Repair Apps fail to start...

Howdy all -

I've been asked to fix a DELL Notebook computer running Vista Home Basic (someone my wife knows). From what I have been told; the user was surfing the internet and her virus-protector spotted a problem on a web-page and she pressed the wrong button. All network capabilities were shut down. I got the internet up and running and decided to follow the VISTA steps listed (Her NBK has Vista Home). However I seem to be unable to proceed...

What I did was....try to run SPYBOT. Nothing happened so I did a [right click] and selected 'Run as Administrator'.
I instantly received a BSOD and the machine rebooted.
I tried this in SAFE-MODE and received the same results.

Soooo.....I went to MAJORGEEKS to see what I can find and followed the instructions:
as per --> http://forums.majorgeeks.com/showthread.php?t=139681

a) I D/L'ed the files onto my NBK.
b) I xferred them to the USB drive, then plugged it into the infected NBK
c) Then disabled USER CONTROL on the infected NBK.
d) Copied MGTools to C:\ of the infected NBK.
e) Made a new directory called 'DLs' (abbr. for DownLoads) in the C drive and xferred rest to said directory.
f) None of the programs would install. I un-installed all the previous anti-virus software, rebooted the NBK into safe mode and then was able to install SAS & Malware.
g) Rebooted;
h) SAS would not run, every time I tried, a dialogue box came up stating
"SAS.exe has stopped working
A problem caused the program to stop working correctly.
Windows will close the program and notify you if a solution is available."


...I was naturally a bit despondent but when looking at the options in the [Start] menu, I noticed that there was 'SUPERAntiSpyware Alternate Start'. So, I ran that. It worked, found several hundred incidents, I saved the file and moved on to the next step = Maleware Removal.
However, the Malware will not run. It is installed complete with desktop icon and program menu option, but the moment I try it, I receive the "program failed to work correctly" message. (as I did with the SAS file at first)

So, I thought I'd skip that and attempt to run ComboFix. When I double click on it...nothing happens either (I've tried to 'Run as Administrator' and nothing happens either).

Well, that puzzles me. Doing a search via Google and Dogpile gives me more options than I want to read through so here I am with great humble, presenting this dilemma to the specialists.
Please note that although I possess an IT background with a couple MCP's I have not done any work like this for many years. I also take great precaution with my machines, and never have encountered such a situation.

Any help/advice/direction would be appreciated greatly, thanx. :cool

 

I just noticed that the SAS.log didn't upload! (oops)

Thanx again for any help!

 

The Malware will still not load.
I hooked it up to my network, shared the drive out and began an AVAST scan.
It detected
WIN32NSChanger-VJ [Trj]
located in her
C:\Windows\MEMORY.DMP

Unfortunately it cannot move the file to the chest as it does not have access.
Since I managed to get the network working, I loaded AVAST and ran the boot-time scan.
It hung at 85% on the following file:
D:\windows...TMContainer00000000000000000002.regtrans-ms

I found this interesting as it is in her D drive, not C drive.

Anyone have an idea...?

 

Howdy Chaslang, and thank you for responding.
Yes, I did run as ADMIN, and disabled USER ACCOUNT CONTROL (in fact that was one of the first things I did on my personal NBK)
But it still wouldn't run. (oh and I apologize, I *was* referring to Malewarebyte~!)

I was getting a bit frustrated, and didn't want to re-format her machine but then her father stated "Its just teenage crap." And that I should just wipe it clean. :-D

Soo... I reset it to factory specs, and afterwards, I ran the updates, and then set her machine up with anti-virus/malware and a firewall.

I operated it for a time and it seems to work just fine (I was worried that perhps the Boot may have gotten infected)

Thanx again, and if something does pick up, I'll surely let you know~!