Solved

Issues After Malware Removal

Posted on 2013-11-26
10
379 Views
Last Modified: 2013-12-09
Toshiba Satellite L505D
AMD Athlon Dual II Core M300 2.00Ghz
Windows 7 Home Premium SP1
3 GB RAM

I uninstalled suspect programs like PC Fix Speed, 24 x 7 Help and Search Protect by Conduit.  Unable to update Malwarebytes database on laptop so removed hard drive and ran full scan from another computer with updated Malwarebytes database.  Malwarebytes cleaned 0Access rootkit.  

I am now unable to log into laptop normally. After entering password, laptop produces blank screen with arrow.  At this point, if I can get task manager to open, within a minute, CPU reports 100% usage.  Laptop no longer responds.
 
I can access laptop in Safe Mode.  In Safe Mode, I am unable to see any errors in event viewer that would be related to any issues logging into Windows normally.

There is no recovery disk, but I have an image of the HD before starting the cleaning process.
0
Comment
Question by:charismatic100
10 Comments
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39677505
Repair install might be your best choice now. If you do not have a system recovery disk you can order one from Toshiba, I think.
Or borrow an Windows 7 HP SP1 install disk from someone.

HTH,
Dan
0
 
LVL 34

Accepted Solution

by:
Dan Craciun earned 500 total points
ID: 39677513
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39677577
I discourage you to continue using this installation.
If you are able to manually clean it, you should. If not, don't trust it just because some automatic malwarebytes program does not find anything anymore.

It could be that the error you experience is caused by other malware or components of the old that are still active.

Best would be to backup the files and recover/reinstall.
0
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

 

Author Comment

by:charismatic100
ID: 39677624
Downloading iso now.  It will take 3-4 hours.
0
 
LVL 22

Expert Comment

by:Nick Rhode
ID: 39677828
I would run some of the simple tools in my article to help clear up the issues.  Problem is probably due to your host file being edited and hijackers left in the registry.  

http://www.experts-exchange.com/Security/Vulnerabilities/A_12285-Virus-Removal-Methods.html
0
 
LVL 24

Expert Comment

by:aadih
ID: 39677995
Save your important data and files and reinstall.
0
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39678008
If all you see is a blank screen with the cursor, it means that the explorer process (explorer.exe) could not start.

Either was replaced on registry by malware with another file and you deleted that file or was replaced on disk and the A/V damaged it on cleaning.
0
 
LVL 92

Expert Comment

by:nobus
ID: 39680056
try a repair : http://www.sevenforums.com/tutorials/681-startup-repair.html
if that does not work -  try a system restore to an earlier date

if these do not produce the wanted result -  backup and reinstall from fresh
it is the only guaranteed method
0
 

Author Comment

by:charismatic100
ID: 39707373
Repair module of Win 7 HP SP1 did not detect Windows partition.  Recovered data files and did fresh install of Win7 using ISO from website suggested by DanCraciun.  All is well.
0
 

Author Closing Comment

by:charismatic100
ID: 39707376
Thank you.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Samsung SSD 840 EVO and 840 EVO mSATA have a well-known problem with a drop in read performance. I first learned about this in an interesting thread here at Experts Exchange: http://www.experts-exchange.com/Hardware/Storage/Hard_Drives/Q_2852…
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question