Obvious Malware problem but all scans return clean

Windows 7 Desktop unit;  

Many error boxes claiming bad image for .exe file.  Cite many different .dll s as being corrupt or not for use in Win 7.

I have run AVG and Malwarebytes repeatedly.  First run of Malwarebytes returned list of about 20 folders, 12 registry keys.  folders were Perion and IBUpdater which are all now quarntined.  all subsequent runs of Malwarebytes are clean.  all scans of AVG are clean.

have run Malwarebytes root kit [beta] tool and it came back clean.

have run Wise registry cleaner and scans are clean.
tried to uninstall Chrome;  system ignores request.
tried to open system properties;  quick flash error window that i cannot read and then ignored.

Nevertheless i still have all these issues that feel like malware.  

I will rebuild machine if i cannot find a reasonable fix.

booted to safe mode and did *not* have any of these issues.
Any thoughts???
jim morgensternAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
jim morgensternConnect With a Mentor Author Commented:
gave up after a week.  reinstalled windows.  all good.
0
 
Tim PhillipsCommented:
I'd try two things: running combofix and fixing file associations with .exe if they are screwed up.

Set the file association for .exe to Windows Explorer (explorer.exe in the Windows directory)
0
 
Gabriel CliftonCommented:
What you could be seeing are the residual effects of the viruses, IE rewrote how exe files are executed. After combofix and / or tdskiller, I would try a sfc /scannow or a repair install of windows. Also, make sure browser extensions for the viruses are removed also.
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
jim morgensternAuthor Commented:
i did run combofix.  looking at the directions for running it, it seems to have terminated after backing up registry and when it should have asked about Windows recovery console.  but recovery console is an old XP thing and does not seem to have made it to Win 7? so what was it supposed to do at that point ?
0
 
Gabriel CliftonCommented:
Combofix should continue on. Run it in safe mode. you will have better results that way. After a few minutes you will see things close and blue cmd windows running.
0
 
Pramod UbheCommented:
go to start > run msconfig > startup and see if you see anything strange over there
or check in your task manager if some diff. process is running in the background.
0
 
Thomas Zucker-ScharffSystems AnalystCommented:
Also try running Chameleon by MBAM.  Run the svchost file in the Chameleon directory.
0
 
EirmanChief Operations ManagerCommented:
I'd suggest that you get a free 30 trial of hitmanPro, and update it.
Then reboot into safe mode and scan.
0
 
jim morgensternAuthor Commented:
tried running combofix in safe mode.  get message screen:  do not run in compatibility mode" and then exits.  i am guessing that this message is from malware?  i went into IE and turned off compatibility mode and repeated combofix with same error message.  where else does compatibility mode make sense ? [running Win 7 pro].  

will try chameleon and hitman pro after lunch.

thanks guys for the help.
0
 
jim morgensternAuthor Commented:
many generic responses.  tried all the suggestions.  nothing worked.
0
All Courses

From novice to tech pro — start learning today.