havin some issues

Discussion in 'Malware Help (A Specialist Will Reply)' started by thesmokingun, Mar 6, 2009.

  1. thesmokingun

    thesmokingun MajorGeek

    im trying to clean up a friends computer, it's loaded...
    had an issue with winlogon.exe, was giving a bsod. I was able to fix that to get into windows to do the scans. here's the logs
    there are 2 malwarebytes logs, one scan was accidentally cancelled prematurely, but still removed some items, the second scan ran completely and found additional items. I wasn't able to run mgtools. i kept getting a cmd.exe error telling me that it wasn't able to run, choose close/ignore. but it still made logs. Thanks in advance for your help.
     

    Attached Files:

    thesmokingun, Mar 6, 2009
    #1
  2. thesmokingun

    thesmokingun MajorGeek

    combofix and mgtools

    The computer appears to still be infected, there is a folder that opens up during startup, called Common, tho there is nothing in it, i think there used to be.

    I was unable to login to one user account to run Ccleaner, so the programs had to scan alot of cookies, therefore, alot of them were removed during the various scans.
     

    Attached Files:

    thesmokingun, Mar 6, 2009
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The MGlogs.zip file is incomplete. You need to try running C:\MGtools\GetLogs.bat and allow it to finish running. Also check any error messages against those shown on the Using MGtools page and fix the errors as instructed.


    Attach the new log when you finish.

    Note that this PC has infected Windows Operating System files and may require a total clean reinstall to fix this and to be able to have reliable/trustworthy PC again. ComboFix attempted to disinfect some of these but we need the MGtools log to check further.
     
    chaslang, Mar 7, 2009
    #3
  4. thesmokingun

    thesmokingun MajorGeek

    thanks for the heads up...here's the updated logs... I got the error about processdll something or other...I see that's an issue with .NET. let me know if I need this, and i will run it again. This computer also had Mcafee enterprise, and the removal tool for mcafee doesn't work on it, but I've noticed that there are still remnants of the program after i uninstalled it. If you have any ideas on how to fix those, i'd appreciate it as well. And i'm now thinking that i will suggest to my friend that a reinstall of windows is probably the best way to go forward. thanks again.
     

    Attached Files:

    thesmokingun, Mar 8, 2009
    #4
  5. thesmokingun

    thesmokingun MajorGeek

    I sincerely thank you chaslang for assisting me in this. I have however gone ahead and just did a reinstall for windows. i think there was still some issues that may not have been able to be fixed, and at some point the computer wasn't booting up correctly. so again, thanks for all the help!
     
    thesmokingun, Mar 10, 2009
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.

    This was the safest thing to do inorder to insure a reliable PC. As I stated earlier, your system files has been compromised. No telling how many.

    It would be in your best interest to work thru the below now:

    How to Protect yourself from malware!
     
    chaslang, Mar 13, 2009
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds