It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Startup Problems

page: 1
3

log in

join
share:

posted on Mar, 28 2013 @ 01:35 PM
link   
Hey everyone,

I posted this question on techguy.org as well, but I figured many people on ATS are pretty tech-savvy too.

Here is the background of my problem:

I tried to access a website after someone sent me a text message in response to a craigslist listing that I had put up. It had an address for an image that my phone didn't load, so I went to that address on my laptop.

Here is the address: imgsend.com/?photo=387TWT

The website said I needed a Gimp plugin to view the picture, which I thought was weird since I have Gimp on my computer already. Anyway I went ahead and installed the program even though I was suspicious.

After installing the plugin, the pictures still didn't load, so I checked into that imgsend website. It is apparently well-known for craigslist phishing and getting people to install nasty things onto their computers (like me haha).

I used a program called process explorer to see what suspicious things were running on my computer, and the only thing of interest was datamn~1. I killed the process and used HiJackThis to remove it from my registry, then I restarted my computer a few minutes later.

From that point on my computer started hanging on startup, and it would only boot into a black screen with the cursor and no functionality -- no ctrl alt del, no ctrl shift esc, nada.

When I turn off the computer and let the system do the startup repair, it reports that it has successfully repaired an unspecified problem in the startup configuration, and the next boot works fine. However as soon as I turn off my computer or restart, it boots to the black screen again.

So now any time I want to start my computer, I have to do the startup repair first.

I have cleaned my system with AVG, Spybot S&D, Superanti-spyware and Windows Defender and the problem persists. I am also missing my windows disc, so using the disc is not an option right now.

Here is my system info:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 64 bit
Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 3963 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 1853 Mb
Hard Drives: C: Total - 102399 MB, Free - 20594 MB;
Motherboard: TOSHIBA, Portable PC
Antivirus: AVG AntiVirus Free Edition 2013, Updated and Enabled



posted on Mar, 28 2013 @ 01:41 PM
link   
Have you tried a system restore yet? www.howtogeek.com...

Choose a date before you made the err in judgment and don't download anything from the web. I'm so paranoid about it that if i even get a little vb type of box popping up, I'll just force my browser to crash instead of clicking anything. May seem paranoid but I've also never had a serious infection on my computer so I'm doing something right.

Let me know if the system restore works.



posted on Mar, 28 2013 @ 01:46 PM
link   
Once you get it into the desk top you could try running msconfig from the search, do selective startup and disable all startup items.

See if that helps it, if it does you can go back an enable things one at a time till you find the startup item that might be causing it.

Baring that restore your system.



posted on Mar, 28 2013 @ 01:49 PM
link   
I've had pretty good luck with Trendmicro Housecall for infections. Download the small .exe then reboot your PC into safe mode with networking and run the program.



posted on Mar, 28 2013 @ 01:50 PM
link   
A system restore won't fix the problem.

I would recommend running Malware Bytes. It sounds to me like this virus will just re-install itself after you remove it with MB - so if you remove bad files with MB and the problem persists, run it again and compare logs for the culprit file. Then do a google search for the file name to find out how to remove it indefinitely.

If you need help post here again, or just please post your results.



posted on Mar, 28 2013 @ 02:02 PM
link   
reply to post by TinkerHaus
 


It's always the first step that I get people to do after they installed an oopsy. Just last week, a system restore corrected just such a problem for a friend. Doesn't hurt to try when other attempts to correct it have failed...



posted on Mar, 28 2013 @ 02:02 PM
link   
You got a virus , but thats not such a drama and easily recoverable.

Boot into safe mode and run your security scans. Do you know how to do that ? Some systems vary but you can do a quick google with your laptop/desktop make with " safe mode" added to it. My laptop is press F8 repeatedly whilst booting.

Id recommend you use :

Malwarebytes ~ free
Super-anti spyware ( already in place)
Ad-Aware ~ free
Anti-virus ( already in place )

Update all definitions before you boot into safe mode with no networking. Do full system scans , one at a time on each security program.

Go into your browsers and delete all plug-ins.

I can upload a RECOVERY DISK for you and you can burn it as an ISO and use it if needed to repair your PC.Its just to repair it not to do a clean install but can point you in a direction....U2U me.

Is your registry backed up ? I'm guessing not , so would be a good idea to back it up once clean (,")

Let us know how you get on and good luck.


edit on 28/3/13 by Rule34 because: typos

edit on 28/3/13 by Rule34 because: (no reason given)



posted on Mar, 28 2013 @ 02:48 PM
link   
Thanks for all the replies


I have used msconfig to disable my startup items, and I have installed Adaware and Malwarebytes. I will do a full scan with all the programs and report my progress.



posted on Mar, 28 2013 @ 03:04 PM
link   

Originally posted by TinkerHaus
A system restore won't fix the problem.


There is no hard and fast reason why restoring the computer to an earlier time will not work. Its certainly worth a try.
That's what the option is there for in the first place.

If it does not work and you can boot into safe mode try uninstall whatever you installed in the first place and then scan the computer with Combofix and Norton eraser, they are both free and very powerful.




edit on 28-3-2013 by PhoenixOD because: (no reason given)



posted on Mar, 29 2013 @ 01:47 AM
link   
It sounds like the classic malware trick of replacing the Windows Shell with a version that does bad things.

Spybot
Malwarebytes
SuperAntiSpyware
ComboFix
Google them as they become your best friends.

Also you probably need to repair the system OFFLINE. As in remove your hard drive and place it in a known clean system with antiviral/malware protection. OR use UBCD4Win or another live CD Linux Operating system.
Trying to fix the infected computer with the OS running is like working on a car with the engine running.



posted on Mar, 29 2013 @ 01:58 AM
link   
Boot into safe mode and run Gmer.



posted on Mar, 29 2013 @ 05:20 AM
link   
Scan you computer thoroughly , and then goto start up repair!

Select command prompt

then type C: at the prompt and press enter>
Then Type bootrec /fixboot and press enter
Then Type bootrec /fixmbr and press enter.



posted on Mar, 29 2013 @ 11:05 AM
link   

Originally posted by rigel4
Scan you computer thoroughly , and then goto start up repair!

Select command prompt

then type C: at the prompt and press enter>
Then Type bootrec /fixboot and press enter
Then Type bootrec /fixmbr and press enter.


Not terrible advice but.. a bit harsh considering there's been no error messages that point to a broken master boot record or a corrupt boot manager.

Id want to do a bit more investigating before using those options. Certainly worth a try as a last resort.



posted on Mar, 29 2013 @ 11:07 AM
link   
reply to post by PhoenixOD
 


I thought he said he was getting interrupted start up and the machine going to automatic repair!
Maybe I miss read it.



posted on Mar, 29 2013 @ 01:04 PM
link   

Originally posted by rigel4
reply to post by PhoenixOD
 


I thought he said he was getting interrupted start up and the machine going to automatic repair!
Maybe I miss read it.



It happens. Like i said..it wasn't terrible advice



posted on Mar, 30 2013 @ 10:14 AM
link   
Thanks again for all the advice -- my computer is now running normally. I'm not sure what exactly fixed the problem, but I will just list what I did:

I ran chkdsk /r (which didn't fix anything)
Superantispyware
Ad-aware
Malwarebytes
AVG 2013
Spybot S&D
RogueKillerX64 (recommended by a guy at techguy.org)
Adwclearner (recommended by a guy at techguy.org)

Anyway thanks for all the feedback and advice

stars for everyone




top topics



 
3

log in

join