Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: lacking experience I have a tenatious virus and need help to remove it

04 Mar 2015   #21
Shabakthanai

Windows 7 Professional 64bit
 
 

Yes

Quote   Quote: Originally Posted by cottonball View Post
Shabakthanai,

Let me ask this a different way...

Is the Windows CD you have for Windows 7?

Does the troubled computer also have Windows 7 installed on it?



My System SpecsSystem Spec
.
04 Mar 2015   #22
cottonball

Windows 7 Home Premium
 
 

Shabakthanai,

Good!!

Let's do the following...

You need a working Windows computer, a USB pen drive, and the Windows 7 CD/DVD.

Now, In a working Windows computer, please download Farbar Recovery Scan Tool
Select the version compatible with the troubled system: 64 bit

Connect the USB pen drive into the computer, and save the downloaded file to it.
Remove the pen drive when done. (Safely remove...etc.)


Next, go to the troubled computer and do the following:

Turn it on, and insert the Windows 7 installation disc.
Also connect the USB pen drive with FRST to a USB port.
Restart the computer.

Assuming the troubled computer is set to boot from CD.
If not, STOP here and post back letting us know.



If the computer boots from the CD...

Enter System Recovery Options using the Windows Seven Installation Disc.
-If prompted, press any key to start Windows from the installation disc.
-Select your language settings, and then click: Next
-Select the Operating System you want to repair, and then click: Next
-Select your user account and click: Next

On the System Recovery Options menu you get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Scan your computer's memory for errors.
Command Prompt

Select: Command Prompt

In the Command window, at the bliking cursor type notepad and press: Enter
In Notepad, under the File menu select: Open
Double-click Computer, find the pen drive letter, remember what letter it is, click on it, and press: Open
Close out of Notepad.

Click the Command window, and ype X:\frst64.exe, and press: Enter
Note: Replace the drive letter x with the drive letter of your pen drive!

The tool starts and prepares to run. Follow the prompts.
Click Yes to the disclaimer.

Press: Scan

When done, the program saves the FRST.txt report, on the pen drive.

Close Notepad, then, click the Command prompt window, and type exit, and press: Enter
Back at the System Recovery Options, press: ShutDown

Return to the clean computer, and plug in the USB pen drive. It contains the FRST.txt report

Please provide the FRST.txt in your reply.
My System SpecsSystem Spec
05 Mar 2015   #23
Shabakthanai

Windows 7 Professional 64bit
 
 
Wow what a great amount of work.

I am 72 and my memory doesn't hold very long any more. I am so grateful for this effort, I can't put it into words, but I will do as you say.

When instructions are long, and in this case, I consider them very long, my lagging memory, sometimes doesn't keep up with the process, so this is a big task for me. Additionally, I am sensitive to the time that others spend helping me, because sometimes not remembering a previous task causes me to take exceedingly too much time and, I become stressed; I have to redo many times sometimes to get it right. I am sorry for making excuses, but it is something I seem to have to live with.

I am thinking it may take me a day or so to complete the process, so don't give up on me, if you are willing to continue.

What you are suggesting may help with future problems of similar kind, at least I hope so.

I expect I seem too apologetic, but when you fight my memory problems while getting help from people who are helping out of the kindness of their heart, it makes me feel an increased burden. The result is that I am way more grateful than able to express, and a pain in the nickta with my constant apologies.

This is really a fine forum and you represent it so well as do the others that take the time to help me. Thanks!
My System SpecsSystem Spec
.

05 Mar 2015   #24
Shabakthanai

Windows 7 Professional 64bit
 
 

I am a little mixed on the forum process. It differs slightly from the forum of my other OS. I hope you can easily refer to the correct reply, no thanks to me.

I copied the application you recommended. I put is on an empty thumb drive. Since my other OS is on the same computer as Windows 7 offending, I was able to copy Farbar Recovery Scan Tool to the thumb drive from my other Operating System (it communicates with all OS's and all computer languages and all file systems and file types)(The blue type continues even after attempting to change it to black - I copied and pasted it from your reply, so it probably would have linked without the additional blue print)

My computer has a wonderful motherboard. I entered in the BIOS where a link to the Boot Manager is Available. Since I have 2 DVDRW drives, there, of course, are two entries for the DVD drives. I tried them both, but when I attempted the proper drive, the window flashed but diverted to my other operating system's default boot. Is it possible that the offending programmer took this into consideration when trying to control our computers? I hope we can overcome this. Farbar Recovery could have been named Fubar and been even more accurate, if so.

Just so you don't have to repost, if my boot manager record is something you are interested, here is how it appears in my BIOS:

Windows Boot Manager (P5: OCZ-AGILITY4)
ubuntu (P5: OCZ-AGILITY4)
ubuntu (P5: OCZ-AGILITY4)
RealTek PXE B0B D00
P5: HL_DT_STDVD_RAM GH22LS30
P0: HL_DT-ST DVDRAM GH24NS50
P2: WDC WD10EADS-00L5b1 (3167MB)
P3: ADATA SP900 (953869MB)
P4: OCZ-AGILITY4 (244198MB)
JetFlashTrendscend 4GB (3768MB) - This represents Farbar USB3
UEFI: HL-DT-ST DVDRAM GH24N350 (3167MB) - My default DVDRom
UEFI: JetFlashTranscend 4GB (3768mb) - Drive if I wanted to boot to USB

Have you ever purchased an SSD or HHD drive that contained as many GB's as it said, when you purchased the respective Drives. I hate that; it bugs me; I would rather they identified with SMALL, MEDIUM, AND LARGE. hah!

I verified the USB copy was successful. still, I have probably done something wrong.

My System SpecsSystem Spec
05 Mar 2015   #25
Geek2go

Windows 7 Home Premium 64-bit SP1
 
 

Shabakthanai,

GREAT! Glad you could get through most of the instructions. Also, you have followed them fairly well.

Now, most new bioses usually have a F2 key press (or DEL or such) to get into the bios. Usually, these same bioses have a "boot manager" without having to get into the bios. It involves either a F10 or F12 button press. From here you can select either DVD drive. If one doesn't work, then it must be the other. It is imperative you use the WINDOWS 7 DVD in either drive. I'm going to be explicit here to aid in the troubleshooting process (and save COTTONBALL from some work ):
  • Place the DVD in one of the two drives.
  • Boot your computer, and start pressing F12 or F10 (depending).
  • Select the FIRST DVD drive and press ENTER.
  • If it says "Press any key to boot" then press any key on the keyboard.
  • If not, reboot your computer (CRTL-ALT-DEL).
  • Get into the boot manager pressing F12 or F10.
  • Select the SECOND DVD drive and press ENTER.
  • If it says "Press any key to boot" then press any key on the keyboard.
  • If it STILL doesn't boot, move the DVD into the OTHER DVD drive (sometimes dvd drives can be finicky)
  • reboot, get into the boot manager and select the first drive.

At this point, you MUST be booting into the windows startup disc. If not, your disc is either damaged, or a copy aka not a legit copy (don't get upset about this statement it happens).

The alternative is to get your windows recovery dvd onto a thumb drive to boot from there. I will let COTTONBALL continue with that as he's doing great and I'm learning too.

You're doing great, so give yourself some credit. Also not to be rude in hopes of getting you a solution quickly, try for some brevity in your posts as you do add some info that tends to confuse the important info. (i.e. - your second last paragraph)
===================================================
SIDE NOTES - Just for your info as these two items have nothing to do with your current problem.

