Cant re-install Win 7 64

[ZeroZero]

I have a music studio and my PC has become infected with a troublesome virus. I have tried to re move this virus but it keeps changing its name and reappearing. Virus checkers are not removing it sucessfully. For some reason possibly related my virus, the system restore points have all disappeared.
I have decided to reinstall windows.

Because my system is complex and took weeks, even months to stabilise, I dont wish to wipe my programs.

When I try to reinstall Win 7 (Ult 64) I find that I have two options a complete wipe (not desired) or a reinstall. However when I choose the reinstall options the system tells me that my current version is younger than the reinstall disk and aborts.

My IE is currently not functioning on this machine.

Can anyone advise please

 

[seavixen32]

Welcome to Windows Seven Forums.

Have you tried a Repair Install, as explained in this tutorial?

http://www.sevenforums.com/tutorials/3413-repair-install.html

Once we get your system up and running, you really should consider a complete system image backup, which you can restore from if need be.

 

[karlsnooks]

I have a music studio and my PC has become infected with a troublesome virus. I have tried to re move this virus but it keeps changing its name and reappearing. Virus checkers are not removing it sucessfully. For some reason possibly related my virus, the system restore points have all disappeared.
I have decided to reinstall windows.

Because my system is complex and took weeks, even months to stabilise, I dont wish to wipe my programs.

When I try to reinstall Win 7 (Ult 64) I find that I have two options a complete wipe (not desired) or a reinstall. However when I choose the reinstall options the system tells me that my current version is younger than the reinstall disk and aborts.

My IE is currently not functioning on this machine.

Can anyone advise please

Welcome to SevenForums.


Hold off on that reinstall.

That reinstall may not be needed.

In either case, to get rid of your nasty malware AND
a reinstall will NOT get rid of it
THEN
click on the WDO link in my signature.
Download WDO
There will be instructions there

WDO is WINDOWS DEFENDER OFFLINE which is NOT Windows Defender.
Very poor naming by Microsoft.

Here's the procedure I use with WDO:
HOW TO USE WINDOWS DEFENDER OFFLINE ON A USB STICK
Windows Defender Offline
· is a free standalone, bootable malware and virus remover from Microsoft.
· performs an offline scan of an infected PC to remove viruses, rootkits and other advanced malware.

Download Windows Defender Offline (about 764 kB)

You will have the choice of downloading the 32bit version (x86) or the 64 bit version (x64).
The link will help you determine whether you are running a 32 bit version or 64 bit version of Windows

NOTE!! You can download and prepare a 32 bit version using a 64 bit version of Windows
NOTE!! You can download and prepare a 64 bit version using a 32bit version of Windows.

You run the 32 bit version on a 32 bit version of Windows.
You run the 64 bit version on a 64 bit version of Windows.

The 32 bit download file name is: mssstool32.exe
The 64 bit download file name is: mssstool64.exe

For the curious, this program was originally name Microsoft Standalone System Sweeper.


INSTALLATION:
You will need an Internet Connection.
Insert 512 mB (Microsoft’s 256 mB is no longer accurate) or larger USB stick into a usb port.
Run the downloaded program--mssstool64.exe or mssstool32.exe
NEXT button
Choose the option On a USB flash drive that is not password protected
NEXT button
NEXT button
.
The install program will format the usb stick using the NTFS format.
The install program will download about 210 mB.
The install program will name the USB stick WDO_Media32 or WDO_Media64
The WDO_Media32 usb stick will have used space of 255 mB (268,140,544 bytes)
The WDO_Media64 usb stick will have used space of 282 mB (296,165,376 bytes)
You can expect the number of mB to increase as more malware appears.

UPDATE Windows Defender Offline USB stick:
· reinsert the usb stick
· run the installation program, mssstool64.exe or mssstool32.exe, again.
· the update will download about 66 mB (mssstool32.exe) and 68 mB (mssstool64.exe).

Since the malware database is sometimes updated several times in a day, always update before running.

PERFORM AN OFFLINE SCAN
Bootup your computer from the USB stick
Windows Defender Offline will automatically perform a quick scan.
After the quick scan finishes, Choose Full Scan
Select all of your drives

The initial, full scan can easily take several hours, but
Remember, your computer is being very thoroughly checked for all types of malware.


RESULTS OF THE SCAN
The results will be in 4 log files in:
\Windows\Microsoft Antimalware\Support
Upload the four log files please.
=========================================

 

[edwar]

Simple fact is if you do NOT completely wipe out your system drive you may never get rid of the virus you have.
You can go head with all the suggestions given in this thread but more then likely they will not fully get rid of whatever you have on that system.

In any event you will need to reinstall your software. As to the system not stabilizing for weeks then there is something wrong with your system to start with. Software either works or it doesn't. There is NO stabilization period for software. It is what it is. The code is the same the day you install it or 1 week to 10 years later, that never changes.
I would look at a hardware problem as the cause of your current problems and the weeks it took to stabilize.

 

[karlsnooks]

Edwar,

Not true at all.

By following the advice I've given, then there will be ZERO need to wipe the disk.

