• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 521
  • Last Modified:

Startup options dissappeared after computer infected with a virus.

About a week ago my computer was infected with a trojan. I removed the virus... I think. When i went to go boot the computer in safe mode it just said ASUS...Windows is starting up then it starts up normally. But no start up options BIOS menu or anything.

The First sign of the infection was that my AV (Kaspersky internet security 2011) detected it. It found Trojan.Win32.TDSS.ccpk. Then about thirty seconds later i could not access anything my admin permissions were completely reduced to nothing. However i have a maintenance admin account for just this purpose. I fixed the problem and completely removed the old admin account and all associated files. Even though my OS is showing no signs of the Trojan but I still cannot access my bois or startup options.

I am pretty experienced with repairing infected computers but ill have to admit that this one is new.

I am running windows 7 Home Premium.
I have a ASUS M4A78T-E motherboard.
I i am lost on where to continue with this

Thanks in advance
0
Josef Al-Chacar
Asked:
Josef Al-Chacar
  • 7
  • 7
  • 5
  • +3
2 Solutions
 
DLehCommented:
The trojan or your restore efforts may have reset the BIOS.  If the trojan did so, it was likely to remove any hardware passwords.

Most BIOS startup options are function keys, i.e. F1, F2, F3, etc.  Power the system off completely and turn it on trying each one until you find one that will bring up your BIOS.

Once you have brought up the BIOS, disable any "Quick Boot" settings and enable any F-key Prompt or Display options.  This will slow your boot screen down and ensure that the function keys are listed.

I would further suggest that you use the Kaspersky Rescue Disk.  This will allow you to virus check from an incorruptible live CD.

http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/
0
 
cheers4beersCommented:
It sounds like you may have been infected with a root kit.  I would start by going to Sysinternals.com and downloading their rootkit revealer:

http://technet.microsoft.com/en-us/sysinternals/bb897445

0
 
inbox788Commented:
Can you still get into the bios? It might be that just the splash screen has been disabled and not yet restored.
0
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
younghvCommented:
Review the instructions in my article and use the options:
1 -
2 -
6

http://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/A_4922-Rogue-Killer-What-a-great-name.html
0
 
younghvCommented:
Experts posting advice about either ComboFix or Malwarebytes are encouraged to read the information here: http://www.experts-exchange.com/Q_26896002.html

Our recommendations for the use of either product need to follow the guidelines of the developers - which in virtually every instance is that both products be run in "Normal Mode".
0
 
Josef Al-ChacarSystems AdministratorAuthor Commented:
Okay no fighting.

I actually just found out a workaround to get the bois menu to come up and for me to be able to boot my computer into safe mode. Then i scanned my computer with malwarebytes and no infections. Kaspersky is a great av.

I installed Asus Express gate (A boot program) after getting my mother Board. When I boot into this and then exit out of it the BIOS options come up normally not like they were before, but it gives me something to work with. The BIOS seemed pretty normal but i reset it to default settings and it still doesn't come up normally.

Is there possibly something going on with the express gate program? I don't use it. I just blindly installed it with the rest of the ASUS motherboard software. It is not in add remove programs so i don't know how to uninstall it.

Any suggestions
0
 
ded9Commented:
Express gate helps to boot your computer in 5 secs. I wont recommend uninstalling the program. i think you have an option in bios to disable it.


Ded9
0
 
ded9Commented:
So what might be happening is when you are resetting the bios express gate is getting disabled in bios.

Enable express gate and your issue will be resolved.



Ded9
0
 
younghvCommented:
Have you tried the rootkit revealer in http:#a35298554 (cheers4beers)

In addition to the rogue process stoppers I mentioned (followed by MBAM in Normal Mode),
you can also try:
TDSSKILLER found here:
http://support.kaspersky.com/downloads/utils/tdsskiller.zip

and HitmanPro
http://www.surfright.nl/en/hitmanpro
0
 
Josef Al-ChacarSystems AdministratorAuthor Commented:
Yes no root kits sorry i forgot to post that. I used root kit revealer from sysinternals.

ded9: i will look into your idea. Give me a little bit.
0
 
inbox788Commented:
Best way to think about Express Gate is that it's another OS (fyi, linux based), and you've got a dual boot system. BIOS comes before either Express Gate or Windows, so I'm having trouble understanding where you seem to be having a problem. Is there a problem with the BIOS? Booting Windows? Booting Express Gate? More than one?
0
 
Josef Al-ChacarSystems AdministratorAuthor Commented:
When i boot my computer it goes straight to express gate then boots windows. The only way for me to get to the BIOS since the trojan is to exit out of express gate then the computer reboots and goes to the bios menu. Before on startup it was BIOS then Express Gate then Windows.

Sorry for the misunderstanding
0
 
Josef Al-ChacarSystems AdministratorAuthor Commented:
I think i fixed it.

I checked the bios and went to Tools and saw that express gate was enabled. So i disabled it now everything comes up normally.

I don't know what causes this problem then the virus or express gate.
0
 
ded9Commented:
You can close this question if you do not need any assitance.


Ded9
0
 
younghvCommented:
Go ahead and follow the steps outlined in the article linked above.

None of the tools listed will cause any harm to your system and if nothing else you will have some assurance that your system is clean of malware.

It will only take about 5 minutes of your time to download, install, and start the tools running.

The MBAM scan will take anywhere from 10 minutes to an hour, but you can minimize it and do other work while it is running.

If nothing comes up on the scan, just click on the "Accept as Solution" link below your last comment. Doing that will save the information about disabling Express Gate.

It might help a future reader of this question who has the same problem.
0
 
ded9Commented:
@josefah..did running mbam resolved your issue..or disabling the option from bios.


Ded9
0
 
Josef Al-ChacarSystems AdministratorAuthor Commented:
Sorry i accidentally selected the wrong one.  
0
 
younghvCommented:
@josefah,
Based on your comment: "Sorry i accidentally selected the wrong one.", this question has been re-opened.
0
 
Josef Al-ChacarSystems AdministratorAuthor Commented:
Okay i gave the points to the right person this time. Honestly are points really that important. My computer is fixed now isn't that what this website of for? BOTH of you get 125 points.
0
 
ded9Commented:
Select the answer that resolved your problem..its your decision..as younghv: informed that it will help others.




Ded9
0
 
ded9Commented:
@josefah: ...did running mbam resolve your problem or disabling ...Express Gate from bios. ...you have mentioned that disabling express gate resolved your issue and mbam did not find any virus.


Ded9
0
 
ded9Commented:
You dont have to split points becuase i am asking this question... take a fair decision .....I  dont want points...but at least make sure you select the right answer.



Ded9
0
 
Josef Al-ChacarSystems AdministratorAuthor Commented:
I also mentioned that i had a virus in the first place. How do you think that I removed it. Scanning the computer with Kaskersky and malwarebytes. At the time malwarebytes DID find malware but i used several step i've learned from other people to remove the virus.

You said select the one that solved the problem and will help others to solve the same issue. Well not everyone is experienced in removing Trojan's or virus's from there computers so i selected both of your answers because I enjoy helping people out.

I'm think the "accept multiple solutions" button is there so if more than one person gave useful advice then you can give them both credit.

I'm not changing my response but thanks so much you really did help me out I was getting frustrated.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

  • 7
  • 7
  • 5
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now