To answer your question, "Is it possible that the offending programmer took this into consideration when trying to control our computers?", the answer is no. This is a BIOS issue and will involve your input. Remember, when you boot up your computer, the BIOS loads before any other program so unless you installed a "hacked" bios, it's very unlikely. (If you are going to ask me how do you know if you've installed a hacked bios, don't worry... it means you've never done it. It's not possible to do it without your input either so just keep reading)

When SSD or HDD are sold as 100GB(for example), the manufacturer's marketing department has modified the number because larger is better. So their MARKETING of a 100GB is 100,000MB (supposedly).
In truth, 1024 bytes make a 1KB, and in turn 1024 KB make 1MB, and 1024 MB make 1 GB. Therefore a true 100GB drive is really 97GB (approx) but no one will buy a 97GB drive if every other manufacturer is saying 100GB. Hope that gives you an idea of why drives don't really show as their marketed number size. Obviously, as the size of the drive increases, the discrepancy does too.


Quote   Quote: Originally Posted by Shabakthanai View Post
I am a little mixed on the forum process. It differs slightly from the forum of my other OS. I hope you can easily refer to the correct reply, no thanks to me.

I copied the application you recommended. I put is on an empty thumb drive. Since my other OS is on the same computer as Windows 7 offending, I was able to copy Farbar Recovery Scan Tool to the thumb drive from my other Operating System (it communicates with all OS's and all computer languages and all file systems and file types)(The blue type continues even after attempting to change it to black - I copied and pasted it from your reply, so it probably would have linked without the additional blue print)

My computer has a wonderful motherboard. I entered in the BIOS where a link to the Boot Manager is Available. Since I have 2 DVDRW drives, there, of course, are two entries for the DVD drives. I tried them both, but when I attempted the proper drive, the window flashed but diverted to my other operating system's default boot. Is it possible that the offending programmer took this into consideration when trying to control our computers? I hope we can overcome this. Farbar Recovery could have been named Fubar and been even more accurate, if so.

Just so you don't have to repost, if my boot manager record is something you are interested, here is how it appears in my BIOS:

Windows Boot Manager (P5: OCZ-AGILITY4)
ubuntu (P5: OCZ-AGILITY4)
ubuntu (P5: OCZ-AGILITY4)
RealTek PXE B0B D00
P5: HL_DT_STDVD_RAM GH22LS30
P0: HL_DT-ST DVDRAM GH24NS50
P2: WDC WD10EADS-00L5b1 (3167MB)
P3: ADATA SP900 (953869MB)
P4: OCZ-AGILITY4 (244198MB)
JetFlashTrendscend 4GB (3768MB) - This represents Farbar USB3
UEFI: HL-DT-ST DVDRAM GH24N350 (3167MB) - My default DVDRom
UEFI: JetFlashTranscend 4GB (3768mb) - Drive if I wanted to boot to USB

Have you ever purchased an SSD or HHD drive that contained as many GB's as it said, when you purchased the respective Drives. I hate that; it bugs me; I would rather they identified with SMALL, MEDIUM, AND LARGE. hah!

I verified the USB copy was successful. still, I have probably done something wrong.

My System SpecsSystem Spec
05 Mar 2015   #26
cottonball

Windows 7 Home Premium
 
 

Shabakthanai,

The troubled computer may not be set to boot from CD.

Another issue, the CD that you have, did it come with the computer?
Is it a Windows 7 recovery/restore CD provided by the computer's manufacturer, instead of a W7 installation CD?


A simple question that may allow us to help you boot from the Windows 7 installation CD/DVD (if that is what you really have).
What is the brand name of the troubled computer? Dell, Compaq, Asus, Toshiba...other?
Also, please provide its model number. Like T135-S123 (fake example).
By providing this, maybe we can do some checking, and figure out where you are getting hung up.

Also, was Windows 7 installed after Ubuntu? Was Windows 7 the last OS installed?


On a different note, there is something you and I have in common, we are both in the 70s club!
Yes, there are health issues, memory issues, pain in the rear issues, however, we press on. Being engaged in activity requiring your brain to think and solve issues will give the big 'A' (Alzheimer's) a hard time finding us.

If I can do this kind of stuff, you can also. Keep in your mind: Yes I can, yes I can, yes I can!!!

Just take one step at a time, there is no rush.


