Need Help with Trojan infestation

My hubs computer was so buggered up, he was ready to chuck it. I ran the "Run first" process and the first part of the follow up if you still have problems and I do, have the Powelicks Trojan that I read from Tim W, it needs a custom instruction to get rid of it. I am going to attach my logs, but note that I have 3 mb logs because things were so bad, it was the only way I could do the first running, get the two partials. The second log is too large so I need to know how to split it or will zipping it work? The third is the post process running. I don't think I have all of the scan logs, so will follow up with an additional reply with the rest.

Hope you can help me out. This Powelicks is nasty. At least I have the MB to block it's access to the web. Oops, need to restart that after I stopped it to run a previous scan...



Thanks from my hubs and I for your help!

Laura

 

I had forgotten to run MGTools. Let me know if I didn't run it correctly. Here is that log and the second MB log split into M1 and M2.

Recap on the MB logs: Original running of MB is in 3 files: MBScan.txt, M1.txt and M2.txt. The MBPost.txt was run before MGTools. This computer is so buggered up, I lost track of where I was at, sorry. If I need to rerun or go back through the sequence, let me know. I will do what it takes to get this thing going again. Seriously, it took an entire hour just to get to the MB logs this morning it was so bad and one of the found infestations changed it's status from Quarantine to ignore and I clicked on Next before I realized it. Massive headache.

Thanks again.

Laura

 

Kestral13!

Thank you but I'm still popping up the malicious website blocked boxes from that
Trojan. Since we only scanned, that makes perfect sense, duh on my part.

I'm attaching the 2 logs and Thank you for such a quick reply!

Off to rerun MG Tools next.

Laura

 

chaslang,

My upload of the MGlog keeps failing...I don't know what to do next. I reran it, I waiting until is said it was done and just above, the MGLog was written and placed on both desktop and in C: drive. Do I need to wait on Kestral13!'s instructions before running it again?

Thanks!

Laura

 

Kestrel13!,

Here is the correct MB Log and I'm sending the non-corrected report from RogueKiller because this scan results look different and I'm having trouble locating the files you said to delete from the registry tab. I have to leave for about an hour and I thought if you had time to review these and let me know if they are what you need and possibly help me decipher what I'm showing on RogueKiller and what you are telling me to delete are the correct entries.

Thanks for your help!

Laura

 

Hi Kestrel13!,

I'm attaching the Fixlog.txt after running the FRST.exe with Fixlist.txt. Unfortunately, MGlogs.zip keeps erring out. I'm going to run the FRST in the mean time and get that log for you. Let me know what I might do to get that MGLogs file to you.

Laura

 

Kestrel13!,

I'm attaching the follow up logs from FRST. I will try again to include the MGLogs just because I like beating my head against hard objects. LMAO! Oh and yes, the upload failed again.

Now, the pop ups are gone and an old software is suddenly popping up now like it should and may be the reason for the MGtools file failing to upload is our antivius came back on. I've disabled it and will try to again upload the MGtools. If it isnt attached, then I've run out of things to try. And Yes, It did give me another upload error.

Laura

 

Ran MGTools in safemode with networking so I could stay in that mode to try to send the file. I see now why it wont upload, it's size is over 2 MB. What do you want me to do to have it so you can get it? Is there somewhere else I can place it for you to go pick?

Thanks!

Laura

 

After last MGTools was completed and I rebooted, this is how it comes up, see attached file.

 

I didn't see that she had said that or I wouldn't have continued on. Sorry about that and I have to say, "Well Crap!" On the reformatting. I can do it but I hate what it takes to reload everything.

Thanks again for your help.

Laura:cry

 

Kestrel13! and chaslang,

We have backups prior to infestation of anything we want. My problem is, my dear hubs has no clue about software and computer workings and he cleaned up the room that computer is in and all of my manufacturer's disks and software were all together in a marked manilla envelope and he was told that we need to keep it...I cannot find it anywhere and he knows nothing about where it could be. Translation: he threw them away.

The restore software on it is messed up and I can't get it to make a boot CD, nor will it actually go into the guided recovery software. I tried using the DOS command structure, but either the entire recovery partition is also corrupt or I'm too rusty on my DOS commands to execute it properly. I don't think there's anything wrong with the command: format C: or did I miss some qualifiers? DOS was a loooong time ago, lol. Since the help command won't give me anything either...I'm done unless you guys know of an alternative way to get the thing reformatted and recovered?

With the age of that computer and the entire situation, I'm going to wash my hands of it unless someone can easily give me some direction on how to proceed. I've already told him that I've done what I can and he can either take it and pay to have it recovered or buy a new one. Since he hates parting with money in any amount, my passive-aggressive method of teaching him to not mess with my disks might work for the next time.

I appreciate all of your time and effort and I'm sure you understand my frustration. It's hard to accomplish a task with a hand tied behind your back and no tools. I hope you both have a great weekend. I'm going to stop my rant before my blood pressure decides to shoot up.

You are all an incredible blessing and my thanks again!

Laura

 

chaslang,

You have pretty much confirmed what I thought after what I was seeing when trying to use the recovery console. Hubs says we got a lot out of that computer and when you consider that is the original OS, you know we've had it for a long time! Since we were just using it to do searches and interface with our Modem and wireless, a replacement doesn't need to be much more than a basic machine. It's nothing like paying $2k for an original Windows computer back in the 80's!

Thanks for the confirmation that without the disks, it's a total loss. I'm actually laughing because this isn't the first time his sorting methods for the trash can have burned us. I did make sure he wasn't using it for any banking or purchases, lol.

Take care and thanks again!

Laura