Jump to content



Photo

Error Checking after malware removal

spyware windows 7 system errors

  • Please log in to reply
28 replies to this topic

#1 Hum

Hum

    totally wAcKed

  • Tech Issues Solved: 10
  • Joined: 05-October 03
  • Location: Odder Space
  • OS: Windows XP, 7

Posted 16 June 2014 - 21:21

I got some RelevantKnowledge folder on my laptop -- I guess from installing dodgy software.

 

It was messing with the Explorer and the Network connection.

 

I stopped and removed the malware.

 

But I wanted to run an Error Check, but for some reason the check cancels itself.

 

I tried System Restore, but this did not fix the problem.

 

Is there a Registry tweak ?

 

Any suggestions ?

 

Thanks.

 

Windows 7 O/S.




#2 OP Hum

Hum

    totally wAcKed

  • Tech Issues Solved: 10
  • Joined: 05-October 03
  • Location: Odder Space
  • OS: Windows XP, 7

Posted 16 June 2014 - 23:55

Well I was able to run sfc from Safe Mode.

 

It said that it found nothing wrong.

 

Still not able to schedule an Error Check that runs to completion, in the normal way.



#3 Obi-Wan Kenobi

Obi-Wan Kenobi

    "You were the chosen one!"

  • Joined: 11-November 02
  • Location: West-Central Texas

Posted 17 June 2014 - 01:42

That doesn't sound too good, hum. I would use hirens ultimate boot cd, in a mini environment, then run another scan with one of the included scanners. Or you could try running an sfc from within that mini environment. I hope you don't have to do a reinstall or anything. Don't know if this helps, just throwing it out there, and if anyone else had a suggestion that's a better solution, please post it. My curiosity is piqued, and I'd hate for you to lose any data, hum!

#4 EZRecovery

EZRecovery

    Puertorican Neowinian Member

  • Joined: 21-November 03
  • Location: Somewhere in the US

Posted 17 June 2014 - 01:54

Try this: TrendMicro Anti-Ransomware

 

UBCD4Win download ISO and burn, boot from it.

 

Hirens Boot CD is another good tool like +Obi-Wan mentioned.



#5 +warwagon

warwagon

    Only you can prevent forest fires.

  • Tech Issues Solved: 2
  • Joined: 30-November 01
  • Location: Iowa

Posted 17 June 2014 - 02:12

I got some RelevantKnowledge folder on my laptop -- I guess from installing dodgy software.

 

It was messing with the Explorer and the Network connection.

 

I stopped and removed the malware.

 

But I wanted to run an Error Check, but for some reason the check cancels itself.

 

I tried System Restore, but this did not fix the problem.

 

Is there a Registry tweak ?

 

Any suggestions ?

 

Thanks.

 

Windows 7 O/S.

 

if RelevantKnowledge is all that you had I wouldn't call that malware, just ad-ware. What does the exact message say when the scan stops? Does it say the user canceled the scan or that the scan has been canceled?

 

You may want to try adwcleaner. It's made for this kind of stuff.

 

Could you do a system restore? I would recommend maybe a kaspersky rescue disc scan via a bootable USB. But first I would do safemode. and run ccleaner and remove temp and internet temp files. Makes the scan go faster. Then run hitman pro. See what it finds.

 

Even if you had to reformat, I see no reason why you would have to loose any data. Just hook an external hard drive up boot off a bartpe disc and copy your data over before the refomat.



#6 T3X4S

T3X4S

    Neowinian

  • Tech Issues Solved: 3
  • Joined: 28-October 13

Posted 17 June 2014 - 02:22

whats malware ?  Havent had it in so long - I forgot !



#7 OP Hum

Hum

    totally wAcKed

  • Tech Issues Solved: 10
  • Joined: 05-October 03
  • Location: Odder Space
  • OS: Windows XP, 7

Posted 17 June 2014 - 02:57

I managed to get a chkdsk going from the Safe Mode.

 

It gets thru Stage 1, but then seems to get caught in an endless loop in Stage 2.

 

It did this twice.

 

I suspect a Windows Repair will be needed.

 

the scan has been canceled?

 

You may want to try adwcleaner. It's made for this kind of stuff.

 

Yes -- and I did run AdwCleaner. MSE found nothing before or after.

