Windows 7: think I have bad Malware

Hi,

Last night i got a new charger for my HP pavilion G6 laptop. I havn't turned it on for a week and last time i did there was no problems with it. About 10 mins after turning it on i noticed the internet wasn't working, So i reset my internet box as sometimes out BT homehub has connection issues. Nothing happened so i restarted my computer thinking it might be something to do with that.



When my computer restarted, It took forever to get past the 'welcome' screen on windows, and then i was presented with a black screen for about 2 mins. Once windows explorer launched, i still had no internet, my firewall was down, it could not connect to windows servers or intel servers ( i don't know what they are?).

I ran virus scans with Avira and Spyware Terminator and they found a java plug in that was dodgy, so i quarantined that and ran a Malbytes scan which come back clean. But this has not sorted the problem.

Thanks in advanced for any help!!

A quick update, I attempted to do a system restore and my computer is telling me i have no restore points saved, but i know for a fact i do because i did a restore just before my charger broke.

Hi, welcome to the forums

Best thing to do is to download MalwareBytes and perform a full system scan and hope that it picks it up.

As you mention no internet I'd advise you try creating a new user account and see if it allows for an internet connection.

I've already run this and it come back completely clean. Im on Windows 7 HomePremium 32 bit if that makes a difference?

Here's a step by step that I find has worked for me and has cleaned many of my clients machines...

1. Start your machine normally and log in (if required)
2. As soon as the desktop appears right-click the taskbar and select Task Manager

      Note

   Be very quick, the virus will be inactive while the explorer environment is being started. This may take a couple of attempts

   
   

3. Now that you have Task Manager open you can systematically "Kill" any process which you do not recognize
4. Open Control Panel > Network and Internet > Internet Options and under the Connections tab click Lan Settings
5. Make sure that the Use Proxy server for your LAN is not selected. If it's selected then de-select it and click OK
6. Under the General tab, Delete ALL internet browseing history, making sure to de-select Preserve favorites website data and selecting ALL OTHER OPTIONS
7. Completely clean out the following 2 folders "c:\users\[your user]\Appdata\Local\Temp" and "c:\windows\temp"

      Note

   You may be prompted that some files are in use, just skip those and continue. You will also need to have hidden files, folder, and drives enabled

   
   

8. Download MalwareBytes and perform a Full System Scan

Your system should nw be at a more stable state but I'd advise performing multiple scans just to be on the safe side.


Hope it helps


OS

Hello darren and welcome to Seven Forums.

If creating a new user account or following Orbital Shark's task manager suggestions don't work you might want to see if your machine has some kind of recovery partition you could access. (This isn't the same thing as a system restore. A recovery partition lets you return your machine to original factory settings - the way it was when you first brought it home.) If you can get to your Start menu look for a program called Recovery Manager or something similar. Or, try clicking the F11 key immediately after you power on the laptop. Either method should get you to the recovery partition Then just follow the prompts and heed the warnings to back up personal data.

Nice post man , but i think, performing a full scan in safe mode is much more effective

True, but as only minimal drivers/resources are loaded any memory active threats may not be picked up unless the resource is actually running.

Hi guys, Thankyou for the help so far.

I've followed all these steps and malware bytes and super anti spyware still can't find anything.

Im unsure about rebooting my system to factory settings as last time i did this, my computer deleted its boot manager and it cost me £100 for a fresh windows install. Is there anyway i can check my computer will safely restore to factory settings without dedicating myself to a factory restore?

Further, is there any further action i can take to try and delete this malware?

one thing ive noticed, when i try to turn on my Wlan either through cmd or its option section, i get an error saying i dont have administrative authority.

thanks!

If this is a malware problem there are some other free tools you could try. For example, Norton Power Eraser; Surfright's Hitman Pro; Trend Micro's HouseCall to name just a few.

If you still have clean scans then there's likely one of two possibilities: it's not a malware problem or the malware is so deeply embedded it's not being picked up. If it's not being picked up then a clean install or return to factory specs might be the best way to go. I'm not sure if there's a way to tell if the Recovery Manager will work without actually trying to return your machine to factory specs. (Same with a system image - don't really know if it'll work until you try. Blind faith. )

If it isn't malware (and I'm not sure if anybody can't state with 100% certainly your machine has not been infected) then you could possibly try System File Checker, or a Repair Install. If you need a full install disk there are sites available that offer official MS ISO versions of 7 HP. Download the ISO and burn it to a DVD. If you need to reactivate you'd use the sticker on your machine.