Infected Work Laptop

speedyd718 · Apr 25, 2010

First I want to thank the guys here for writing up removal threads. My work laptop somehow contracted the Windows Defender malware. Probably because it never had an anti-virus program running, only Webroot Spysweeper.

Since I didn't have time to remove it, I had the IT department clean it. The laptop seems to be clean but I wanted to run it through you guys and have peace of mind. I ran the removal thread scans and will attach the logs.

speedyd718 · Apr 25, 2010

Here are the other logs. I also want to add that the pc is now running avast and mbam real-time protection. Are those good options? It's what the IT department setup.

TimW · Apr 26, 2010

Since this is a work computer and you have a company IT department, we can not assist you with doing anything that might potentially harm your system. It would leave us liable for a lawsuit.

For example, we usually have you disable messenger, ( Do not confuse Windows Messenger with MSN Messenger because they are not the same.) but your company may use it. I don't know.

However, you may wish to ask them about these items:
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\bgejndsud]
"ServiceDll"="c:\windows\system32\dturs.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\cyflacqcu]
"ServiceDll"="c:\windows\system32\dturs.dll

C:\Documents and Settings\damos\Application Data\kcmdte.dat
C:\Documents and Settings\damos\Local Settings\Application Data\iWUJi
C:\Documents and Settings\All Users\Application Data\71Bf24L21
C:\Documents and Settings\All Users\Application Data\iWUJi
C:\Documents and Settings\damos\Templates\iWUJi

Log in or Sign up

Infected Work Laptop

speedyd718 Private E-2

Attached Files:

SUPERAntiSpyware Scan Log - 04-24-2010 - 23-10-50.log

mbam-log-2010-04-24 (23-20-26).txt

ComboFix.txt

speedyd718 Private E-2

Attached Files:

rootrepeal log.txt

MGlogs.zip

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member