Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Virus Help

12 Apr 2013   #21
Breakyorself

Windows 7 home premium 64 bit
 
 

Quote   Quote: Originally Posted by cottonball View Post
On the malware, please provide the latest avast! Scan Log.

Will take a look at the above reports.

Thanks!
I don't think I have a latest Avast scan log. I never did a full system scan with it. Only with malwarebytes which came up with nothing bad.


My System SpecsSystem Spec
.
12 Apr 2013   #22
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Uninstall avast . That program causes a lot of BSODs . Download MSE instead
My System SpecsSystem Spec
12 Apr 2013   #23
cottonball

Windows 7 Home Premium
 
 

Hmmmm...so far, do not see what I expected.

Please download: aswMBR
http://public.avast.com/~gmerek/aswMBR.exe
Save it to the Desktop.

>>Make sure your AntiVirus is temporarily disabled!!<<
For information on how to disable protective programs, refer to this Info:
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - BleepingComputer.com

Right-click aswMBR and select: Run as Administrator

When promped with: This Application can use the Avast! Free AntiVirus for scanning...etc.
Select: Yes

The last line of the run in progress will provide the status of the Avast! scan.
It will say: Downloading Avast! virus definitiond database, etc.

When the Avast! scan is done, the last line changes to: Avast Engine definitions #####

At this point, click the Scan button on the lower left of the aswMBR screen.
The last line will now say "Scanning" while it is in progress.

Upon completion of the scan, click >Save log< and save it to the Desktop.
Note: Please do NOT attempt to fix anything!!

Exit the program.

Please post the new aswMBR log in your reply.


Also, notice that another file is created on the Desktop.
It is named MBR.dat.

Please submit MBR.dat for analysis to VirusTotal:
http://www.virustotal.com/

http://www.sevenforums.com/tutorials/277740-online-scanners-scan-suspicious-files-your-pc.html

If you get a message saying: 'File has already been analyzed', click: Reanalyze file

Once scanned, and you see the full results page on your screen, go up to the address bar at the top of the browser, and copy the http:\\etc. address there.

Then, provide the http:\\ address to the results page in your reply.
My System SpecsSystem Spec
.

12 Apr 2013   #24
Breakyorself

Windows 7 home premium 64 bit
 
 



Attached Files
File Type: txt aswMBR.txt (1.3 KB, 3 views)
My System SpecsSystem Spec
12 Apr 2013   #25
cottonball

Windows 7 Home Premium
 
 

Good job!! Now we have something.

Let's see if the following will take care of the issue:

Please download TDSSKiller.zip:
http://www.bleepingcomputer.com/download/tdsskiller/
Right-click the program and select: Extract to tdsskiller\


A TDSSKiller folder is found on your Desktop.
Open the folder, and double-click the TDSSKiller application.


When the TDSSKiller console opens, click on: Change Parameters
Under Additional Options, place a check in the box next to: Detect TDLFS File System
Click: OK


Press: Start Scan


If a suspicious object is detected, the default action is Skip, leave it as is, and click on: Continue
If malicious objects are found, they show in the Scan results.
Ensure Cure (the default) is selected, then click: Continue > Reboot now, to finish the cleaning process.
(Note: If Cure is not available, select Skip, >>Do not select: Delete<<)


When done, the tool outputs its log to the disk with the Windows Operating System, normally C:\


Logs have a name like:
C:\TDSSKiller.X.X.X_12.04.2013_15.31.43_log.txt


Please post the TDSSKiller log in your reply.
My System SpecsSystem Spec
12 Apr 2013   #26
Breakyorself

Windows 7 home premium 64 bit
 
 

Here you go:


Attached Files
File Type: txt TDSSKiller.2.8.16.0_12.04.2013_21.59.34_log.txt (120.0 KB, 5 views)
My System SpecsSystem Spec
12 Apr 2013   #27
cottonball

Windows 7 Home Premium
 
 

Did you reboot?
My System SpecsSystem Spec
12 Apr 2013   #28
Breakyorself

Windows 7 home premium 64 bit
 
 

I posted the log, then rebooted. It's now gone! Thanks to everyone who helped.
My System SpecsSystem Spec
12 Apr 2013   #29
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

You're welcome

If you need to delete the windows.old folder

Windows.old Folder - Delete
My System SpecsSystem Spec
12 Apr 2013   #30
cottonball

Windows 7 Home Premium
 
 

Glad to help, Breakyorself!

It smelled like an MBR/Rootkit issue from the get go.
My System SpecsSystem Spec
Reply

 Virus Help




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Possible Memory Leak Virus - Anti-virus detects nothing?
Hello, I am needing some support on what is exactly taking up all the RAM on my brother's PC as after about 8 hours of uptime, 65% of my Physical Memory is being used up with nothing really open. I did some research and found out it was a possible memory leak or virus, so I first tried to run...
Performance & Maintenance
how to fix / clean windows from ramnit virus and virut virus?
my windows infected ramnit virus and virut virus,how to clean them?
System Security
I have a virus and unable to run/download anti-virus software
Hi, This is my first time posting to the forum. I am not that knowledgeable with computers, but can follow basic instructions. My laptop is acting funny--I think I have a virus. However, I am unable to run any anti-malware or anti-virus software. I try to run McAfee and I get an error...
System Security
Want ideas for Virus removal if virus shows up in safemode CMD
Hi, Looking for general ideas on how everyone else handles a strong virus. If the virus is showing up in Windows regular mode, it opens in safemode and opens in safmode with command prompt. Besides the usual such as boot to repair mode and use system restore, dock hard drive to another pc and...
System Security
RPC Virus message in Action Center, though the virus seems to be gone?
So I was managing my Laptop (Compaq Presario CQ57 with Windows Home Premium SP1) after a long time away from it, I left it in the care of a friend of mine, I noticed a few strange things. 1) I couldn't update Windows. 2) I couldn't turn ON my firewall 3) Windows Security Center was missing....
System Security
Want are the best afforable anti-virus for a trojan virus
what anti-virus would be great at getting rid of a trojan virus some of the anti virus i have used told me i had one but could not delete it.
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 16:45.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App