W32.Spybot.Worm Infection

Hey folks.

Posting under extreme time constraints - please forgive violations of your policy posted on http://forums.majorgeeks.com/showthread.php?t=35407 . We have followed its steps as thoroughly as possible, run CCleaner, etc.

We realize this is not a HijakThis! log posting forum, but are including the log here for completeness.

I'm posting on behalf of a coworker who had an infection of W32.Spybot.Worm reported as of this morning, and since then his laptop will no longer boot into Windows (hard freezes while loading desktop). We followed the manual removal instructions from the Symantec website, and this problem is persisting. Unfortunately, this becomes a significant problem later this afternoon, as we will need to report this computer failure.

Oddly enough, after going through the manual removal instructions & running CCleaner, we were able to boot into the Windows desktop normally, but it then blanked out and froze clocking at an hourglass cursor.

This is (obviously) an appeal from help - please let us know if there is any fast assistance that can be provided today for my coworker. We will be watching this thread closely and are more than happy to provide any pertinent details whatsoever.

 

We are currently running forum searches across various community support forums, trying to find a resolution for people stuck in my coworker's condition - unfortunately, we are not having any luck. This will be the only thread we post.

 

Currently running through your list of procedures & applications @ http://forums.majorgeeks.com/showthread.php?t=139313 - we will post the logs and information we have omitted from our original post as soon as possible while continuing our workday. Again, any assistance, even if it is before we are able to follow all of the preliminary steps as we should, would be truly appreciated.

 

As an update, we have run CCleaner several times in a row repairing the registry and the system is booting again. There are some follow up issues but we are continuing with the tools for removal you have listed - we may be able to resolve this one and will update later today or tomorrow morning if we are OK.

Appreciate the fast response, and it's pretty darned great that a volunteer resource like this one exists in the first place.

 

Roger that. Your followup & advisory is truly appreciated - will follow up Monday afternoon or Tuesday at the latest with the remainder of steps + logs.

 

After it effectively stopped booting, we made the determination on Wednesday to go ahead and reimage the infected machine - chalk up one more casualty for malware, I suppose.

Thanks for all of your assistance. The infection originating this thread is moot - this thread can be closed and/or ignored. Much thanks for your prompt attention, chaslang, and kudos to MajorGeeks for... well... existing.