malware on my laptop! HELP please

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by roland83, Apr 7, 2011.

  1. roland83

    roland83 Private E-2

    Hi there, I'm a nwe member of this forum and site andam a real naiive novice when it comes to anything related to IT! however am willing to learn how to look after my laptop myself and begrudge being lazy and letting someone else fix my problem.
    Anyway I 2 days ago started having problems with my laptop, it wouldn't let me open any programs on my desktop, firefox wasn't working, my internet wasn't working properly, I coudn't open windows explorer unless i was signed in under my unversity VPN. I found your site and forums and read through a lot of them, trying to find some possible solutions. I followed your advice on running Superanti-spyware and it told me i had 7 Trojan. agent Gen-fake/ alert viruses, and many more threatening things. I am presuming this program deleted the threats, and i proceeded to follow your tips on trying to solve this problem. I have windows vista and followed your instructions downloading and running combo fix, rootrepeal, MGTools etc and have saved the logs, however novice that I am, I have no idea what they mean as of yet and what to do now? I have disabled all my previous AVG antispyware and Ad-aware and firewall as requested, but don't know what to do now t check if things have resolved, or if more needs to done.

    I would really appreciate some help, tips, advice to follow as I have been at this for days now, need my laptop and just want toknow how to sort it, Thanks in advance :)
     

    Attached Files:

  2. roland83

    roland83 Private E-2

    Just thought i'd say I added the first 4 logs like the advice said to do, and here are the rest, hopefully someone can help explain what they mean. I can pick things up very quickly but just need a bit of help, thanks a million :)
     

    Attached Files:

  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    It looks like the scans took care of most of the malware. Let's just do this:

    * Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
    If it is not on your Desktop, the below will not work.
    * Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
    * If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
    * Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):
    Code:
    KILLALL::
    
    File::
    C:\Users\roya\AppData\Local\gp58e7rek0f3tjm315j4224kl0yn45fup1h7n
    C:\ProgramData\gp58e7rek0f3tjm315j4224kl0yn45fup1h7n
    
    
    * Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    * At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    * You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    If it asks you to overide the previous file with the same name, click YES.
    * Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    [​IMG]
    * Follow the prompts.
    * When it finishes, a log will be produced named c:\combofix.txt
    * I will ask for this log below

    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:

    * C:\ComboFix.txt
    * C:\MGlogs.zip

    Make sure you tell me how things are working now!
     
  4. roland83

    roland83 Private E-2

    thanks for getting back to me, I'll try that now. I thought i'd already run combofix though? is this to do it again?
     
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You didn't give me a ComboFix log. You should have downloaded it to your desktop, where you need to follow my instructions to drag the fix on top of the Combo icon. It will produce a new log.
     
  6. roland83

    roland83 Private E-2

    Oh sorry I forgot to add it. Well may have a problem, I copied and pasted and saved the instructions u wrote out below ( it was just the 2 lines right)? Combo fix started ti run updated etc, then rebooted and now laptop is in safe mode? (i think) the screen looks wider and more basic lol excuse my terminology. But now there is a logtxt file open and a pop-up saying this application has failed to start because btwapi.dll was not found and my cursor is frozen and cant do anything?
     
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Try rebooting back into normal mode.

    btwapi.dll has to do with your BlueTooth app.
     
  8. roland83

    roland83 Private E-2

    I had to switch it off directly coz nothing was working laptop was completely frozen, tried running windows normally and it said windows couldn't start normally needed repair, I clicked finish and now it's showing the same sign and my mouse won't move? Oh dear
     
  9. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Do you have your Vista install CD?
     
  10. roland83

    roland83 Private E-2

    I haven't got any of my drivers etc I only have Microsoft office cd, I had a problem a while back with a Trojan and I had to wipe everything and reinstall drivers online etc. My laptop Is frozen now, not sure what to do.
     
  11. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    How did you do this without an install CD?
     
  12. roland83

    roland83 Private E-2

    I can't really remember it was a while back. I told you I was a novice :-( but right now my laptop is dying I think :-(
     
  13. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You need to find a Vista install CD of the same version as what you have installed. Find a friend if you can that you can borrow it from. At worst, you may need to call the manufacturer of your computer and ask for an install CD.

    It sounds as though you were having system issues aside from the little amount of malware on your system.

    Once you get a CD, follow these instructions:

    How To Repair Vista.

    And do you have an option to reinstall from a backup partition, which might be F10 or F12?
     
  14. roland83

    roland83 Private E-2

    I managed to do it online before not sure how though! Just went to the manufacturers website and managed to get the drivers I think after wiping it? Not sure how though I forget. Right now though my laptop is just dead, frozen can't do a thing, it was working ok before I did the combo fix drag thing? Has that done something to it? And what can I do now in the meantime?
     
  15. roland83

    roland83 Private E-2

    I've plugged in a mouse and that works the cursor but my keyboard is frozen, nothing works
     
  16. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Your choices are as I stated them in my last post. Again, do you have an option when you boot up to go into a recovery partition?
     
  17. roland83

    roland83 Private E-2

    No just to go into safe mode
     
  18. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You don't have the option to try Last Known Good Configuration when you try F8? Do you know if you have a backup partition installed? That could be F2, but since I don't know what make your laptop is, it's hard to say which F key would take you there.

    You may need to post in the software forum for additional assistance until you can get it to boot up again.

    Your best bet is to try to borrow a Vista CD.
     
  19. roland83

    roland83 Private E-2

    I have found the recovery discs( my mum had them)!?! So waiting on them now, but wen I try hit F8, or f2 it just gives me option of running in safe mode or normally that's it?
     
  20. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Good to know you found the disc's. Just follow my link on how to repair Vista.
     
  21. roland83

    roland83 Private E-2

    Thanks for the advice. So what do you think happened to the system after the combofix was run? How do I go after installing vista again? Re making sure al the malware has gone from my laptop including the Trojans? Or did the log files show they had been removed? And how do I stay protected maximally after this because my AVG and AD-aware did not pick anything up? Thanks again
     
  22. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    It will depend on what you are able to do to get the system back up and running. If you can do a repair, it doesn't remove any malware. If you end up having to do a complete reinstall, then it will remove everything, including the malware. You need to tell me what route you end up having to take. Same thing if you end up doing a system restore. We would still need to check for malware.

    In the meantime, you can read this:
    How to Protect yourself from malware!
     
  23. roland83

    roland83 Private E-2

    I've got my recovery discs and repairing vista now. Any tips on what I should do now?
     
  24. roland83

    roland83 Private E-2

    I try to do a full system restore but it won't let me using the recovery disc, it keeps popping up with a message box saying error number 89? Really don't know what to do at all, any help would be much appreciated, thanks
     
  25. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I suggest that you post in the software forum so that you can be guided in doing a repair.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds