Fun stuff of user laptop

Discussion in 'Malware Help (A Specialist Will Reply)' started by LordAnubisofBKLN, Jun 18, 2008.

  1. LordAnubisofBKLN

    LordAnubisofBKLN Private E-2

    I have a client who managed to get his laptop completely infected. He has McAfee Total Protection for Small Business as his anti-virus program and when I try to run a scan, the system shuts down and reboots. Lavasoft AdAware detects bugs but after cleaning, they seem to come back.
    I followed the instructions posted on this forum on how to clean an infected machine, however, I'm hitting roadblocks.
    When I run Super Anti Spyware, it detects some malware (attached is the log of a scan), but when I have the program clean them, the system shuts down and reboots. I tried again in Safe Mode without Networking but got the same result. Spybot detects a few, but just like AdAware, they come back (attached is the Spybot Log). Again, I did this scan in Safe Mode.
    Can I get some help or suggestions going forward? Attached is also the HiJackthis log I ran after the second failed attempt?
    Any help would be appreciated.

    Thanks
     

    Attached Files:

    LordAnubisofBKLN, Jun 18, 2008
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Welcome to Major Geeks!

    Please uninstall HJT as it will be properly installed when you do the following:

    Please follow the instructions in the below link and attach the requested logs when you finish these instructions. You don't have to re-run Super-Antispware again, but please do the others.

    READ & RUN ME FIRST. Malware Removal Guide
     
    TimW, Jun 18, 2008
    #2
  3. LordAnubisofBKLN

    LordAnubisofBKLN Private E-2

    MMMMkay. I've run the other items and it seems to have improved things quite a bit. Thanks a lot.
    I've attached the logs for Malwarebytes, ComboFix and MGTools.

    Thanks again.
     

    Attached Files:

    LordAnubisofBKLN, Jun 19, 2008
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Yup...looking pretty good, let's just do this:

    Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

    Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    After clicking Fix, exit HJT.

    Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Also delete all files in the below folders except ones from the current date (Windows will not let you delete the files from the current day).
    C:\WINDOWS\Temp
    C:\Documents and Settings\%username%\Local Settings\Temp

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file.
     
    TimW, Jun 20, 2008
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds