After seriously having tried all the options above...
Actually, we did not
engage in any options to recover your system. Was just checking to see if you could get to the Command Prompt
, and then use a program to get the system back up and running.
On the malware issue...
Please run the following diagnostics to see what is currently going on with the system:Step 1
from one of these locations:Link 1Link 2
Save to the Desktop
Make sure you temporarily disable your AntiVirus, Firewall, and any other AntiSpyware applications. They may interfere with the programs we are about to run.
If you wish to look at information on how to disable these programs, please refer to the information available through this link
Windows 7: Right-click DDS
and select 'Run as Administrator'
When done, DDS
opens two logs:
-DDS.txt (Opens on the Desktop)
-Attach.txt (Minimized on the TaskBar)
Save the reports to your Desktop, and post both reports
(do not attach) in your reply.Step 2
Also download aswMBR
Save it to the Desktop.
Windows 7: Right-click the file and select 'Run as Administrator'
When promped with: This Application can use the Avast! Free AntiVirus for scanning...etc.
The last line of the run in progress will provide the status of the Avast! scan.
It will say: Downloading Avast! virus definitiond database, etc.
When the Avast! scan is done, the last line changes to: Avast Engine definitions #####
At this point, click the Scan
button on the lower left of the aswMBR screen.
The last line will now say "Scanning" while in progress.
Upon completion of the scan, click >Save log< and save it to the Desktop.
Note: Please do NOT attempt to fix anything
Exit the program, and post the new aswMBR log
in your reply.
Note that a file named MBR.dat
is also created on the Desktop.
Please submit MBR.dat
for analysis to VirusTotal
When you get to the website, use the Browse
button to navigate to the location of MBR.dat
Click on the file, then, click the Open
The file is now displayed in the Submit Box
Scroll down and click Send File
, and wait for the results.
If you get a message saying: 'File has already been analyzed', click: 'Reanalyze file now'
Once scanned, and you see the full results page on your screen, go up to the address bar at the top of the browser, and copy the http:\\etc. address there.
Then, provide the http:\\ address to the results page
in your reply.