.
My System SpecsSystem Spec
05 Mar 2015   #27
cottonball

Windows 7 Home Premium
 
 

@Geek2go,

Quote:
The alternative is to get your windows recovery dvd onto a thumb drive to boot from there
If it is a recovery CD (provided by the manufacturer), it will not work.

If that is the case, we would go the route of using a Windows 7 System Repair Disc, but, instead of creating a CD, would create a bootable System Repair USB pen drive.

The bootable System Repair USB pen drive will take us to the System Recovery Options, and from there we select the Command Prompt. That is all we need.
My System SpecsSystem Spec
05 Mar 2015   #28
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

Shabakthanai
Their are many on this forum that are not spring chickens; me being one of them.

Just keep hanging in there and do the best you can at your own pace.
Don't worry about the members helping you and the time spent.
The good members helping you like helping other members. That is what they do.

Some times my 3 brain cells do get confused also.
My System SpecsSystem Spec
06 Mar 2015   #29
Shabakthanai

Windows 7 Professional 64bit
 
 
Repair a virus on Windows 7

Dear friend,

What I have is a registered Windows 7 installation disk. I probably could find a copy of the receipt for purchase, if you want to see an attached copy. What you recommended in the email you sent was the exact thing I did prior to my reply and your new instruction. I did everything again, before this reply, with one addition. You suggested that I put the installation disk in the second drive as a last resort.

When I attempted that, the drive would not open. I tried everything I know to correct that situation and do not believe it had anything to do with the virus, because I was and currently am in the other Operating System right now, not Windows 7 Pro. The other DVD drive must be damaged.

I have a disk that I made at some prior time entitled Windows 7 repair disk. I am not sure I made it from my current Windows 7 desktop; in the past I had an Asus laptop that had Windows 7 on it too. I gave that laptop to a neighbor, who did not have a computer.

I have never used the repair disk nor needed to until now, so I don't know which computer it was made from. I thought I also made a "recovery" disk, but if so, I cannot find it. Would the repair disk work? If it happens to be made from the laptop I gave to my neighbor, will it still work on my current copy of the Windows 7 Operating System.

In my other system, we are not required to register anything when we install an operating system, so I am unfamiliar with how an OS protects its ownership. So if the 'repair disk' was made from the laptop I gave away, would it work on my current desktop? I hope I was able to make myself understood.

I would like to reiterate, when I tried to open my Windows 7 Pro DVD from the ROM, it flashed a menu of items I could not read, because it happened too fast, but after flashing that menu it then opened in my Kubuntu OS.

I sounds to me like whoever made the virus anticipated this step in an attempt to recover and placed another bug in there. I know absolutely nothing about these things, due to lack of experience. It is something that has never happened in my other OS, and I have never heard anyone else talk of such a thing.

If this is a part of the offenders virus, is there a way to work around the situation? Thanks for your continued patience and understanding. When I think about it, I have used my Windows 7 Pro OS only for emergency backup and entertainment, ie. Netflix, so I suppose I could reinstall Windows 7 to solve the problem. The only reason, I didn't reinstall is because I do not understand all the security steps that may be involved, and as a result opted for repair, thinking it would be easier. I yield to your experience on that decision. Additionally, I don't like to take the easy route usually, because I can't learn anything from that.

The email that you sent with instructions for the above process I copied to a document. When I attempted your recommendations, I was very careful to follow the steps, and had the copy to confirm each step. I then did the whole process again with the same result. I am pretty sure I did as you suggested accurately. As a result, I believe we should look at my result as we would if we were sure I did things correctly in the first place. It may make the cause of the problem easier to see. Thanks again, my friend .



Quote   Quote: Originally Posted by cottonball View Post
@Geek2go,

Quote:
The alternative is to get your windows recovery dvd onto a thumb drive to boot from there
If it is a recovery CD (provided by the manufacturer), it will not work.

If that is the case, we would go the route of using a Windows 7 System Repair Disc, but, instead of creating a CD, would create a bootable System Repair USB pen drive.

