A friends computer

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Ganthas, Apr 2, 2008.

  1. Ganthas

    Ganthas Private E-2

    My roommate asked me to take a look at her computer. She mentioned she was having problems with windows live messenger. I have noticed that I could not update windows as well, nor reinstall windows live at all.

    I started your windows XP cleaning procedure shortly after. However it would seem that the scans turned up a lot of infections. So I tested again the following evening and found the same infections.

    I just created a restore point, and here are the logs you requested.

    Thank you for your assistance.

    Err... Attachment Upload Error?
     
    Last edited: Apr 2, 2008
    Ganthas, Apr 2, 2008
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    TimW, Apr 2, 2008
    #2
  3. Ganthas

    Ganthas Private E-2

    Thanks for that. However, I was following that at the time. To upload the files I had to transfer the files to my own computer...
     

    Attached Files:

    Ganthas, Apr 2, 2008
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Ok....here is what you need to do:

    Please use add/remove programs to uninstall:
    Bat
    Java(TM) 6 Update 2
    Java(TM) 6 Update 3

    Please disable all anti-virus (I am not seeing any anti-virus program on this computer!!) and anti-spyware programs while we do the following (re-enable when you are finished):

    Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    After clicking Fix, exit HJT.

    Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Now download The Avenger by Swandog469, and save it to your Desktop.

    * Extract avenger.exe from the Zip file and save it to your desktop
    * Run avenger.exe by double-clicking on it.
    * Do not change any check box options!!
    * Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

    * Now click the Execute button.
    * Click Yes to the prompt to confirm you want to execute.
    * Click Yes to the Reboot now? question that will appear when Avenger finishes running.
    * Your PC should reboot, if not, reboot it yourself.
    * A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

    Now install:
    Java Runtime 6

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this and also attach the log from Avenger.

    Be sure to tell us how things are running.
     
    TimW, Apr 3, 2008
    #4
  5. Ganthas

    Ganthas Private E-2

    Finished your procedure. Attached are the requested logs.

    AVG was installed when I started, I ran into problems running it however when I started. I tried to remove it, via Add/Remove Programs. Thats when the computer told me that it didn't exist.

    I have also shared these problems on this computer with another person who lives with me. He may have removed some of these problems.

    I am going to try to re-install AVG shortly after posting this. As well as windows live.
     

    Attached Files:

    Ganthas, Apr 3, 2008
    #5
  6. Ganthas

    Ganthas Private E-2

    Fixed her updating problems as well, her time was off. I think everything should be fine now if the logs don't show anything.

    Thank you for your assistance on this.
     
    Ganthas, Apr 4, 2008
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Just one more thing.....and a question.

    Did you set this policy:
    If not we need to fix them.

    Also, your logs are reporting the date as xx/xx/2080 ---?

    Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    After clicking Fix, exit HJT.

    Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    * Run avenger.exe by double-clicking on it.
    * Do not change any check box options!!
    * Copy everything in the Quote box below, and paste it into the Input script here: part of the window:


    * Now click the Execute button.
    * Click Yes to the prompt to confirm you want to execute.
    * Click Yes to the Reboot now? question that will appear when Avenger finishes running.
    * Your PC should reboot, if not, reboot it yourself.
    * A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

    Tell me how things are running.
     
    TimW, Apr 4, 2008
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds