Trojan+ Serious Malware Computer is unusable

Discussion in 'Malware Help (A Specialist Will Reply)' started by Doneil, Dec 25, 2010.

  1. Doneil

    Doneil Private E-2

    Hi my laptop has succumbed to a trojan+malware combo after logging onto my computer literally seconds after everything but the mouse freeze's rendering it useless and when i click on something it states to end the process but that never does anything PLEASE SOMEONE HELP ME :c
     
    Doneil, Dec 25, 2010
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    TimW, Dec 25, 2010
    #2
  3. Doneil

    Doneil Private E-2

    Im unable to run combo fix because AVG wont de-install

    Heres the only log that i was able to get?
     

    Attached Files:

    Doneil, Dec 25, 2010
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You can try uninstalling AVG with this LINK.

    What happened when you tried to run C:\MGTools.exe?

    Did you try renaming any of the scans?

    Are you trying to do this in safe mode?
     
    TimW, Dec 25, 2010
    #4
  5. Doneil

    Doneil Private E-2

    I havent tried renaming any of the scans and im running this all in safemode its the only mode my computer doesnt freeze after logging on

    i will try the link now
     
    Doneil, Dec 25, 2010
    #5
  6. Doneil

    Doneil Private E-2

    I ran combofix at the end while it says preparing log report it says pef.cfxxe has stopped working
     
    Doneil, Dec 25, 2010
    #6
  7. Doneil

    Doneil Private E-2

    Pev.cfxxe my bad
     
    Doneil, Dec 25, 2010
    #7
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Can you run C:\MGTools.exe? We need to be able to get some logs to see what is happening.
     
    TimW, Dec 25, 2010
    #8
  9. Doneil

    Doneil Private E-2

    Yeah here it is i got it
     

    Attached Files:

    Doneil, Dec 25, 2010
    #9
  10. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please put ComboFix directly on your desktop, not here:
    Running from: c:\users\Doneil\Downloads\ComboFix.exe

    Now attach this:
    C:\MGlogs.zip
     
    TimW, Dec 25, 2010
    #10
  11. Doneil

    Doneil Private E-2

    kk here it is
     

    Attached Files:

    Doneil, Dec 25, 2010
    #11
  12. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please go to add/remove programs and uninstall Messenger Plus!!

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:

    * C:\MGlogs.zip
     
    TimW, Dec 25, 2010
    #12
  13. Doneil

    Doneil Private E-2

    Here it is and thanks alot for helping on Christmas, Merry Christmas to you
     

    Attached Files:

    Doneil, Dec 25, 2010
    #13
  14. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I am not seeing much in the way of malware in your logs.

    Let's just do this:

    Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

    Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    After clicking Fix, exit HJT.

    Now copy just the bold text below to notepad (Do not include any space above the word REGEDIT). Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Make sure that you tell me if you receive a success message about adding the above
    to the registry. If you do not get a success message, it definitely did not work.

    Now use windows explorer to find and delete:
    C:\Program Files (x86)\Messenger Plus! Live
    C:\Users\Doneil\Local Settings\TEMP\41530318194006246.tmp
    C:\Users\Doneil\Local Settings\TEMP\4601940824006246.tmp

    Now boot into normal mode and see if you can run SAS and MBAM.

    Tell me what issues you are still having, if any.
     
    TimW, Dec 25, 2010
    #14

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds