Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: I have a virus that reinstalls after a recovery. Please help.

20 Sep 2013   #11
cottonball

Windows 7 Home Premium
 
 

Did not see the ZeroAccess entries expected in the FRST reports.

You may want to run Disk Cleanup, if possible at this stage, and remove any thumbs.db files created. The Addition.txt shows some issues with explorer.exe there.

Go to Start > All Programs > Accessories > System Tools > Disk Cleanup
In Disk Cleanup: Drive Selection make sure the (C) drive is showing
Click: OK
On the Disk Cleanup Menu make sure there's a check next to the Thumbnails entry.
Click OK, and the files selected are deleted.


Next, using another computer, you may want to download the following program to a USB pendrive, and then move it to the Desktop of the problem computer.

Download aswMBR:
http://www.bleepingcomputer.com/download/aswmbr/
Save it to the pen drive, and then move it to the Desktop of the problem computer.

Make sure your AntiVirus is temporarily disabled!!
For information on how to disable protective programs, refer to this Link:
http://www.bleepingcomputer.com/forums/topic114351.html

Right-click the aswMBR file and select: Run as Administrator

When promped with: This Application can use the Avast! Free AntiVirus for scanning...etc.
Select: Yes

The last line of the run in progress will provide the status of the Avast! scan.
It will say: Downloading Avast! virus definitiond database, etc.
When the Avast! scan is done, the last line changes to: Avast Engine definitions #####

At this point, click the Scan button on the lower left of the aswMBR screen.
The last line will now say "Scanning" while in progress.
Upon completion of the scan, click >Save log< and save it to the Desktop.
Note: Please do NOT attempt to fix anything!!
Exit the program.

Please post the new aswMBR log in your reply.

Note that a file named MBR.dat is also created on the Desktop.

Please submit MBR.dat for analysis to the following online services that analyze suspicious files:
Jotti's virusscan

Please post the links for the file analyses in your reply.


My System SpecsSystem Spec
.
20 Sep 2013   #12
SevSaint

Microsoft Windows 7 Home Premium 64-bit
 
 

the disk cleanup worked on the constant crashing of windows. thanks for that..
i didn't select any options for the scan. it was defaulted to quick scan so thats what this log includes..
if you wanted me to full scan etc.. then specify with reply and ill update with another log.
i noticed my mbr has an error but im sure you all will figure it out.

thanks again!!

http://virusscan.jotti.org/en/scanre...8be521f2417919


Attached Files
File Type: txt aswMBR.txt (2.1 KB, 3 views)
My System SpecsSystem Spec
20 Sep 2013   #13
cottonball

Windows 7 Home Premium
 
 

SevSaint,

My apology for the obsolete links. Did not realize they needed updating.

Did not see what could be pointing to malware.

Take up the suggestions made by UsernameIssues and ICit2lol. Doubt that TDSSKiller will come up with anything, but, the ESET Online Scanner is a good detection tool.

Run the following when you have the time, though, it may take a while...
The ESET Scanner is implemented as an ActiveX control, so it is best run on Internet Explorer.
Right click the IE shortcut and select: Run as Administrator

Next, download: Free Online Virus Scanner | ESET

On the ESET website, click on: Run ESET Online Scanner
Click: Start

When asked, allow the add-on to be installed
Click: Start again

On the next prompt, Computer Scan Settings, check: Remove found threats
Next, click on: Advanced Settings



Make sure these options are checked:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
Click: Scan


When the scan is completed, if threats are found, in the Scan Results prompt:
  • Click on: List of threats found
  • Click on: Export to text file
  • Save to the Desktop and name it ESET Scan Results
  • Click on: Back
  • Place a check on: Uninstall application on close
  • Click on: Finish, and close the program.
If anything is found, please provide the ESET report in your reply to determine if any further action is necessary.
My System SpecsSystem Spec
.

