Malware

Hi

Oh boy do I need help, I have gotten malware on my till computer as one employee managed to surf to page she had not business being on, of what I can gather from her it was AV type window saying that the trial period had ended and to pres to upgrade. As she says she X it out but appereantly it installed.

It hid all my files, and windows keeps freezing up in normal start up. I have run several progs including Malwarebytes but its comming up clean, I have even run Avast in boot scan but it did not finding anything. Rougekiller and hitman also came up empty in their scans.
I have attached the logs as discribed in "start here" guide

I am bit new to using forums to remove malware, please help me I will provide anything asked aslon as I get a bit of guidence

Rgds.
Bobby

 

A little update to this, I tok the HD out and connected to my private computer and ran Avast scan on it, it came up with a win32.gemo virus infesting the pagefile, as well as a web rdirect, I deleted both using Avast.

Also ran Malwarebites just to be sure, but still when I boot in normal mode the computer just freezes. Please help, this is for my shop and a new setup is agonna cost 500$ :/

 

Welcome to MajorGeeks, Bobby

Your logs actually look fine for the most part but I'd like to see the scan of what RogueKiller found and not the DNS fix you attached. Attach RKreport[1].txt and then complete these instructions:

http://img853.imageshack.us/img853/6741/addremovexp.gif From Add/Remove Programs (via Control Panel), please uninstall the below:

• Java(TM) 6 Update 29
• Java(TM) 7 Update 4

__

http://img196.imageshack.us/img196/3557/tdsskiller.gif I want you to read and follow these instructions: TDSSKiller - How to run

__

http://img205.imageshack.us/img205/1894/otl.gif Please download OTL by OldTimer.

• Save it to your desktop.
• Right mouse click on the OTL icon on your desktop and select Run as Administrator
• Check the "Scan All Users" checkbox.
• Check the "Standard Output".
• Change the setting of "Drivers" and "Services" to "All"
• Copy the text in the code box below and paste it into the http://img14.imageshack.us/img14/66/otlcustomfix.png text-field.
  
  Code:

  activex
  netsvcs
  /md5stop
  %windir%\system32\drivers\*.sys /lockedfiles
  

• Now click the http://img171.imageshack.us/img171/2405/runscanotl.png button.
• One report will be created:
  • OTL.txt <-- Will be opened
• Attach OTL.txt to your next message. (How to attach)

 

Hey Thisisu

I am very greatfull for a replay, but sadly before I got see it I kinda broke down and ordered a new disc for it, its the cash till at my store and I needed it up and running, they were gonna charge just as much to send me newly installed one as for me re-installing and having them set up the POS system (300$ it came to)

Oh well, though the positive is that I found this awsome site again thank you for the replay and I am sorry that you wrote all the instructions and I have already ordered a new disc :/

 

No problem, Aterlycan.
Be safe.