Koobface worm owns my Laptop

I have a new laptop infected with a worm and who knows what . Lenovo G575 laptop with Windows 7 SP1 64bit,OS Home Premium,dual 1000hrz processors 253mB HHD..just bought this in this month . .Shortly after hooking up to modem for DSL, I could tell the computer was not responding like it did out of the box. I did some research on the web. Found out there is malware that targets servers ,routers and modems .My virus protection did not show any kind of notice that a virus had been loaded on my unit .tried many different anti soyware and all scans showed clean. Chatting with anti virus support staff , I was told there was no malware of any kind on my computer.. Something had to be wrong the way it acted and I could not open , run ,turn on or off several systems . A few processes were weird looking and new . I am denied ability to access some processes.. winlogon.exe is one . cmd , is not the same . Ipconfig shows some stuff turned off . I don't have the knowledge to over come these problems. I was told there was a download that would help out with my problems . I do need hlep with this please ' I can not attach the file ,my worm chose an invalid file name,to the attach file spot . may T paste to another post? Dewey5718

Hi -

Given the system is <1 month old, I would suggest that you restore the system to factory default settings, i.e., reinstall Windows 7.

p34 - http://consumerdl.lenovo.com.cn/Use...0&G475&G570&G575 User Guide V2.0(English).pdf

Regards. . .

jcgriff2

Restoring the Computer to factory default settings as suggested would be best way out provided you did not create an image after you got the computer. If you did create an image then restoring it would be the best thing to do.

koobface worm owns my laptop

I have used the hidden partition reset installer twice. Waiting for me was koobface.
Iam no longer using DSL modem except for WIFI . No improvement as far as being controlled by the worm .
I Thank you both for the prompt replies .
I am going to attempt to attach a folder to this reply . On occasion it works .

The folder contains downloads that may help to resolve my problem . I may be in trouble I forgot I was already a member of the forum as Deweyduc .I am hoping this error on my part will not kick me off the forum .Old age is no excuse .Can you advise me please? I can't attach folder or files .may I copy and paste some smaller files ?

Thanks again Dewey

dewey if you leave a message with john or brink explaining the dual account im sure they will help you sort it out

http://www.sevenforums.com/member.php?u=1

Windows 7 Forums - View Profile: Brink

If your recovery partition is compromised and you need replacement recovery media, contact Lenovo -

How can I get a Product Recovery CD or DVD?

Hi there .Thanks for the lead. Retail source was no help.

Quick replies , good advice for us ,er newbies .

Dewey5718

Dewey -

You are in the Mountain time zone. Anywhere near Denver? If yes, I'll see what I can do to help.

Regards,
GEWB

GEWB said:

Dewey -

You are in the Mountain time zone. Anywhere near Denver? If yes, I'll see what I can do to help.

Regards,
GEWB

Click to expand...

Sorrry to take so long .My bug had me off the line for a while .I couldn't sign in to any forum . I like the offer ,but I am about 10 hrs from Denver . My problem is not solved as yet .But!, I had a Gson download a program from his MAC , to a flash drive . Booted from it and it ate the bug for lunch But!!, to use the wireless ,I had to plug into the modem .The ole' worm is on my HDD now . The file came from a google . Pendriveapps.?? provided the file .Good info if you need some thing like that. Thank you very much for the offer Dewey

That URL is; pendriveapps.com/. The site has free stuff, and a variety of same .

I hope this can help one of those having the same type worm I have? had!

Dewey5718 said:

Sorrry to take so long .My bug had me off the line for a while .I couldn't sign in to any forum . I like the offer ,but I am about 10 hrs from Denver . My problem is not solved as yet .But!, I had a Gson download a program from his MAC , to a flash drive . Booted from it and it ate the bug for lunch But!!, to use the wireless ,I had to plug into the modem .The ole' worm is on my HDD now . The file came from a google . Pendriveapps.?? provided the file .Good info if you need some thing like that. Thank you very much for the offer Dewey

Click to expand...

Thanks for your reply! Good luck with your project.

Regards,
GEWB

sysinternals denied access to win7 NT

My good luck and work has been for naught. The worm has turned, on me .
Bug has regained the control of the computer . WIFI or ethernet. I think it was through the modem . Yesterday , the 8th ,running sysinternals process monitor a long time . Today , access was denied to NT. . Any help would be thankful for . Dewey5718

Please read about Koobface here:
Koobface - Wikipedia, the free encyclopedia

Download Combofix from any of the links below, and save it to your desktop.<--Important
Link 1
Link 2
Link 3

Click on this link Here to see a list of programs that should be disabled.
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.
Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.
This includes Antivirus, Firewall, and any Spyware scanners that run in the background.

• Double click combofix.exe and follow the prompts.
• When finished, it will produce a log for you.

Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Please be patient while the scan runs, at times it may appear to stall.
When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
Post this log in your next reply.
After rebooting ensure your Security applications have been re-enabled.

In your next reply post:
ComboFix.txt
***A guide and tutorial on "How to use Combofix" can be found here:
A guide and tutorial on using ComboFix

IF CF won't run:
During the download, rename Combofix.exe to sVchost.exe