Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: possible virus, which forum to go to for help

26 Jan 2013   #31

Windows 7 Home Premium


Have read different opinions on removing, or not removing Rootkits.

There are quite a number of forums that deal with Rootkits on a daily basis, successfully!

The option to reformat is always there, but, there seem to be more Users cleaning the computer (with assistance from the forums) than doing a wipe and clean install.

Personally, after loaning my laptop to a neighbor, upon return it had a rootkit. Took action to remove it, and now posting from it. It wasn't easy to get rid of, but, the computer is stable, and no further problems developed.

There are tools available to remove Rootkits that do a great job, and experts agree that more than one should be used to confirm removal.

Bottom line appears to be that it is up to the User on whether to clean the computer, or do a total wipe and clean install.

My System SpecsSystem Spec
26 Jan 2013   #32
Microsoft MVP

Windows 7 Ultimate 32bit SP1

It is most definitely up to the user!

But.... I, personally, will not try to clean up such a compromised computer. I've seen many users come back to the malware help forums after having been declared that their computer was clean of the rootkit.
My System SpecsSystem Spec
26 Jan 2013   #33
Layback Bear

Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64

A person removing a rootkit and having a stable computer is great but not my concern. My concern is a computer that a rootkit has been removed still running very quietly a Botnet and or stealing the new passwords for banking, credit card information and on line accounts and the like. We do all agree the the owner has to make that decision. I'm cautious and a little security paranoid. Many years ago I had a bank account wiped out and still have a little bad taste in my mouth. That was before the banks and credit card companies would help you when such things happened. Their attitude was my money, my account, my problem can we help you with anything else. Thank you for doing business with Give a Shot Bank.
My System SpecsSystem Spec

26 Jan 2013   #34

Windows 7 Home Premium

In the computer world, anything is possible, as we all know!

I have always gone for the fixing of the computer. There are quite a few very reputable forums with advisors that do the same.

Every person brings in a different experience...

If security paranoid and going for a new install, buying a new hard drive would be on my list vs. wiping the disk.
My System SpecsSystem Spec
26 Jan 2013   #35
Layback Bear

Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64

I wipe a new hard drive before using. One never knows what might be on it.
My System SpecsSystem Spec
26 Jan 2013   #36

W7 premium 64
attention CottonBall

Here is the required info. I had the mbar logs last night, but they were from a post scan of the original findings. So I will put all that stuff here, including the latest scan in dos. Thx and I'll rep you.

PS. Firewall is working fine now, I'm thinking. I use "allshare" by samsung to port stuff to my tv, and for some reason I'm having to disable firewall to run this, which i don't think i did in the past. I'll have to look into this. If there is a prob., I'll post back.

Attached Files
File Type: txt mbar-log-2013-01-25 (22-23-07).txt (1.8 KB, 5 views)
File Type: txt mbar-log-2013-01-25 (22-23-22).txt (1.8 KB, 4 views)
File Type: txt mbar-log-2013-01-25 (22-35-34).txt (1.8 KB, 6 views)
File Type: txt FRST.txt (43.0 KB, 12 views)
My System SpecsSystem Spec
26 Jan 2013   #37

Windows 7 Home Premium

Thanks for the info, drmax.

The MBAR logs do not show anything, but, you say those are from post scans, so that makes sense.

The FRST64 results do show some ZeroAccess remnants. Need to take a close look at the entire report.

Going to be out and about today, so, will get back with you later.

Thanks for your patience.
My System SpecsSystem Spec
26 Jan 2013   #38

Windows 7 Home Premium x64 SP1

Glad to see that MBAR worked so well for you. Those Malwarebytes guys are definitely on top of their game!
My System SpecsSystem Spec
26 Jan 2013   #39
Microsoft MVP

Windows 7 Ultimate 32bit SP1

FRST shows quite a mess of infected files and apps
My System SpecsSystem Spec
26 Jan 2013   #40

Windows 7 Home Premium


Although MBAR took care of some of the ZeroAccess, there are still ZA files left in the system. That just stresses the importance of not placing all your trust on one program. Different programs have different definitions they target.

Let's press on...

Please do the following...
Open Notepad (Start > All Programs > Accessories > Notepad)
Copy the entire contents of the code box below to Notepad.
  • In Notepad, go to File > Save as...
  • Save to: the USB flash drive
  • In File name use: fixlist.txt
  • Click: Save
Have FRST.exe and fixlist.txt on the flash drive.

Next, plug the flash drive into the infected computer.

Now, please enter System Recovery Options like you did previously:
  • >>> Restart the computer, etc. > select: Command Prompt
  • Type e:\frst64.exe, and press: Enter
  • Replace the drive letter g with the drive letter of your flash drive, or SD Card!
  • In FRST, this time press the Fix button.
The program saves a Fixlog.txt, on the flash drive.

Click the Command prompt window, type exit, and press: Enter
Back at the System Recovery Options, press: Restart

Let the computer boot normally.

Please copy/paste the Fixlog.txt in your reply.
My System SpecsSystem Spec

 possible virus, which forum to go to for help

Thread Tools

Similar help and support threads
Thread Forum
From BSOD forum to Hardware forum.
Hello, been trying to fix my BSOD issues for a while. Usually occurs when playing League of legends, might work all day long and all fine, but sometimes I get BSOD. I just recently played Dungeons 2 from Steam and Rocket League, and I get BSOD from Dungeons 2 or that the games just close without...
Hardware & Devices
Looking for admin Javajolt this forum or another Win 7 forum
A few years back I was a member of a few different Win 7 forums. One of the forums was administered by javajolt and have lost my link to their site. Does anyone know the name of this forum? Thanks so much!!
Chillout Room
Is there a Forum issues Forum
Most places I've been to have a dedicated subforum for handling issues or questions regarding the forum, moderation and similar. Do we have one such here?
Chillout Room
Virus On Forum, Or...?
Hello, I received a Google-Alert that someone on the Fprum here has answered a Query of mine. As usual, it gives a link on to go directly to it. Using Thunderbird. What opens up is a graphic that says: Wanted Web page required
General Discussion

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 12:30.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App