'd get rid of them. I turned off the hidden files/folders setting in Folder Options, but I still cant find it. I tried using Command Prompt to delete them, but it couldn't find them.
Edit2: Now I can't even get in, it says that my \windows\system32\config\system file is missing or corrupt.
0
Comments
This indicates that your registry has been corrupted.
Given the amount of tools you have used, and not knowing what order you used them in there is little we can do.
Your best option is a repair install.