Solve : Super Anti Spyware gave me blue screen of death.?

1.	Solve : Super Anti Spyware gave me blue screen of death.?
Answer» Hi, I really hope someone can help me. I did something really stupid and downloaded an infected file from Limewire that gave me a bunch of junk. I removed Limewire but continued to get popups for programs like Frostwire that aren't even (to my knowledge) installed on my machine. I'd heard good things about Super Anti Spyware, so I installed it and ran a scan. It found several trojans and something called vundo. Once the scan finished, it asked me to restart. So far, so good...until I got a blue screen of death at start up. So I put Windows into safe mode and now I'm at a loss as to what to do. Is my only option reinstalling Windows at this point? And if so, how do I back up my data without backing up the viruses too? I'm also not sure if I have all the drivers I'd need. I don't feel comfortable doing it myself either so I will take it in for repair, but first I WANTED to see if anyone has any other suggestions. I'm running XP with McAfee, if that helps...could McAfee possibly have conflicted with something? I tried to disable it but I couldn't figure out how. Please help!Superantispyware shouldn't have removed anything that would cause a blue screen. If needed open Superantispyware (SAS) and select manage quarantine, select the log of items removed and click Restore. Can you get into normal mode? If so post a Hijackthis log so we can see what is GOING on. If needed run Hijackthis in safe mode.I'm not sure where the "manage quarantine" option is, but I do have the log file of what it fixed/removed, if that helps you. [recovering space - attachment deleted by admin]Download SDFix.exe and save it to your Desktop. Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix) Please then reboot your computer in Safe Mode by doing the following: Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, the Advanced Options Menu should appear; Select the first option, to run Windows in Safe Mode, then press Enter. Choose your usual account. Open the extracted SDFix FOLDER and double click RunThis.bat to start the script. Type Y to begin the cleanup process. It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot. Press any Key and it will restart the PC. When the PC RESTARTS the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons. Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt (Report.txt will also be copied to Clipboard). Finally add the contents of the Report.txt in your next post. Hi, sorry for not getting back to you sooner. All right, I used SDFix and when it was finished, it didn't say "finished" or give me a file called "report", but there was one called "catchme", so I'm including that. It says there were no files found...is that good? [recovering space - attachment deleted by admin]Wait, sorry, here is the Report file. It was in the program folder though, not on the desktop - I don't know if that makes a difference? This is what it says: SDFix: Version 1.177 Run by Owner on 29/04/2008 at 09:12 PM Microsoft Windows XP [Version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Please download Combofix by sUBs from one of the below links. (Try all three if necessary) Link #1 Link #2 Link #3 Important! Combofix.exe MUST be saved to and ran from the Desktop. Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting Combofix. Important! Temporarily disable your antivirus, script blocking and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them. If yours is not listed and you don't know how to disable it, please ask. Warning: Combofix disconnects your computer from the internet. The connection is automatically restored before Combofix completes its run. Double click combofix.exe & follow the prompts. Choose Yes to accept the Disclaimers.[ When finished, it will produce a log for you. Post that log in your next reply. Warning: Do not mouseclick combofix's window while it is running. That may cause it to stall If Combofix runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your computer. Important: Remember to re-enable your antivirus and antispyware before reconnecting to the Internet. Do I need to be in Safe Mode to do this, or can it be run from normal Windows?Normal mode.

Answer»

Hi, I really hope someone can help me. I did something really stupid and downloaded an infected file from Limewire that gave me a bunch of junk. I removed Limewire but continued to get popups for programs like Frostwire that aren't even (to my knowledge) installed on my machine. I'd heard good things about Super Anti Spyware, so I installed it and ran a scan. It found several trojans and something called vundo. Once the scan finished, it asked me to restart. So far, so good...until I got a blue screen of death at start up. So I put Windows into safe mode and now I'm at a loss as to what to do. Is my only option reinstalling Windows at this point? And if so, how do I back up my data without backing up the viruses too? I'm also not sure if I have all the drivers I'd need. I don't feel comfortable doing it myself either so I will take it in for repair, but first I WANTED to see if anyone has any other suggestions. I'm running XP with McAfee, if that helps...could McAfee possibly have conflicted with something? I tried to disable it but I couldn't figure out how. Please help!Superantispyware shouldn't have removed anything that would cause a blue screen. If needed open Superantispyware (SAS) and select manage quarantine, select the log of items removed and click Restore.

Can you get into normal mode? If so post a Hijackthis log so we can see what is GOING on. If needed run Hijackthis in safe mode.I'm not sure where the "manage quarantine" option is, but I do have the log file of what it fixed/removed, if that helps you.

[recovering space - attachment deleted by admin]Download SDFix.exe and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following:

Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.
Open the extracted SDFix FOLDER and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC RESTARTS the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard).
Finally add the contents of the Report.txt in your next post.

Hi, sorry for not getting back to you sooner. All right, I used SDFix and when it was finished, it didn't say "finished" or give me a file called "report", but there was one called "catchme", so I'm including that. It says there were no files found...is that good?

[recovering space - attachment deleted by admin]Wait, sorry, here is the Report file. It was in the program folder though, not on the desktop - I don't know if that makes a difference? This is what it says:

SDFix: Version 1.177
Run by Owner on 29/04/2008 at 09:12 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :

Restoring Windows Registry Values
Restoring Windows Default Hosts File
Please download Combofix by sUBs from one of the below links.
(Try all three if necessary)

Important! Combofix.exe MUST be saved to and ran from the Desktop.

Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting Combofix.
Important! Temporarily disable your antivirus, script blocking and any antispyware real time protection before performing a scan.
- Click this link to see a list of security programs that should be disabled and how to disable them.
- If yours is not listed and you don't know how to disable it, please ask.
Warning: Combofix disconnects your computer from the internet. The connection is automatically restored before Combofix completes its run.
Double click combofix.exe & follow the prompts.
Choose Yes to accept the Disclaimers.[

When finished, it will produce a log for you.
Post that log in your next reply.

Warning: Do not mouseclick combofix's window while it is running. That may cause it to stall

If Combofix runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your computer.
Important: Remember to re-enable your antivirus and antispyware before reconnecting to the Internet.

Do I need to be in Safe Mode to do this, or can it be run from normal Windows?Normal mode.

Solve : Super Anti Spyware gave me blue screen of death.?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment