Malware infestation

Discussion in 'Malware Help (A Specialist Will Reply)' started by kilo51, Jul 14, 2007.

  1. kilo51

    kilo51 Private E-2

    Help I am working on a friends computer. when I recieved it it wouldn't boot past the bios. when iI finally got it to boot I couldn't install anything and it keeped trying to open iexplorer which thank god was locking up the computer everytime so I had to stop the process in task manger. Also could not boot to safe mode. after running adaware 2007 and spybot. I was able to get to the internet only using seamonkey and was able to boot to safe mode. I went to your site and followed the instructions. at this time I still seem to have some problems, curser moves on it's own, still getting a porn popup. also the computer doesn't have any antivirous software installed and the computer stops to blue screen if I try to install norton.

    OK I ran spybot insafe mode,counterspy would not install in safe mode,so ran AVG antispyware log included, couldn't run bitdefender or panda in safe mode due to wireless conection problems so had to run them in regular mode, ran getkey and newshow logs included. then ran hijack this as instructed.

    Thanks for your time to look at thes log files and for your site.
     

    Attached Files:

    kilo51, Jul 14, 2007
    #1
  2. kilo51

    kilo51 Private E-2

    here are the hijackthis and getrunkey logs thanks
     

    Attached Files:

    kilo51, Jul 14, 2007
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Re-run AVG antispyware and have it quarantine everything it finds ..it does no good just to report it, athough the Bitscan probably has removed most of it.

    C:\Documents and Settings\Alex Althauser\Desktop\HiJackThis_v2.exe---> is the wrong place to unzip HJT...and it isn't renamed as directed. Uninstall and reinstall to:
    C:\HJT\(renamed to ) analyse

    Frankly I'm amazed that you can do anything with this system....

    Download this file - Combofix.exe
    2. Double click combofix.exe & follow the prompts.
    3. When finished, it will produce a log for you. Attach this log to your next reply

    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.


    Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    After clicking fix. exit HJT. Then uninstall and reinstall as directed.

    Please copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

    Now download The Avenger by Swandog469, and save it to your Desktop.

    * Extract avenger.exe from the Zip file and save it to your desktop
    * Run avenger.exe by double-clicking on it.
    * Check the 'Input script manually' box.
    * Click on the magnifying glass icon.
    * Copy everything in the Quote box below, and paste it in the box that opens:

    * Now click the 'Done' button.
    * Click on the traffic light icon and OK the prompt.
    * You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it yourself.
    * A log file from Avenger will be produced at C:\avenger.txt

    Attach new logs for:
    ShowNew
    GetRun
    HJT
    ComboFix
    Avenger
     
    TimW, Jul 15, 2007
    #3
  4. kilo51

    kilo51 Private E-2

    here are the new scans. sorry for the wrong install of hjt, as you said I too amazed anything runs on this thing.thanks for your help Paul
     

    Attached Files:

    kilo51, Jul 15, 2007
    #4
  5. kilo51

    kilo51 Private E-2

    here are the rest of the scans hjt didn't have alot of those line items because I hadalready removed any line with missing files Thanks
     

    Attached Files:

    Last edited: Jul 15, 2007
    kilo51, Jul 15, 2007
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    * Run avenger.exe by double-clicking on it.
    * Check the 'Input script manually' box.
    * Click on the magnifying glass icon.
    * Copy everything in the Quote box below, and paste it in the box that opens:
    * Now click the 'Done' button.
    * Click on the traffic light icon and OK the prompt.
    * You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it yourself.
    * A log file from Avenger will be produced at C:\avenger.txt

    Attach new logs for:
    ShowNew
    Avenger
     
    TimW, Jul 15, 2007
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds