help please police central e-crime unit virus rem...

[xxdeebeexx]

Hi a friend has asked me to help remove police central e-crime unit virus from their sons netbook. There was no antivirus so I have installed malwarebytes and have tried to instal AVG and Antivir but it won't let me. I can get it running in safety mode but that's about it.

Malwarebytes finds a trojan...deletes it and when it's scanned again it finds another one. It has been scanned 4 times each time there is no improvement.

tia

dx

[rmg1]

From what I've seen on here, Malwarebytes does it's best work in normal mode.
Will it run like that?

[xxdeebeexx]

Quote:

Originally Posted by rmg1

From what I've seen on here, Malwarebytes does it's best work in normal mode.
Will it run like that?

No, as soon as it boots up the screen freezes with the warning.

dx

[rmg1]

Then I'm sorry to say this is above my level of expertise and I'd better leave it to one of the more experienced bods on here.

[xxdeebeexx]

Quote:

Originally Posted by rmg1

Then I'm sorry to say this is above my level of expertise and I'd better leave it to one of the more experienced bods on here.

you and me both!

Gosh DH offered my services to his friend... I think he wanted me out of the way so that he could have a quiet evening watching the football!

dx

[rmg1]

Just to get ready, can you post the Malwarebytes log?

[john1]

This may help http://support.microsoft.com/kb/129972



And try the following Note you need to download on none infected computer initially to copy program


Install Windows Defender Offline Beta

Windows Defender Offline Beta is a malware tool desgined to remove hard to eliminate viruses that start before Windows boots. To use Windows Defender Offline Beta, follow the steps below:

On a non-infected computer, visit: http://windows.microsoft.com/en-US/w...fender-offline

Click Download the 32 bit version or Download the 64 bit version depending on which version of Windows you are running. If you're unsure of which version of Windows you are running, visit: http://windows.microsoft.com/en-US/w...t-32-or-64-bit

When prompted, click Save As. Save the file to a removable media source, such as a DVD, CD, or USB drive.

On the infected computer, insert the DVD, CD, or USB drive and restart the computer.

When prompted, press the key to choose boot options, such as F12, F5, or F8, depending on your BIOS.

Use the arrow key to scroll to the drive containg the Windows Defender Offline Beta file. The computer will start Windows Defender Offline Beta, which will immediatley start scanning for malware.

[xxdeebeexx]

Quote:

Originally Posted by rmg1

Just to get ready, can you post the Malwarebytes log?

I would have to save to a memory stick, I think, an post on my computer

I am doing a 5th scan now and will see what happens.
I am scanning in safe mode though ?

dx

[dogmaryxx]

Found this solution

1. Use another PC to connect the Internet and download Combofix.(Blue Download Button)
2. Take the USB flash drive/memory stick and transfer your program there.
3. Reboot your infected PC and start pressing F8 as soon as machine becomes active.
4. Choose ‘Safe mode with command prompt’.
5. Stick the USB flash drive with Combofix into your infected machine and launch.Wait until it finishes.
6. Reboot PC, update anti-virus program you regularly use and scan your PC

[xxdeebeexx]

Quote:

Originally Posted by dogmaryxx

Found this solution

1. Use another PC to connect the Internet and download Combofix.(Blue Download Button)
2. Take the USB flash drive/memory stick and transfer your program there.
3. Reboot your infected PC and start pressing F8 as soon as machine becomes active.
4. Choose ‘Safe mode with command prompt’.
5. Stick the USB flash drive with Combofix into your infected machine and launch.Wait until it finishes.
6. Reboot PC, update anti-virus program you regularly use and scan your PC

Thanks. This did the trick!!


dx

[waddler_8]

Post the combofix log found at the root of the system drive - usually C:\combofix.txt