TarikM

New Member
Joined
Jul 10, 2011
Messages
12
I have what appears to be a spyware/malware issue that I just cant solve on my W7 64-bit machine.

Got a pop-up message from out of nowhere the other day that my HD was going bad...immediately I thought virus. Turned my computer off, did a systemt restore > 1 week ago, and now everything appears fine, save for the fact that clicking on a valid link in IE more often than not brings me to a shopping site, or something similiar - behaviour that is indicative of spyware/malware. Plus, most (but not all) of my desktop icons are dimmed, and my Admin Tools folder is empty. Also, even though my Favs do reside in my Favs folder, they do not appear in my list in IE.

I ran two scans each of:

AVG (full and complete scan utilizing all options available)
CCleaner
SUPER AntiSpyware
Spybot
Malwarebytes
Ad-Aware

I even physically removed the HD, popped it in an enclosure, hooked it up to another computer, and scanned it with NAV.

Though no viruses were found, there were some cookies and related items that were found, and deleted. However, my problem still remains.

I did a sfc /scannow, but got a "Windows Resource Protection did not find any integrity violations."

I am ready to format and start over, but was hoping that someone had an idea that I may have overlooked.

Thank you for any ideas!
 


Solution
Yeah - was able to burn the disc - did it two ways, 1) w/the ISO, and 2) with the contents. I just cant seem to make the disc bootable. Yes, I changed the BIOS' boot order.

Ok, getting somewhere.

My icons were dimmed, and IE wasn't seeing my favs, and my apps weren't seeing the files in the My Docs folder due to the files and folders being tagged with the hidden attr. Took that attr away, and all is well in that part of the world.

However, my Admin Tools folder is empty, and my sharing tab is missing. Any ideas there?

Thanks again!
If you decide to redo your system, you might try a repair install first. It might get rid of the problems without having to start over.

Did the problems with the desktop and files happen originally or after your took some action?

If you are being redirected, perhaps the suggestion by Kaos will help, but you might look in the IE addons and see if you have any Browser Helper Objects that might be working, or some type of tool bar.

If the redirects were done by going to a specific site, I would look at the hosts file in Windows\System32\drivers\etc to see if it had been altered. That file is protected so hopefully nothing can do that, but you might notice something. Open it with notepad and every line should have a # in front of it.
 


Another resource that I have found invaluable when all else fails is
Kaspersky Rescue Disk 10
The product info tab has a link to the ISO download (burn it to a CD and boot with it use the network feature to update to the most current signatures) and additionally a pdf user guide which helps navigating the user interface.
Might be worth a try.
Good luck and welcome to the forums.
Keep us posted
Randy
 


Thanks for the responses guys - appreciate the time.

TDSKiller found nothing.

"If you decide to redo your system, you might try a repair install first."

Yeah - thought of that. I have done that in the past (XP, Vista) and several of my apps did not function properly. So you say, just reinstall those apps. Yes, but if I am going to go that route, i might as well just start all over.

"Did the problems with the desktop and files happen originally or after your took some action?"

No - and I have just discovered that the My Documents folder - same thing. Many icons and folder icons are dimmed, and the files that reside in subdirs there are not accessible by my apps, like they used to be.

Also, the sharing tab is gone from all folders when I r-click.

Only found 2 hosts file in the Sys32 folder. Both have #s in front of all entries.

Kaspersky Rescue Disk 10 - will try that. Cant seem to make a bootable cd, tho - how do I do that?

Thanks again.
 


Kaspersky Rescue Disk 10 - will try that. Cant seem to make a bootable cd, tho - how do I do that?Thanks again.
If you've managed to download kav_rescue_10.iso and you are having trouble burning the ISO (image) to a CD you might want to consider a third party program like
The Official ImgBurn Website
one of my favorites anyway.
Keep us posted.
Randy
 


Yeah - was able to burn the disc - did it two ways, 1) w/the ISO, and 2) with the contents. I just cant seem to make the disc bootable. Yes, I changed the BIOS' boot order.

Ok, getting somewhere.

My icons were dimmed, and IE wasn't seeing my favs, and my apps weren't seeing the files in the My Docs folder due to the files and folders being tagged with the hidden attr. Took that attr away, and all is well in that part of the world.

However, my Admin Tools folder is empty, and my sharing tab is missing. Any ideas there?

Thanks again!
 


Last edited:
Solution
It is funny, but when you mention you had files marked with the hidden attribute, I thought of Link Removed where it seems McAfee was involved. You never mentioned you used it, but I just thought I would check in case. The thread states the folders are missing, but it turns out they were just hidden and needed to use the hidden and possibly system files viewing options.
 


Back
Top