 

[ZeroZero]

thanks for your help all, yes I tried the first option suggested in this thread, as I say because my version of win 7 is the latest, the disk version wont install over it.
I will try the virus checker as suggested, AVG free, my usual flags up I have the virus, deletes the file and then it returns. The virus masquerades as a .sys file

 

[karlsnooks]

Very, very doubtful that a simple virus checker is going to fix your problem.

Use Windows Defender Offline as I recommended.

You need industrial grade anti-malware AFTER running Windows Defender Offline. I recommend Microsoft Security Essentials, MSE with link in my signature.

Understanding Microsoft Anti-Malware Software 2012 ~ Security Garden

I'm awaiting the four log files generated by Windows Defender Offline. That word OFFLINE is extremely important. A normal, online av will not be able to detect some rather evil and clever malware.

 

[ZeroZero]

Thank you for your help everyone. More by luck than judgement I found a nasty file in the startup folder. Deleting this stopped the file recreating. AVG spotted the file again, and also spotted that it downloaded a threat to my 'identity' (using their identity protection.
its now told me that the threat has been removed 2 processes terminated and 3 files deleted also 3 registry keys.

I could not use the usb offline remover as my Asus motherboard does not give the option of booting from a USB.
My IE explorer is now working so I am going to check out Microsoft for an online virus checker.

I think the virus is disabled, but I will run a few more checks. I created a new system restore point. Nasty piece of work this virus

thanks all

 

[ZeroZero]

ps the name of the file was dcibkmfs.sys at least in first incarnation

 

[karlsnooks]

That is a VERY unusual ASUS board that won't let you boot from USB.

Please complete your System Specs, after which we will be able to advise you as to how to boot from USB.

Update your SevenForums System Specs
User CP (located on the top menu bar) |
Your Profile | Edit System Spec (left-hand column)

To gather info, use Speccy (my favorite) or SIW or System Info

Add the word laptop or desktop or netbook to the
“system manufacturer” block, for example,
Toshiba Satellite L305D notebook.

Provide full windows version info, for example:
MS Windows 7 Ultimate SP1 64-bit

Use the “Other Info” block for Optical Reader,
Mouse, touchpad, wifi adapter, speakers, monitor, etc

Scroll down and click on SAVE CHANGES.
========================================================

 

[gregrocker]

AVG is crappy bloatware which no one here recommends. Boot WDO as suggested by Karl to run a full scan now. Then install Microsoft Security Essentials to run a full scan.

Post up the infection name in our Security forum for expert targeted scans to run.

Test your System Files for damage using SFC -SCANNOW Command.

Establish a clean boot now to kill all startups except MSE: Troubleshooting Steps for Windows 7

If you decide to clean install wipe the HD first using Diskpart Clean Command then Clean Reinstall - Factory OEM Windows 7 - everything you need is in the blue link to get a perfect reinstall. You must reinstall all programs.

 

[ZeroZero]

This problem has got deeper and deeper. Overnight I ran three virus checkers.

AVG which picked up nothing
Windows Security essnetials that picked up numerous trojans around 30!
and malicious software removal which picked up 1

I ran the system scan and all was OK

However I checked my firewall and its disabled 0x8007024 error code comes up when trying to enable.

Clearly some people have been doing some really nasty stuff on my PC.

I have update my spec on the profile



I have downloaded the win defender and its on a usb but I dont know how to boot from it. When I go to Bios it gives me no (apparent to me) option stating USB.



Rather not wipe my PC it runs Cubase and thirty or so plugins some of which take a couple of days to install - orchestras and things. There is a lot of other stuff too like a decades worth of samples measuring a TB or so

Although IE 9 9.0.6 (KB2675157) is now working when I first load it gives a "IE is not working" type message and reloads the (innocent) home page. I have AVG do not track and Ghostery running.

Once again grateful for some quality help here.

Zero

 

[karlsnooks]

ZeroZero,

I'm not much on excuses.

If you want help, then follow the procedure.

If you do not want to follow the procedure, then the call is yours and I will bow out.

Incidentally, I've never seen an ASUS board (and I've used them for many, many years) that would noot give you boot options.

Why don't your just go to the google site and get the manual for your motherboard?

Google is your friend.

Don't use torrent software. Don't visit porn sites. Don't ever click on an icon.

AVG is next to no protection.

Use Microsoft Security Essentials.

Run WDO.

After you have run WDO, and incidentally, you can burn WDO to a DVD and boot from the DVD, then let me know.

 

[gregrocker]

So what have they told you in our Security forum when you posted up the trojan results from MSE scan? They should have given you specific cleaners to use. But an infection serious enough to disable the firewall will likely require a Clean Reinstall.

Computers cannot be handled like a hoarder with a houseful of stacked newspapers. It needs to have a perfect reinstall then be maintained perfectly. If performance slips or it's hit by serious infection then it needs to be wiped and start over. Follow the same steps for Clean Reinstall - Factory OEM Windows 7

The WDO stick must be written by the app correctly, plugged in, then tap the key for one-time BIOS Boot Menu at boot, F8 on Asus mobo's. Look under USB, Removable or HD's.

Why is AVG bloatware still installed? Do you ask for advice to ignore it, or are you here to benefit from experienced help recognized as the very best in the industry?