Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Removed 2 malwares, now need help with DEP


17 Jul 2012   #1

MS Windows 7 Professional 64-bit SP1
 
 
Removed 2 malwares, now need help with DEP

I was having some browser issues and the IE9 people linked me a Fixit program Fix Internet Explorer issues to make IE fast, safe and stable
and it works great, but it keeps finding the same problem after every restart, which is that DEP is disabled.

I suppose the little malware buggers are the culprits, did something that keeps disabling DEP with every bootup. Is there an easy permanent fix?

In all the many years of surfing the net since the Win 95/dialup days I've never had a malware problem until now. Microsoft's security scanner found a dozen or so "Exploit: Severe" alerts involving "Java/Blacloe...." I should have know something was up when I kept getting prompts from Sun to update but when I clicked on them the prompts just vanished. I didn't know what was happening. The only thing I even need Java for is the occasional line quality test for Speedtest.net.


My System SpecsSystem Spec
.

17 Jul 2012   #2

Windows 7 Ultimate x64 SP1
 
 

Are you certain your computer is virus free?
My System SpecsSystem Spec
17 Jul 2012   #3

Windows 7 Professional SP1 64-bit
 
 

Welcome to Seven Forums.

Download, install, update & scan with Malwarebytes Anti-Malware

Decline trial version while installing.

Post back with results please.
My System SpecsSystem Spec
.


17 Jul 2012   #4

MS Windows 7 Professional 64-bit SP1
 
 

I used this site Malware Removal Guide for Windows - Select Real Security after finding the 2 I mentioned and nothing showed up, and yes, Malwarebytes are what found them yesterday.

Ran it a few more times yesterday and today and it found nothing.
My System SpecsSystem Spec
17 Jul 2012   #5

Windows 7 Ultimate x64 SP1
 
 

Open up an elevated command prompt and type sfc /scannow. That will reboot the computer, scan and hopefully find and replace damaged Windows system files. Run it at least twice, preferably three times, as sometimes it can take a few passes to find and fix everything.
My System SpecsSystem Spec
17 Jul 2012   #6

MS Windows 7 Professional 64-bit SP1
 
 

Ran it 3 times and it says, did not find any integrity violations.

I kept waiting for it to reboot but it never did. Did I miss something?
My System SpecsSystem Spec
17 Jul 2012   #7

Windows 7 Home premium 64bit SP1
 
 

Quote   Quote: Originally Posted by St8kout View Post
Ran it 3 times and it says, did not find any integrity violations.

I kept waiting for it to reboot but it never did. Did I miss something?
Reboot manually
My System SpecsSystem Spec
17 Jul 2012   #8

MS Windows 7 Ultimate SP1 64-bit
 
 

St8kout,

Let's bring out the big guns and blow your malware out of the water.

HOW TO USE WINDOWS DEFENDER OFFLINE ON A USB STICK
Windows Defender Offline
· is a free standalone, bootable malware and virus remover from Microsoft.
· performs an offline scan of an infected PC to remove viruses, rootkits and other advanced malware.

Download Windows Defender Offline (about 764 kB)

You will have the choice of downloading the 32bit version (x86) or the 64 bit version (x64).
The link will help you determine whether you are running a 32 bit version or 64 bit version of Windows

NOTE!! You can download and prepare a 32 bit version using a 64 bit version of Windows
NOTE!! You can download and prepare a 64 bit version using a 32bit version of Windows.

You run the 32 bit version on a 32 bit version of Windows.
You run the 64 bit version on a 64 bit version of Windows.

The 32 bit download file name is: mssstool32.exe
The 64 bit download file name is: mssstool64.exe

For the curious, this program was originally name Microsoft Standalone System Sweeper.


INSTALLATION:
You will need an Internet Connection.
Insert 512 mB (Microsoft’s 256 mB is no longer accurate) or larger USB stick into a usb port.
Run the downloaded program--mssstool64.exe or mssstool32.exe
NEXT button
Choose the option On a USB flash drive that is not password protected
NEXT button
NEXT button
.
The install program will format the usb stick using the NTFS format.
The install program will download about 210 mB.
The install program will name the USB stick WDO_Media32 or WDO_Media64
The WDO_Media32 usb stick will have used space of 255 mB (268,140,544 bytes)
The WDO_Media64 usb stick will have used space of 282 mB (296,165,376 bytes)
You can expect the number of mB to increase as more malware appears.

UPDATE Windows Defender Offline USB stick:
· reinsert the usb stick
· run the installation program, mssstool64.exe or mssstool32.exe, again.
· the update will download about 66 mB (mssstool32.exe) and 68 mB (mssstool64.exe).

Since the malware database is sometimes updated several times in a day, always update before running.

PERFORM AN OFFLINE SCAN
Bootup your computer from the USB stick
Windows Defender Offline will automatically perform a quick scan.
After the quick scan finishes, Choose Full Scan
Select all of your drives

The initial, full scan can easily take several hours, but
Remember, your computer is being very thoroughly checked for all types of malware.


RESULTS OF THE SCAN
The results will be in 4 log files on your computer's disk in:
\Windows\Microsoft Antimalware\Support
My System SpecsSystem Spec
17 Jul 2012   #9

MS Windows 7 Professional 64-bit SP1
 
 

I went back into safe mode and re-ran Malwarebytes, then HitmanPro, just to make sure. MWB came up empty but Hitman found a bunch of cookies it didn't like and removed them. Rebooted and Fixit still showed DEP disabled.

Then I ran |MG| Tweaking.com - Windows Repair 1.7.5 Download as suggested by the Malware Removal site posted earlier. It had me run CHKDSK and the same sfc /scannow before it repaired anything. It found and repaired 21 registry errors, rebooted, and I STILL found DEP disabled upon startup.

Before I try your suggestion, Karl, I have Windows Defender but Microsoft Security Essentials disabled it by default. Is that going to be a problem running it from a usb stick with MSE installed?
My System SpecsSystem Spec
17 Jul 2012   #10

Windows 7 Ultimate x64 SP1
 
 

No, it won't be a problem. Windows will not be running - Windows Defender will boot from the USB stick and it will scan without any issues.
My System SpecsSystem Spec
Reply

 Removed 2 malwares, now need help with DEP




Thread Tools



Similar help and support threads for2: Removed 2 malwares, now need help with DEP
Thread Forum
Login name removed after ransom virus removed General Discussion
malwares from a wifi router? System Security
Solved USB cannot be removed Hardware & Devices
I removed U3 from FD, but it has old name still? General Discussion

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 12:09 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33