The bootable System Repair USB pen drive will take us to the System Recovery Options, and from there we select the Command Prompt. That is all we need.
My System SpecsSystem Spec
06 Mar 2015   #30
Geek2go

Windows 7 Home Premium 64-bit SP1
 
 

Shabakthanai,

You are doing fantastic for a 70+ user!! Your thought process is on point and we are here to help you. You do not have to feel any obligation to thank us or apologize all the time as it's something we enjoy doing. I personally enjoy helping people solve their problems and as you can see so does Cottonball and Bear!! We will help you though this issue as best we can.

So it seems that the other DVD drive is damaged and you can at least know now that it's not a drive to use for the future. In which case, we are at a junction that needs to be identified.

1. Is your DVD a Windows Repair disc, a Recovery Disc, or an Installation Disc?

Since you say it's a Windows 7 installation disc, it can also be doubled as a repair disc. There is no need to see any receipts as we are here to help you and trying to identify the disc without images is not easy. (You are still doing great in your details).
I tend not to be specific in my use of the terminology but as Cottonball kindly pointed out, a recovery disc from a manufacturer not for your computer would not work.
A Windows 7 repair disc should work from any machine (if I recall correctly, Cottonball will correct me if I'm wrong as I too am constantly learning new things) so that should not be an issue. Even if it was an issue, you would get an error message stating that and we are not there yet. I don't believe there are any licensing issues using a windows repair disc made from another computer because your copy on your HDD (the infected windows) is a legit copy so I would not worry too much about licensing. If needed, we would make you aware of this ASAP as Cottonball, Bear and I would not offer you any advise that might compromise you (I would hope )
A Windows 7 installation disc would work too.

2. If you do have *any* of the discs above, regardless of their content, they should all allow you to boot into them. The repair and installation disc should have a "Press any key to boot from disc...." text. A recovery disc is vendor specific, but it too would have some form of indication that it's booting.

So here is where we are, either a) your dvd drive is damaged some how and won't allow booting (very unlikely scenario since it works in Linux), b) your disc is damaged and won't allow booting (also very unlikely as it would need a specific damage at specific locations), or c) you cannot get to the boot manager to insure that you are booting from your dvd drive.

The reason I say that (c) is likely is because you get into GRUB (it is the operating system boot loader) and GRUB quickly moves you into Kubuntu. Good news is we can still help you, this is just a simple hurdle to over come. Using text it will tend to get longer and verbose so bear with all of us who are trying to help you. Good news is GRUB is also very unlikely to be "bugged" as it's a linux based utility and usually windows viruses do not know how to attack it. I believe any malicious activity by any windows based viruses will ONLY occur once Windows starts loading so anything prior is very unlikely to be hacked or compromised.

So here are some thought:
- Do you know how to get into the BIOS?
- Do you know how to get into the boot manager?

If the answer is no to both questions, please let us know what brand your computer is. (i'm only bolding for effect)

Also, reinstalling windows would not work well as once you reinstall windows, you overwrite the boot sector and this will remove GRUB and Linux from your selection of OS (it would boot as if it was a Windows only machine). You would then introduce another problem of reinstalling GRUB which may not be allowed in these forums (I'm not sure).

The easiest method is the one you are doing which is trying to repair it from a windows 7 installation/repair disc. This allows you to boot a windows 7 system that is clean and not from your HDD. It then allows you to run windows 7 utils to scan and remove any malware. Our only hurdle right now is getting your disc to boot.

Have patience in this task and believe that you can solve it. I promise you everyone in this forum from simple users to geeks to gurus all had to overcome this hurdle. We will work with you to solve it so keep smiling and let us know if you can get into the BIOS or what the brand name of your computer is.

regards,
Geek2go

Quote   Quote: Originally Posted by Shabakthanai View Post
Dear friend,

What I have is a registered Windows 7 installation disk. I probably could find a copy of the receipt for purchase, if you want to see an attached copy.

