Solved

Windows 7 virus problems

Posted on 2013-10-27
7
416 Views
Last Modified: 2013-11-22
One week ago we repaired a one year old Lonovo all in one.  The question to EE last week was the following:

"On a 1 year old Lonovo running win 7 64 bit, on boot ,after login, get "the application was unable to start correctly, 0x00000022. Click OK to close application."  

We ran JRT, ADWcleaner, C Cleaner and Combofix.  None resolved the above stop error.  And it was suggested to do a refresh install of Windows 7.  Which was done, the error was cleared and all updates were installed.  The system cleaned again with all the tools and returned.

The system came back today with the following:  will not open exe files, or jpg files, will not start restore selections, will not go to safe mode.

So far today we have tried to clean with above plus Malwarebytes, and tried to reassociate the exe command and jpg.  The jpg will open after running JRT, but revert back to not working after a reboot.  Have not got the exe files to execute.

Trying to run system restore and it shows the calander of restore points, it will start up the selection process but then stops at "trying to initialize" and will not move past this point.
0
Comment
Question by:DwEckert
7 Comments
 
LVL 9

Expert Comment

by:jsdray
ID: 39604620
Sounds to me like you did everything right and you'll have to do it again.  Your client needs to clear out suspicious emails and/or stay off suspicious web sites.  You could clean it over and over again, but if the client continues to do the same thing, it will continue to get infected.  They may want to scan any attached drives they use too.
Make sure you have a good anti-virus program running so hopefully this won't continue to occur.
0
 
LVL 24

Accepted Solution

by:
aadih earned 200 total points
ID: 39604622
Please scan for rootkits also:

(1) TDSSKiller.

(2) Malwarebytes Antimalware Anti-Rootkit (beta).

(3) Avast Anti-Rootkit.

[Re: System Restore: Run from safe mode with command prompt and type rstrui.exe to restore. "System Restore is Initializing" may last for a long time (about one hour, one time) but it finished eventually.]
0
 
LVL 90

Assisted Solution

by:John Hurst
John Hurst earned 300 total points
ID: 39604658
it was suggested to do a refresh install of Windows 7.  Which was done

You may have a root kit virus which can survive a fresh install of Windows in which the partitions were not all deleted.

Make sure you have recovery DVD's for the system and then delete all partitions on the drive (kill the drive) and do a full Lenovo Recovery.

... Thinkpads_User
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 15

Expert Comment

by:Ess Kay
ID: 39604733
First run superantispyware.
Next,  reinstall Windows.

When you run installation,  make sure to NOT delete the hard drive.
Install to same hard drive,  and you will keep all your files and documents.  The windows directory will be overridden.

Then,  run a program to check if the registry is intact,  because it doesn't get deleted after that type of installation.

Finally,  run HijackThis
0
 
LVL 91

Expert Comment

by:nobus
ID: 39604947
in such a case, it can help to run a scan from a bootable cd :
http://majorgeeks.com/Kaspersky_Rescue_Disk_d6501.html            KASPERSKY   CD      
http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline     OFFLINE DEFENDER

i also run Roguekiller then : http://majorgeeks.com/RogueKiller_d6983.html

what happens with these?  >>  will not open exe files, or jpg files, will not start restore selections, will not go to safe mode.   <<    any errors or messages?
0
 
LVL 87

Expert Comment

by:rindi
ID: 39605148
Apart from what thinkpads has already mentioned, make sure there is a good AV utility installed, and that it's definitions have been updated. I use Panda Cloud Anti-Virus which I've been very happy with (you can use the free version if your customer uses the PC privately).

Some malware can also infect your router, so reset the routers to factory defaults, and maybe also install the newest firmware.

I've occasionally seen similar issues as the one you have described with a bad disk and bad RAM, so run the disk manufacturer's diagnostic on it and also a memtest86+ for the RAM. You'll find both utilities on the UBCD:

http://ultimatebootcd.com
0
 

Author Closing Comment

by:DwEckert
ID: 39610703
Tried several other cleaners and root kit detection and nothing.  After 4 hours, just went for the Lenovo one touch system reinstall .  That seemed to fix it.  Spent the last hour updating fo current.  Thanks all for your help.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now