Scream of a drowning man
I am looking for advice and words of support. I have been using the acclaimed Windows 7 for a relatively long time. In no case do I want to cause holivars, but I like the “seven”. More than XP, and even more so than Vista. I love * nix systems, I love MacOS, but it so happened that the problem arose occurs precisely on Microsoft products.
It began a couple of months ago, and today a reason has been found .
In the “Start” menu (I use the English 32-bit system, the Russian scared me with its translation), icons and correct links to executable files disappeared in the area for fixing shortcuts to quick launch. Unpin and pin to ... didn't help. The same misfortune happened with the taskbar. The Quick Launch folder was empty. All manipulations like “turn off and on” (IT-crowd) also did not produce results. Additionally, I noted for myself that a search in the same “Start” menu stopped working and more often responded with an error window. At that time there was beta. Build, unfortunately, I do not remember, and it doesn’t matter. Some programs stopped starting. Those that still started stopped saving the settings. Google Chrome has stopped going to Google Mail. But you need to work. Demolished everything, put XP. I put Kaspersky on a clean system - silence. All symptoms that day Seen on the "seven" repeated. Virus? Maybe. CureIt and AVZ did not find anything. Moreover, shortcuts from the Quick Launch folder are erased right before your eyes, and not during a reboot (a problem known on the web). Dropped all the info on a portable disk. Formatted fully screw, demolished MBR. I installed Windows 7 RC on the “virgin” computer. It was protected by antiviruses. Two days later, the problems returned. The first time the rollback to Restore Point helped, but not a day passed. All. Again, sitting at the trough. The newly installed software on the machine immediately starts to fail. I installed Windows 7 RC on the “virgin” computer. It was protected by antiviruses. Two days later, the problems returned. The first time the rollback to Restore Point helped, but not a day passed. All. Again, sitting at the trough. The newly installed software on the machine immediately starts to fail. I installed Windows 7 RC on the “virgin” computer. It was protected by antiviruses. Two days later, the problems returned. The first time the rollback to Restore Point helped, but not a day passed. All. Again, sitting at the trough. The newly installed software on the machine immediately starts to fail.
A letter describing the symptoms has been ignored for more than a month by Kaspersky Lab, despite the fact that I have a licensed version of KIS2009.
If it weren’t for specific software and equipment, it would have been sitting under Linux for a long time. And I don’t even know what to do. No one met? Maybe there are ideas?
UPD:
Summary of comments and responses to them:
Well ... Who had doubts about the viral origin of the problem? Wash everything is there.
Here is the Process Monitor log: e580.ru/Logfile.CSV
If briefly svchost looks for shortcuts to antivirus tools in quick clan. Or is it Windows Defender that searches for viruses through svhost? Totally confused ... In any case, 13 svhosthosts probably too much?
I would like to know what the virus is and how to protect myself. What to do?
Using Process Monitor found cattle that stirs up water. The Trojan planted in software. Thank you all for your advice and help.
The killer turned out to be a new version of specialized software necessary for work. Its low prevalence affected the uniqueness and rarity of the described problem.
It began a couple of months ago, and today a reason has been found .
In the “Start” menu (I use the English 32-bit system, the Russian scared me with its translation), icons and correct links to executable files disappeared in the area for fixing shortcuts to quick launch. Unpin and pin to ... didn't help. The same misfortune happened with the taskbar. The Quick Launch folder was empty. All manipulations like “turn off and on” (IT-crowd) also did not produce results. Additionally, I noted for myself that a search in the same “Start” menu stopped working and more often responded with an error window. At that time there was beta. Build, unfortunately, I do not remember, and it doesn’t matter. Some programs stopped starting. Those that still started stopped saving the settings. Google Chrome has stopped going to Google Mail. But you need to work. Demolished everything, put XP. I put Kaspersky on a clean system - silence. All symptoms that day Seen on the "seven" repeated. Virus? Maybe. CureIt and AVZ did not find anything. Moreover, shortcuts from the Quick Launch folder are erased right before your eyes, and not during a reboot (a problem known on the web). Dropped all the info on a portable disk. Formatted fully screw, demolished MBR. I installed Windows 7 RC on the “virgin” computer. It was protected by antiviruses. Two days later, the problems returned. The first time the rollback to Restore Point helped, but not a day passed. All. Again, sitting at the trough. The newly installed software on the machine immediately starts to fail. I installed Windows 7 RC on the “virgin” computer. It was protected by antiviruses. Two days later, the problems returned. The first time the rollback to Restore Point helped, but not a day passed. All. Again, sitting at the trough. The newly installed software on the machine immediately starts to fail. I installed Windows 7 RC on the “virgin” computer. It was protected by antiviruses. Two days later, the problems returned. The first time the rollback to Restore Point helped, but not a day passed. All. Again, sitting at the trough. The newly installed software on the machine immediately starts to fail.
A letter describing the symptoms has been ignored for more than a month by Kaspersky Lab, despite the fact that I have a licensed version of KIS2009.
If it weren’t for specific software and equipment, it would have been sitting under Linux for a long time. And I don’t even know what to do. No one met? Maybe there are ideas?
UPD:
Summary of comments and responses to them:
- I recalled here that one time I cleaned mdm with my hands, which was not seen by Casper. Therefore, there are suspicions of a Trojan downloader.
- The new screw is already lying, it remains to raise the system on it.
- The memory has not been tested yet, but there are plans. And bios cross-check.
- I did not install left software, only trusted free software in a minimal set.
- Network access through NAT. I can’t sit a day without an Internet, - work.
- I tried antiviruses: KIS, Avast, AVZ, CureIt.
- The second day Process Monitor was launched, but the problem does not occur.
- The aforementioned XP was installed from a disk that had been used before for five years. Such problems did not arise before.
Here is the Process Monitor log: e580.ru/Logfile.CSV
If briefly svchost looks for shortcuts to antivirus tools in quick clan. Or is it Windows Defender that searches for viruses through svhost? Totally confused ... In any case, 13 svhosthosts probably too much?
I would like to know what the virus is and how to protect myself. What to do?
Using Process Monitor found cattle that stirs up water. The Trojan planted in software. Thank you all for your advice and help.
The killer turned out to be a new version of specialized software necessary for work. Its low prevalence affected the uniqueness and rarity of the described problem.