Windows Antivirus Pro (day 5)...

Discussion in 'Malware Help (A Specialist Will Reply)' started by adamski, Aug 17, 2009.

  1. adamski

    adamski Private E-2

    Hey folks,

    I (much like many others it seems) have been bitten by the Windows Antivirus Pro bug...

    I have read through all the forums I could find, followed as many of the steps that my infected comp would allow, and I have finally decided to reach out for some assistance...

    Malwarebytes dies on startup, Combofix wont run, SuperAntispyware also crashes upon seconds of scanning, and I have tried renaming all of the .exe files associated with them... I have tried running all of said programs in safe mode and still nothing...

    I dont know if I should be feeling lucky to have been able to muster successful scans with RootRepeal and MGtools, but either way, here are the logs...

    Any help would be MUCH appreciated!
     

    Attached Files:

    adamski, Aug 17, 2009
    #1
  2. adamski

    adamski Private E-2

    ....Someone? Anyone???
     
    adamski, Aug 18, 2009
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    First you need to read this:
    Don't Bump! It Only Hurts You!!!

    Now, Please double-click the RootRepeal.exe previously downloaded.

    * Select File then Scan
    * On the Select Drives form select drive [ insert drive infected here ] by "ticking" the box for drive [insert drive here] and click OK
    * When the scan is complete - highlight each of the following file(s) (one at a time if more then one is listed) by left clicking it. Then use right mouse click and select the Wipe File option only for each file.

    * After Wiping all files, immediately reboot your pc!
    C:\DOCUME~1\Adam\LOCALS~1\Temp\9gWlAhBf.sys
    C:\WINDOWS\win32k.sys:1
    C:\WINDOWS\win32k.sys:2
    After reboot, download/install/update and run the scanning tools you couldn't run!

    Now use windows explorer to find and delete:
    C:\Documents and Settings\Adam\Desktop\yh22c98h.exe
    C:\zq6afd.exe

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:

    * Any and all logs you could now produce (SAS, MBAM, Combo) and the RootRepeal log.
    * C:\MGlogs.zip
     
    TimW, Aug 20, 2009
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds