Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: New Virus?

26 Apr 2010   #1
Ginmill

windows 7 ultimate 64bit
 
 
New Virus?

Got a message that I was running low on disk space. So I tried to run ccleaner and it looked like it locked up on some strange files at 33%. Tried to look at winderstat and that locked up too. Went back to ccleaner and it stopped at 33% again but looked where it locked up. c:\windows\temp inside there I had over 300,000 files with various sizes. Highlighted them and deleted it was over 200 gb of space they were taking up. The files started off with 7zip_open_ then with a 15 digit number after that. I check to see if I had 7zip installed but I didn't. After a day went by the files never came back. On the second day after removing the files 6 more appeared with the 7zip_open_ with about 15 digits after it. Ive ran malwarebytes, mse, and vipre av none of which found anything. Now I have been getting internet issues ie very slow downloading of youtube videos and complete drop from the internet. Oh also I have ran hijackthis and check a few places and everything is fine there too. Anyone know what else I can do?


My System SpecsSystem Spec
.
27 Apr 2010   #2
JMH

Win 7 Ultimate 64-bit. SP1.
 
 

Quote   Quote: Originally Posted by Ginmill View Post
Got a message that I was running low on disk space. So I tried to run ccleaner and it looked like it locked up on some strange files at 33%. Tried to look at winderstat and that locked up too. Went back to ccleaner and it stopped at 33% again but looked where it locked up. c:\windows\temp inside there I had over 300,000 files with various sizes. Highlighted them and deleted it was over 200 gb of space they were taking up. The files started off with 7zip_open_ then with a 15 digit number after that. I check to see if I had 7zip installed but I didn't. After a day went by the files never came back. On the second day after removing the files 6 more appeared with the 7zip_open_ with about 15 digits after it. Ive ran malwarebytes, mse, and vipre av none of which found anything. Now I have been getting internet issues ie very slow downloading of youtube videos and complete drop from the internet. Oh also I have ran hijackthis and check a few places and everything is fine there too. Anyone know what else I can do?
Ginmill,
You might care to run SUPERAntiSpyware Online Safe Scan to see if it flushes anything out.
SUPERAntiSpyware.com - Online Scanner
My System SpecsSystem Spec
27 Apr 2010   #3
not so gray matter

W7 Ult. x64 | OS X
 
 

That and download another anti-virus just to make sure Vipre isn't missing anything. MSE works well at detection, so does Avast, either should confirm no viruses. G-DATA is the best according to av-comparatives but it costs $.
My System SpecsSystem Spec
.

27 Apr 2010   #4
malexous

Arch Linux 64-bit
 
 

Hitman Pro
My System SpecsSystem Spec
27 Apr 2010   #5
not so gray matter

W7 Ult. x64 | OS X
 
 

Malwarebytes' might work better than HT Pro but it's probably a toss up.
My System SpecsSystem Spec
27 Apr 2010   #6
malexous

Arch Linux 64-bit
 
 

They have already tried Malwarebytes.

Also, a-squared Free has a much better detection rate than Malwarebytes but its process (<1MB RAM) is always running even with the program shut down.
My System SpecsSystem Spec
27 Apr 2010   #7
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Hi, Ginmill.

You may want to start with a temp file cleaner. I suggest that you download ATF Cleaner by Atribune from ATF-Cleaner.exe - www.atribune.org . Save it to your Desktop.

Run ATF Cleaner
  • Double-click ATF-Cleaner.exe to run the program.
  • Click Select All found at the bottom of the list.
  • Click the Empty Selected button.
  • Click Exit on the Main menu to close the program.
  • Shutdown/restart the computer.

Next, I believe an online scan is in order. Instructions follow for both ESET and F-Secure. I suggest one or both.

Please go to Free ESET Online Antivirus Scanner to run an on-line scan from ESET.
  • Note: It is easiest if you use Internet explorer for this scan. (If you use an alternate browser, it will be necessary to download the ESET Smart Installer)
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic and also let me know how things are now.

Please go here and run an on-line scan with the F-Secure scanner .
  • Use IE (Internet Explorer), accept the license terms, and allow the Active-X controls to load.
  • Click Full System Scan and allow the components to download and the scan to complete.2
  • If malware is found during the scan, check Submit samples to F-Secure and Automatic cleaning.
  • When the scan has finished, click the Show Report button and copy and paste the entire report in your next reply.
Please let us know how you make out.
My System SpecsSystem Spec
27 Apr 2010   #8
fseal

Windows 7 x64 Ultimate
 
 

A little spelunking of the files themselves might point to the cause. Someone the other day had some program he got that created something like a single 260 gig log file inthe temp folder.

SO it may not be virus related at all, just some out of control program you have onyour machine on purpose.
If a huge number of files all seem to have the same or very similar names, opening them in a binary editor or using "strings" on the file or even googling the name might point to the culprit.

Using the resource monitor on the task manager/performance tab can also catch programs that are writing to files frequently, though you may have to leve it open for a while watching it closely to catch the event in progress...
My System SpecsSystem Spec
Reply

 New Virus?




Thread Tools




Similar help and support threads
Thread Forum
Possible Memory Leak Virus - Anti-virus detects nothing?
Hello, I am needing some support on what is exactly taking up all the RAM on my brother's PC as after about 8 hours of uptime, 65% of my Physical Memory is being used up with nothing really open. I did some research and found out it was a possible memory leak or virus, so I first tried to run...
Performance & Maintenance
how to fix / clean windows from ramnit virus and virut virus?
my windows infected ramnit virus and virut virus,how to clean them?
System Security
I have a virus and unable to run/download anti-virus software
Hi, This is my first time posting to the forum. I am not that knowledgeable with computers, but can follow basic instructions. My laptop is acting funny--I think I have a virus. However, I am unable to run any anti-malware or anti-virus software. I try to run McAfee and I get an error...
System Security
Want ideas for Virus removal if virus shows up in safemode CMD
Hi, Looking for general ideas on how everyone else handles a strong virus. If the virus is showing up in Windows regular mode, it opens in safemode and opens in safmode with command prompt. Besides the usual such as boot to repair mode and use system restore, dock hard drive to another pc and...
System Security
RPC Virus message in Action Center, though the virus seems to be gone?
So I was managing my Laptop (Compaq Presario CQ57 with Windows Home Premium SP1) after a long time away from it, I left it in the care of a friend of mine, I noticed a few strange things. 1) I couldn't update Windows. 2) I couldn't turn ON my firewall 3) Windows Security Center was missing....
System Security
Want are the best afforable anti-virus for a trojan virus
what anti-virus would be great at getting rid of a trojan virus some of the anti virus i have used told me i had one but could not delete it.
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:39.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App