Malware help

Schlotkins · Nov 6, 2009

Good morning-

My father - who is not very technical - so how ended up with Malware on his machine. Basically, it will not let him launch any program. Every time it says something like "Program could not be launched, program may be infected." He says he then gets an add for one or two 'fake' antivirus/malware removal apps.

I know the usually procedure so first I had him shut down and told him to reboot in safe mode so I could follow the guide. The probem is the computer refuses to go into safe mode. It tries to start and then ends up back at the f8 menu. I have no idea why - I've never seen this before - and of course since he can't launch any app (and popups are flying up all over the place) I can't trouble shoot within his loaded windows.

At this point, I tried the Spybot Boot CD. It did load up, scan and find/fix 18 problems (used the definitions from two days ago), but when he booted back up again, programs would still not launch and the popups were flying again.

So, I'm at a loss of what to do. Does anyone have any suggestions? I read the read me first, but it's hard to do any of those things with no safe mode. I could have him ship me the drive but I don't know if I can remove the infection running the drive as a slave and of course it would be hard for me to test since I have different hardware.

Thank you for your time and any assistance.

Chris

TimW · Nov 8, 2009

Let me try to understand where you are......you are able to boot to normal mode? We want you to try to run the Read and Run First Instructions in normal mode.

This may be difficult to handle doing this thru you and relaying things to him. However we can try. We will have to do some experimenting to see first.

As to having him send you the hard drive, what problems do you have with hooking it up to your computer ( this is assuming your computer is very well protected and updated)?

First have him try doing this:

Download and save the below to your PC (save it anywhere you can find it. The Desktop is fine). Then doube click on it to run it.

AVPFind.bat

It should take a couple minutes to run. You will see a black command prompt window while it is running and it should close when it is finished. Once it finishes, attach the c:\avplog.txt file that is will hopefully create as long as the malware does not block the batch file from running.

Now download and Run exeHelper

Please download exeHelper to your desktop.

Double-click on exeHelper.com to run the fix.

A black window should pop up, press any key to close once the fix is completed.

Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)

Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).

Also please try running the below online scan:

http://www.superantispyware.com/onlinescan.html

Reboot immediately after scanning if it finds and removes anything. Let me know if anything was found. It does not save a log.

Then try running these instructions: Using MGtools

Attach the below logs when finished with all of the above:

C:\avplog.txt - from AVPfind

log.txt - from exeHelper

C:\MGlogs.zip - from MGtools

The C:\ assumes that drive C is you Windows boot drive. If you boot from another drive, then use the correct drive letter above.

Log in or Sign up

Malware help

Schlotkins Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member