Extremely Infected Computer

Discussion in 'Malware Help (A Specialist Will Reply)' started by Zyk0rg, Sep 9, 2009.

  1. Zyk0rg

    Zyk0rg Private E-2

    Ok so my computer has been malware free for about six years now.

    I go to take a shower and I come back and my dad opened some email attachment and the computer is seriously messed.

    I cannot open any anti-malware program. I tried renaming the file, which opens them, but then its closes. Once I try to open it again, it says access denied.

    I tried running safemode, it doesn't help.

    programs I've tried:

    Hijack this
    Combofix
    Spybot

    So I can't really post a log file.

    From spybot i was able to identify one of the culprits as Regrun.exe some trojan I believe.

    Oddly the computer's performance hasn't slowed at all.

    Sometimes when I search something online it redirects the website.

    Please help thank you.
     
    Zyk0rg, Sep 9, 2009
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    If something does not run, write down the info to explain to us later but keep on going.

    • Do not assume that because one step does not work that they all will not.
    Now download this Win32kDiag and save to your Desktop.
    • Double-click the Utility to run it and and let it finish.
    • When it states Finished! Press any key to exit, press any key to close the program.
    • It will save a Win32kDiag.txt file to your desktop automatically. Attach this log file to your next message.
    See: HOW TO: Attach Items To Your Post


    Now download SysProt AntiRootkit

    This is a ZIP file so unzip onto your Desktop which should create a SysProt folder on your Desktop.
    • Open the SysProt folder by double clicking it
    • Double click Sysprot.exe to start the program.
    • Click on the Log tab.
    • In the Write to log box, make sure to select and unselect the following items.
      • Process << Selected
      • Kernel Modules << Selected
      • SSDT << Selected
      • Kernel Hooks << Selected
      • IRP Hooks << NOT Selected
      • Ports << NOT Selected
      • Hidden Files << Selected
    • At the bottom of the page
      • Hidden Objects Only << Selected
    • Click on the Create Log button on the bottom right.
    • After a few seconds a new window should appear.
    • Select Scan Root Drive. Click on the Start button.
    • When it is complete a new window will appear to indicate that the scan is finished.
    • The log will be saved automatically in the same folder Sysprot.exe was extracted to. Attach the SysProtLog.txt log file to your next message.

    Note:

    To avoid additional delay in getting a response, it is strongly advised that after completing the above instructions that you also read this sticky:
    Any additional post is a bump which will add more delay. Once you attach the logs, your thread will be in the work queue and as stated our system works the oldest threads FIRST.
     
    chaslang, Sep 13, 2009
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds