Computer's caught something nasty. Little help?

[TheCarpe]

My post on Reddit's tech support explains it all, as well as ongoing efforts: http://www.reddit.com/r/techsupport/com ... tdown_now/

Alright, so here's the poop. Looking up something on Google (harmless, merely seeking calorie counts) caused a redirect to an apparently Russian (or at least Slavic) website. Closed it shortly after, but then Windows alerts "potentially harmful software detected", before shutting itself down. Restarting normally now leads to a bluescreen not long after Windows loads my desktop.

Here is the bluescreen.

Now then.

Safe Mode runs without issue. I've run Spybot and cleared all it found (only three results, one Search-Explorer is not fully deleting and keeps being detected). Did not have any antivirus, but I have installed and run Avast! and it has found nothing after a full system check. Boot-time check will not work, the blue screen hits before Avast does. Unable to System Restore, aborts with error.

Here is a HijackThis log. Anything else you may want or need, just ask and I will provide as best I can. I can also provide the URL I was redirected to if someone with some precautions wants to have a look. Rather not just plaster that right in my post for obvious reasons. Request it and I can PM it to you if you want a look.

[MrBlah]

Boot into safe mode and copy over all necessary and un-replaceable files to any external storage device. Start Safe mode with networking and download the plethora of drivers that your computer uses. Put those on that external storage device as well. Reinstall Windows. Reinstall those 4 or 8 drivers you downloaded. Copy over your un-replaceable files. Download Steam and all your games(overnight and while you are at work/school).


EDITED FOR EASE OF USE

[Masakari]

Boot into safe mode and copy over all necessary and un-replaceable files to any external storage device. Reinstall Windows.

Yeah, I hate to be the bearer of bad news, but that is probably the easiest way to get back to where you need. Having Safe Mode to copy files will at least make it considerably less painful.

[MrBlah]

Yeah, instead of spending endless hours trying to fix something, you can spend a few hours re-installing and getting a clean slate.

[Masakari]

And honestly, if you're doing a reinstall, pick up a copy of Windows 8 while it's still cheap and install it at the same time.

[TheCarpe]

And honestly, if you're doing a reinstall, pick up a copy of Windows 8 while it's still cheap and install it at the same time.

Wow, that is cheap for a brand new OS. What gives? Edit: Oh, I see. It's an upgrade instead of a standalone.

Also, I've heard mixed reviews on Windows 8 that hasn't painted it in the best light. Convince me.

[MasterChef]

I agree with thoughts to just re-install windows. I'd always be worried that some part of the virus or whatever is still lingering around. I just feel more peace of mind with a fresh start.


Stop trying to get people to waste money on Windows 8 Masa.

[Masakari]

Wow, that is cheap for a brand new OS. What gives? Edit: Oh, I see. It's an upgrade instead of a standalone.

Also, I've heard mixed reviews on Windows 8 that hasn't painted it in the best light. Convince me.

Assuming that you can deal with Metro (Which realistically, on Desktop you don't see too much), Windows 8 is an improved version of the Windows 7 kernel. System boots faster, uses less memory, performs better (Though part of that was just getting rid of Aero Glass), and is just an all around improvement. Metro UI is there for the Start Screen, but if you're *really* that concerned about having to deal with it, you can either put all your shortcuts on your desktop, or download a Start Menu replacement (Though I think it's dumb).

Alternatively, if you need a sell on Metro, their Minesweeper app for it has adventure mode. Yes, adventure mode.

Stop trying to get people to waste money on Windows 8 Masa.

And after that, you want me to get off your lawn, right? =P

[Plinko]

I had a similar problem recently (as in a week ago), I found I could just log into my guest user account, run a full MSSE scan and it cleared everything. Then I restarted into my normal account and have been fine since.

If you have a guest account enabled, you can probably download and install MSSE from there, it will prompt you for an admin password but it won't actually require you to load your admin account's profile.

[TheCarpe]

I had a similar problem recently (as in a week ago), I found I could just log into my guest user account, run a full MSSE scan and it cleared everything. Then I restarted into my normal account and have been fine since.

If you have a guest account enabled, you can probably download and install MSSE from there, it will prompt you for an admin password but it won't actually require you to load your admin account's profile.

Worth a shot, I guess.

Though I am amassing some drivers. It's kind of funny, a majority of what I would want to save is already safely stowed away on my external drive, from an event a couple months ago when I also thought I would need to wipe but eventually didn't.

So, as soon as this video driver finishes I'll try the guest account thing. I'm open to anything at this point.

I'm on Steam as well if anyone wants more info, etc.

[Zork Nemesis]

While yes, a complete reinstall would probably be the better option, if you haven't done anything yet, have you considered a system restore? This doesn't always work, but the couple times i've gotten hijacked it has. It's part of a Windows failsafe (I think it is at least) where Windows creates a restore point every time something is installed or something important is modified. It keeps the most recent three or four on hands any time you have a bad install. Go into Control Panel > Backup and Restore and (assuming you're on Windows 7) click the option at the bottom that says "Recover system settings or your computer." then click the button that says "Open System Restore" Follow the on-screen instructions and when it prompts you to select a restore point, choose a date/time before your problems started. The process takes about 10-15 minutes, it will basically rewind your computer back to the state it was in just before whatever that point was created for was done. Any local files are left untouched.

I say try this before going with a wipe if you haven't started that already.

[Masakari]

While yes, a complete reinstall would probably be the better option, if you haven't done anything yet, have you considered a system restore? This doesn't always work, but the couple times i've gotten hijacked it has. It's part of a Windows failsafe (I think it is at least) where Windows creates a restore point every time something is installed or something important is modified. It keeps the most recent three or four on hands any time you have a bad install. Go into Control Panel > Backup and Restore and (assuming you're on Windows 7) click the option at the bottom that says "Recover system settings or your computer." then click the button that says "Open System Restore" Follow the on-screen instructions and when it prompts you to select a restore point, choose a date/time before your problems started. The process takes about 10-15 minutes, it will basically rewind your computer back to the state it was in just before whatever that point was created for was done. Any local files are left untouched.

I say try this before going with a wipe if you haven't started that already.

Unable to System Restore, aborts with error.

Honestly, though it hurts, fresh install will make your computer feel better anyways. Just remember to back up your saved games!

[Crusty Juggler]

I agree with everyone here, safe mode> copy your personal files> fresh-install is the best bet.

Afterwords, you should consider placing Windows on it's own partition, creating a disk image (once or twice a year depending on how many changes you make to your OS) of Windows and keeping all your other data on separate partitions. Using this method, when you need to recover Windows you can simply format your C: drive, pop a new disk image on it and be back up and running in 30 minutes or so while leaving all your other data untouched.

[Clay Pigeon]

And honestly, if you're doing a reinstall, pick up a copy of Windows 8 while it's still cheap and install it at the same time.

Wow, that is cheap for a brand new OS. What gives? Edit: Oh, I see. It's an upgrade instead of a standalone.

Also, I've heard mixed reviews on Windows 8 that hasn't painted it in the best light. Convince me.

It's great for touch screens. You have a touch screen, right?

[Deslock]

After you get it all fixed, I would definitely install some AV software, like Avast or MSE. Sounds to me like you got hit with a drive-by rootkit.

Here are some tools you may find useful


I would give TDSSKiller and aswMBR a try before going the reformat and reinstall route.

My personal setup: MSE, SUPERAntiSpyware, and Outpost Security Suite (only running the firewall).