A really bad thing!!!

Hi Everyone,

Clear understanding okay (hehehe) - this is not my computer. It acutally belongs to a very nice family and I am trying my best to help.

Okay - something bad is happening - else I wouldn't be here.

1) Cannot right click on my computer - no menu pops up as supposed to. DblClick on my computer - nothing happens.
2) Cannot access regedit
3) Despite settings via WinExplorer - when there is a click on a *.txt file, nothing happens
4) Cannot access control panel - no action occurs when attempting add/remove programs, or user settings/passwords
5) As above, cannot access via Start/File/Run.... processes
6) Desktop settings (right click on desktop) cannot be accessed.
7) System time (double click on the clock) cannot be accessed.
8) Cannot access safe mode
9) Cannot uninstall norton (expired)
10) Cannot install AVG correctly
11) Cannot install firewall
12) I have a trillion IE helper bars and want them removed (see add/remove above)


Running the 'do this before you ask...' via the MalWare thread ran into severe problems:
a - no safe mode
b - WinDefender did not work initially
c - Some scans would not work
d - SunJava had problems getting in


I have found (I think) the culprit. A review of the Windows and Windows System32 shows:
1) a dialer.ini and system.ini curiously created at exactly the same time (windows)
2) a inetmodl.exe file (windows/system32)

 

More about a very bad thing..

Logs Attached

 

Re: More about a very bad thing..

REM: this is the second part of the thread 'A really bad thing' in this forum. Please see that one first before telling me 'What the &@*($*#@ are you thinking..' Ta

 

YOu have attached the wrong bitdefender log. That is the scan summary. I need to see the actual log as that will tell me which files are infected with the malware it says it has found.

Are you trying to install AVG AV whilst notron AV is installed? You should not run 2 resident AV scanners at the same time. This is explained in the read and run me. Remove Norton AV first and then install AVG

your HJT log shows that you have components of both installed.

You need to sort this out before we can procede.

 

Hi Matt,

Thanks for the reply - I just remembered I never posted the thanks as I should. After you last - I read the correct log and figured out where the root/boot hijack occured.

I was aware of the AVG/Norton problem - it was because of the hijack I couldn't get either to uninstall.

All's well now - I had to recover the admin password via the UK WWW service, but otherwise not major burden one you told me I was looking at the wrong log. That was a good pointer and it helped.

Ta,

Ric

 

Glad you got it sorted, if you'd like me to check your logs to make sure everythings gone just post them.

 

Well, once I followed on I had a great time cleaning up... really the problem was the inetmodl.exe - always a bear to kill correctly... I appreciate the offer and when they (the computer owners) return, I shall get some new logs for you to review...

Ric