When I attempted that, the drive would not open. I tried everything I know to correct that situation and do not believe it had anything to do with the virus, because I was and currently am in the other Operating System right now, not Windows 7 Pro. The other DVD drive must be damaged.

I have a disk that I made at some prior time entitled Windows 7 repair disk. I am not sure I made it from my current Windows 7 desktop; in the past I had an Asus laptop that had Windows 7 on it too.
I have never used the repair disk nor needed to until now, so I don't know which computer it was made from. I thought I also made a "recovery" disk, but if so, I cannot find it. Would the repair disk work? If it happens to be made from the laptop I gave to my neighbor, will it still work on my current copy of the Windows 7 Operating System.

In my other system, we are not required to register anything when we install an operating system, so I am unfamiliar with how an OS protects its ownership. So if the 'repair disk' was made from the laptop I gave away, would it work on my current desktop? I hope I was able to make myself understood.

I would like to reiterate, when I tried to open my Windows 7 Pro DVD from the ROM, it flashed a menu of items I could not read, because it happened too fast, but after flashing that menu it then opened in my Kubuntu OS.

I sounds to me like whoever made the virus anticipated this step in an attempt to recover and placed another bug in there. I know absolutely nothing about these things, due to lack of experience. It is something that has never happened in my other OS, and I have never heard anyone else talk of such a thing.

If this is a part of the offenders virus, is there a way to work around the situation? Thanks for your continued patience and understanding. When I think about it, I have used my Windows 7 Pro OS only for emergency backup and entertainment, ie. Netflix, so I suppose I could reinstall Windows 7 to solve the problem. The only reason, I didn't reinstall is because I do not understand all the security steps that may be involved, and as a result opted for repair, thinking it would be easier. I yield to your experience on that decision. Additionally, I don't like to take the easy route usually, because I can't learn anything from that.

The email that you sent with instructions for the above process I copied to a document. When I attempted your recommendations, I was very careful to follow the steps, and had the copy to confirm each step. I then did the whole process again with the same result. I am pretty sure I did as you suggested accurately. As a result, I believe we should look at my result as we would if we were sure I did things correctly in the first place. It may make the cause of the problem easier to see. Thanks again, my friend .



Quote   Quote: Originally Posted by cottonball View Post
@Geek2go,

Quote:
The alternative is to get your windows recovery dvd onto a thumb drive to boot from there
If it is a recovery CD (provided by the manufacturer), it will not work.

If that is the case, we would go the route of using a Windows 7 System Repair Disc, but, instead of creating a CD, would create a bootable System Repair USB pen drive.

The bootable System Repair USB pen drive will take us to the System Recovery Options, and from there we select the Command Prompt. That is all we need.
My System SpecsSystem Spec
Reply

 lacking experience I have a tenatious virus and need help to remove it




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
How do I remove this virus/malware url?
I tried programs and features and search, but came up empty. It constantly shows up in Firefox and Chrome ...
System Security
Help me remove virus/infection
Hi Friends, I need some help removing the malware/virus please. I have tried MB but it stuck on Heuristic Analysis for a long time, I am unable to uninstall any programs, right click doesn't respond, I have been using AVG2014 for AV. Thanks in advance.
System Security
Trovi Virus - help to remove please
I don't know where I picked this up but it's attached to my Chrome. I followed some directions for regedit to try to get rid of it. It's still here. Please help.
System Security
Can't remove a virus (or a PUP?) from my computer
Hello :D I somehow got 2 programs that cannot be removed. When I uninstall them, they just keep reappearing at boot. I don't know if that's a virus or a PUP, but it's really annoying. The 2 programs are "FixMyRegistry" and "SpeedUpMyComputer" by "SmartTweak" ( Who are the *******s behind...
System Security
Help Remove Virus
i had windows 7 installed than i installed XP...n i inserted a usb while using XP...the usb contained the "New Folder.exe" virus...n infected my windows....it also infected Windows 7....i formated both drives...now i only have windows 7 installed ... but the effects of the virus are still there......
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 17:12.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App