Cleaning up PC after a vicious malware attack

[parlezvous]

Hello MalwareBytes community,

around a year ago, this particular PC used by my sibling was compromised by malware which consistently notified the user that the machine was infected and installed a fake antivirus software. I tried getting rid of it through malwarebytes, but it ended up crashing the system. I was able to partly fix it through a complete factory reset, but I suspect that traces of the infection still resides in the system.

I've been unable to remove the Ask.com toolbar, failed to run windows update successfully the last time I tried, and the laptop tends to overheat easily Web browsing appears to be normal though.

I'd appreciate help, thank you.

Attach.txt

DDS.txt

[daledoc1]

Hello and welcome, parlezvous:

Have you been using an infected computer for a year?

That's pretty scary, especially if you've been using it for online financial transactions during that time, without a fully patched operating system (you mention that you've been unable to run Windows updates).

You'll definitely need a qualified malware expert to take a look at the system.

We cannot review scan logs or work on malware removal in this sub-section of the forum.

So please read below for assistance with cleaning your system.

EDIT: Is this the same computer for which you obtained malware removal help a month or so ago >>HERE<<?

IMPORTANT: Please do NOT use any temporary file cleaners unless instructed to do so - they can cause data loss, making recovery difficult.

IF YOU WOULD LIKE EXPERT HELP WITH MALWARE REMOVAL, PLEASE CHOOSE ONE OF THE FOLLOWING 3 OPTIONS:

OPTION 1: Free, one-on-one, expert assistance in the Malware Removal Forum.

OPTION 2: For licensed users of MBAM PRO, there is free, one-on-one, expert assistance from the MBAM support helpdesk.

OPTION 3: Fee-based, one-on-one, expert assistance from Premium Support.

OPTION 1:

• Please print out, read and carefully follow the instructions in the "I'm Infected - What Do I Do Now?" article.
  
• ---> Since you have already run DDS, that's good, as it's the first step. But you'll want to copy/paste the COMPLETE logs directly into your new post, as described below. (The ones you've attached here appear to be incomplete/tuncated.)
  
• Then please start a new post in the Malware Removal Forum.
  
• An authorized, trained malware expert will provide free, one-on-one assistance as soon as one becomes available.
  

• When starting your new post, please note the following:
  
• Please do NOT post in a topic started by someone else, even if their problem sounds similar.
  
• Please COPY/PASTE the requested logs directly into your post, rather than attaching them.
  
• Under options, please be sure to select "track this topic" and "immediate email notification", so you'll know when a helper responds.
  
• Please be patient - it may be 48 hours or more before a helper can assist you, especially when the forum is very busy.
  
• Please do NOT "bump" your topic or reply back to it for at least 48 hours.
  
• Doing so may cause your topic to be overlooked, as it will appear that you are already being helped.
  

OPTION 2:

If you are a paid user of MBAM PRO and would like support via the helpdesk, please contact them here.

OPTION 3:

If you prefer the Malwarebytes Premium Services (comprehensive solutions to all your computer support needs – from installation and set-up to troubleshooting and tune-ups), please go to the Premium Support site here.

Please be patient – someone will assist you as soon as possible.

Thank you very much,

daledoc1

[parlezvous]

Hello daledoc1, thanks for the reply.

My apologies, just for clarification:

a) This laptop was infected several months ago, but was not used until recently. I've managed to fix it through a factory reset, but have not used it for doing business or making financial transactions.

EDIT: Is this the same computer for which you obtained malware removal help a month or so ago >>HERE<<?

b) No, this laptop is a separate system, and is not the same computer.

[daledoc1]

OK, thanks for the clarification.

(As you know from your recent experience with the other computer, some of the infections these days can lead to SERIOUS compromise of one's personal info. So it set off some bells and whistles to think you might have been using an infected system all this time.)

Anyway, it's the same process you went through last month.

Please just follow the guidelines and start a new topic over in the malware removal section.

You'll want to try to copy/paste those DDS logs (DDS.txt and attach.txt) directly into your first post (rather than attaching them), as it makes it easier for the malware helpers to read them.

They did look as if they were somehow truncated, so please try to post the full logs with all the header info, if you can.

All of this will make it easier for the malware helpers to get an accurate snapshot of the sytem, in order to expedite the cleaning process.

If the infection has so crippled the computer that you cannot follow those guidelines, then just start a new post anyway, doing the best you can, & explaining the issues you're seeing (just like you did here) -- you can also include a link back to this topic, too.

HTH,

daledoc1

[Firefox]

It will be better to follow the instructions that were posted in post # 2 above with this system as well.

While being helped in the HJT Section you will have to remove any P2P software you have installed on that laptop such as uTorrent.

[daledoc1]

Hi, Firefox:

It looks as if the OP is already being assisted by Maniac here for this second computer (laptop): http://forums.malwar...howtopic=115096

(I was initially confused b/c this topic was very soon after a recent computer cleaning, and the truncated DDS logs in this thread made it hard to determine if it was the same rig, or not. )

Cheers!