20 Sep 2013   #14
SevSaint

Microsoft Windows 7 Home Premium 64-bit
 
 

it's not even running in safe mode now. it takes 1 minute or more for anything to happen. sevenforums will not load.. i am beginning to think its hardware related.
My System SpecsSystem Spec
21 Sep 2013   #15
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

Hello Sev mate I have found this it might be worth a try and the two bottom answers have alternatives How to solve Windows explorer has stopped working... - Microsoft Community
My System SpecsSystem Spec
21 Sep 2013   #16
SevSaint

Microsoft Windows 7 Home Premium 64-bit
 
 

alrighty ill make some adjustments. will be a few days since im in the process of moving just bookmark and check back if you will.
My System SpecsSystem Spec
21 Sep 2013   #17
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

No probs - happy moving
My System SpecsSystem Spec
22 Sep 2013   #18
SevSaint

Microsoft Windows 7 Home Premium 64-bit
 
 

i got on the computer to recover the computer since it was totally hung every time i clicked on anything in safe mode and it was running fine. someone said it might be a satr cable on the hard drive thats lose.
sometimes i hear a slight pop when turned on or off. dont have a clue what that is.. going to do what has been suggest and its currently at factory install condidtion again for the 6th time in a month
My System SpecsSystem Spec
22 Sep 2013   #19
redfang337

Linux Mint 15 "Olivia" x32
 
 

SevSaint, I think the only thing you can do about now is a Clean ReInstall. I'd do a scan with TDSSKiller and MalwareBytes Anti-Rootkit (MBAR) before reinstalling to make sure no rootkits are involved. We've tried just about everything, and if something does end up working, the computer wouldn't be trustworthy due to whatever virus got in it in the first place.
I think It's the best solution.

NOTE: Make sure you follow these instructions for TDSSKiller:
when starting the application, click the Preferences button. Then make sure the following are checked



Then start your scan

As for the pop when the computer starts or shuts down, I am not experienced with this, for some laptops it's normal, although I do not think good, someone with more knowledge than I would have to address that situation

--Brad
My System SpecsSystem Spec
22 Sep 2013   #20
SevSaint

Microsoft Windows 7 Home Premium 64-bit
 
 

alrighty red.. downloading the iso sp1 for my OS right now.. might take a few days since all the work and stuff i gota do.. but if that doesn't work then i know its the hardware and not software issue.
My System SpecsSystem Spec
Reply

 I have a virus that reinstalls after a recovery. Please help.




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
FBI / Bundespolizei virus without Safe mode and system recovery
Hi Gents, I had the "German" version of the virus (Bundespolizei) 2 times in the last 1 year and I managed to get rid of it. But now... One of my biggest problems is BitLocker - my hard drive is encrypted (but I have the codes) I am having the following problem now: 1. The screen after a...
System Security
BSOD's Start Again After Reinstalls of Win 7 and Updates
I reformatted the hard drive and began again. Once I get to the point where Windows 7 is pretty much up-to-date with bug-fixes (over 100 of them!), and MS Office is installed, the BSOD's start up again - fast and furious. I can tell my computer has a hard time starting up cold - the hardware needs...
BSOD Help and Support
Windows reinstalls my HD Audio drivers...
Hi How do i get rid of the **** driver update? I didn't have internet connected so it's getting the driver from my computer somewhere.. ImageShack® - Online Photo and Video Hosting How do i stop that!?!? Or how can i remove the system file that it uses? It's:
Windows Updates & Activation
Cleanup after Win 7 Recovery Virus
I have no shortage of relatives who will not use a good AV program. This one got the Win 7 recovery virus. Its gone now. It had hidden all the user files. I was given a program named "unhide.exe" which really restored all user files. The All Programs menu is the last problem. the unhide program...
General Discussion
BSOD continues after Reinstalls.
This is my first post looking for help so sorry if I forget to add somethings. I recently (within the last two weeks) rebuilt my computer and upgraded a bunch of stuff. All of the stuff is compatible on the hardware side. The following paragraph is no longer true as of 1:31 am after booting...
BSOD Help and Support
Delete Recovery Partition? Had bad virus
I just installed Windows 7 on my parents laptop, they got that Fake AntiSpyware virus which Geek Squad at BestBuy...geniuses...not. Cost $130 and they "recommend" a $65 antivirus, which my mother thought would be a great idea while not telling me.. Anyways, I installed Windows 7 and I saw in...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 01:48.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App