 

I have already removed the 'RelevantKnowledge' crap.

 

Regedit found no trace of RK.

 

But then I wanted to check the System files, and that will not complete in the normal way.

 

So I am wondering what is damaged ...



#8 +warwagon

warwagon

    Only you can prevent forest fires.

  • Tech Issues Solved: 2
  • Joined: 30-November 01
  • Location: Iowa

Posted 17 June 2014 - 03:04

I managed to get a chkdsk going from the Safe Mode.

 

It gets thru Stage 1, but then seems to get caught in an endless loop in Stage 2.

 

It did this twice.

 

I suspect a Windows Repair will be needed.

 

Yes -- and I did run AdwCleaner. MSE found nothing before or after.

 

I have already removed the 'RelevantKnowledge' crap.

 

Regedit found no trace of RK.

 

But then I wanted to check the System files, and that will not complete in the normal way.

 

So I am wondering what is damaged ...

 

 

not sure how much I trust ad-ware anymore. How about adwcleaner?

 

I don't really remember sfc /scannow having 2 stages I  just thought it went to 100%

 

Oh now you mentioned chkdsk .

 

how about an hdtune error scan. Maybe you just happen to have some flacky sectors



#9 John.D

John.D

    Neowinian

  • Tech Issues Solved: 2
  • Joined: 10-November 09

Posted 17 June 2014 - 03:37

Run malwarebytes in safe mode do a full scan. Update it first



#10 Obi-Wan Kenobi

Obi-Wan Kenobi

    "You were the chosen one!"

  • Joined: 11-November 02
  • Location: West-Central Texas

Posted 17 June 2014 - 04:29

Run malwarebytes in safe mode do a full scan. Update it first


Even better, try malwarebytes chameleon: https://www.malwareb....org/chameleon/

#11 +goretsky

goretsky

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 12-March 04
  • Location: Southern California

Posted 17 June 2014 - 04:34

Hello,

 

It would be very unusual for a potentially unwanted application (PUA), or even malware, to corrupt the file system of a drive.  After all, they make their money when your computer is available and online.

 

You might want to try testing the disk drive with the manufacturer's diagnostic utility, just in case the problem is with the drive itself and not related to the PUA that was on the system.

 

Regards,

 

Aryeh Goretsky



#12 dafox

dafox

    Neowinian

  • Joined: 09-October 04

Posted 17 June 2014 - 05:35

Anything in the in the sfc log file? Malwarebytes and spybot should do the trick. Try the shell mode in spybot, I have found it quite handy with some malware/ PUA's



#13 OP Hum

Hum

    totally wAcKed

  • Tech Issues Solved: 10
  • Joined: 05-October 03
  • Location: Odder Space
  • OS: Windows XP, 7

Posted 17 June 2014 - 12:05

So far, nothing has fixed the Disk Checking error.

 

I ran a custom scan of MSE, it found the following --

 

I don't how much they affect Windows.

Attached Images

  • malware.jpg


#14 John.D

John.D

    Neowinian

  • Tech Issues Solved: 2
  • Joined: 10-November 09

Posted 17 June 2014 - 21:27

Well obviously the keygen is used to register whatever program. So you dont have to pay for it.

 

The Java one. You should keep Java up to date. If you use it. Uninstall all previous versions. And install the latest version of Java ONLY. You can get this (what MSE picked up),  if you visit a malicious / dodgy / hacked site with a vulnerable version of Java.

 

Since old versions of Java have vulnerabilities. And you can get hacked if you dont remove old versions. Use Javara to remove the rest of the entries, once you've uninstalled old versions of Java

 

And sulunch!gmb. Not too sure what this can do, but it is a trojan. I would also download / run tdsskiller. See if you've got any rootkits



#15 OP Hum

Hum

    totally wAcKed

  • Tech Issues Solved: 10
  • Joined: 05-October 03
  • Location: Odder Space
  • OS: Windows XP, 7

Posted 17 June 2014 - 22:02

^ I have not installed any key generators on my laptop -- and certainly not in the Win32 folder.

I updated Java 2 or 3 weeks ago.

I did run some Trendmicro rootkit program, which found nothing.

I guess I will live with my laptop for now.

The slowness of Explorer is gone, and the Network connection seems at normal.


I do thank you guys for your efforts to help. ;)