?
Solved

Windows 7 Infected?

Posted on 2014-03-11
11
Medium Priority
?
300 Views
Last Modified: 2014-03-12
Hello,

I'm going to try this for the 3rd time, since my computer seems to love me and have IE crash... :(

Anyways, I have another computer here that a customer brought in stating that it was infected with Advance System Protector.

Here's what the computer is doing.  If you go to anything besides Safe Mode with Command Prompt, nothing opens.  What I mean by that is when you boot into normal mode, I can't even open up 'Computer'.  It tells me The Parameter Is Incorrect.  If you try to run a program, you can't.  You right-click, and not only does it not have the option to Run As Administrator, but it doesn't even have the OPEN function!

Here's things I have tried.

Chkdsk'd the hard drive, no errors.

Ran memtest 86+, no errors.

Uninstalled Avast! with the removal tool.

Ran the command to register all DLL's in C:\Windows.

Scanned with Malwarebytes twice.  Also scanned with SUPERAntiSpyware, TDSSKiller, and AdwCleaner.  Removed some PUP's, but nothing important.

SFC /scannow did not find any integrity violations.

Any suggestions?
0
Comment
Question by:Scott Thompson
  • 4
  • 2
  • 2
  • +3
11 Comments
 
LVL 17

Expert Comment

by:James H
ID: 39921112
0
 
LVL 23

Expert Comment

by:tailoreddigital
ID: 39921119
Sounds like you've spent hours on this.    If it were my situation, i'd format it.
0
 
LVL 19

Accepted Solution

by:
Miguel Angel Perez Muñoz earned 2000 total points
ID: 39921136
You can try using system restore to previous date computer was infected.
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
LVL 20

Expert Comment

by:Peter Hutchison
ID: 39921137
You need to uninstall it using Revo Uninstaller (or CCleaner) from http://www.revouninstaller.com/revo_uninstaller_free_download.html
0
 
LVL 34

Expert Comment

by:Michael-Best
ID: 39921170
Boot into the Advanced Boot Options screen.
Select Repair your computer.
Folow the repair steps.
0
 
LVL 8

Author Comment

by:Scott Thompson
ID: 39921190
Spartan_1337,

I have ran Combofix and it did not find anything important, but I will upload the results form you.

Tailoreddigital,

That is a suggestion that I may have to go with, but I tend to be stubborn if it's not mine.  I want to see if there is a way to fix this first, otherwise, yes, I will backup and reload the system.

Drashiel,

I will give System Restore a try and see what happens.

cmsxpjh,

What do I need to uninstall with Revo Uninstaller?  Oh, and I did forget to mention that I have ran CCleaner on the registry to hope to repair issues, nothing.

I also uploaded a couple other logs of programs I've ran.
ComboFix.txt
Rkill.txt
RKreport-0--S-03082014-123836.txt
0
 
LVL 20

Expert Comment

by:Peter Hutchison
ID: 39921212
The standard Windows uninstaller may not find the program or fails to completely uninstall it.  3rd party ones may have better luck.
0
 
LVL 8

Author Comment

by:Scott Thompson
ID: 39921224
cmsxpjh,

I understand about trouble uninstalling programs, but I don't know what program I'm supposed to be looking for to uninstall... :(
0
 
LVL 8

Author Comment

by:Scott Thompson
ID: 39921297
Drashiel,

I feel stupid!  The system restore worked!  I should have tried that a long time ago, but normally when the machine is this messed up, a system restore only makes it worse.  I'll see if anything else is messed up with it.
0
 
LVL 23

Expert Comment

by:tailoreddigital
ID: 39921334
You're not stupid, it's just that Restore is getting better as time goes on.     I wouldn't have guessed restore would have solve this either.    

Congrats on your quick fix.
0
 
LVL 8

Author Closing Comment

by:Scott Thompson
ID: 39924032
No infections, but system restore solved my issue!
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
This Micro Tutorial will teach you the basics of configuring your computer to improve its speed. It will also teach you how to disable programs that are running in the background simultaneously. This will be demonstrated using Windows 7 operating…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question