stubborn bagle infection, i think?

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by newgeek09, Oct 15, 2009.

  1. newgeek09

    newgeek09 Private E-2

    All my programs won't run, (except firefox) I keep getting "not a valid win32" etc message. This includes ccleaner, malwarebytes, and sbybot which a friend recently installed to rid me of my last virus problem (windows police pro took over my computer). I've read the sticky threads, so apparently i have a bagle virus. My computer wont let me boot in safe mode (it ignores me hitting f8 repeatedly). I tried downloading findykill. I guess it downloaded, as I have the findykill.exe icon on my desktop but (surprise surprise) it won't let me run it (not a valid win32). What's a computer neophyte to do?

    Also, another problem (or the same one? i have no idea.) many of my google search results get redirected to random shopping or search sites. This has been going on since before my more tech savvy friend cleaned up my computer and supposedly got rid of all the viruses.

    I would greatly appreciate any help you can give me & my much abused, beloved laptop.
     
    newgeek09, Oct 15, 2009
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Try running FindyKill in Safe Boot Mode after shutting down all other programs.

    What version of Windows are you running? It is possible that you don't have a Bagle infection. You may have a Windows Police Pro variant. Also try the below and see if you can run any of it.


    Download and save the below to your PC (save it anywhere you can find it. The Desktop is fine). Then doube click on it to run it.

    AVPFind.bat

    It should take a couple minutes to run. You will see a black command prompt window while it is running and it should close when it is finished. Once it finishes, attach the c:\avplog.txt file that is will hopefully create as long as the malware does not block the batch file from running. (See: HOW TO: Attach Items To Your Post)


    Now download and Run exeHelper
    • Please download exeHelper to your desktop.
    • Double-click on exeHelper.com to run the fix.
    • A black window should pop up, press any key to close once the fix is completed.
    • A log file named log.txt will be created in the directory where you ran exeHelper.com
    • Attach the log.txt file to your next message.
    Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).


    Also please try running the below online scan:

    http://www.superantispyware.com/onlinescan.html

    Reboot immediately after scanning if it finds and removes anything. Let me know if anything was found. See if you can save a log with it.


    Then try running these instructions: Using MGtools

    Attach the below logs when finished with all of the above:
    • C:\avplog.txt - from AVPfind
    • a log from online SAS scan if you could make one
    • log.txt - from exeHelper
    • C:\MGlogs.zip - from MGtools
    The C:\ assumes that drive C is you Windows boot drive. If you boot from another drive, then use the correct drive letter above.
     
    Last edited: Oct 22, 2009
    chaslang, Oct 18, 2009
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds