Please help, driving me mad

[walshy11]

So, my brother was on my PC erlier, and he downloaded some trojan or something, so poop anyway, and now my cursor is CONSTANTLY blinking with the blue "loading " circle

Please help (

 

[JDobbsy1987]

Hi,

Download and run a full scan with malwarebytes and post the log here.
Download - Malwarebytes

This will help the experts in giving you a solution.

Regards,
JDobbsy1987

 

[walshy11]

I already have it, I just started a scan

also I have teamviewer, if you want to use that

 

[JDobbsy1987]

Great

for now we will just wait for the log (other may use this ) but in the mean time...

with your cursor displaying the circle it kind of sounds like the CPU is doing to work...

do you have any 'unknown' processes running in task manager?
Right Click the Task Bar >> Select Start Task Manager >> Select the Processes Tab

If you are unsure what you are looking at, take a screenshot of it and post it here so we can see.
http://www.sevenforums.com/tutorials/9733-screenshots-files-upload-post-seven-forums.html

Regards,
JDobbsy1987

 

[walshy11]

Yeah, as I'm a experienced RAT'er, I think Its a backdoor, that was in what my brother downloaded.

I loked on cmd > netstat -an , but i didnt see any established connection, that are weird.

And I found a HKCU key in the registry, I delete that it was named Winbooterr (which is fake)

and I found a process called wlcomm.exe I killed it, and It didnt do anything bad so.

 

[JDobbsy1987]

Ok then fair enough matey ... we will wait for the log

 

[walshy11]

Its clean.

hmm

 

[gregrocker]

I would next install Avast5, update to run it's boot scan.

Otherwise download and burn to CD one of the bootable AV's here: FREE Bootable AntiVirus Rescue CDs Download List

Remember that scanning in boot mode viruses have no place to hide as they do in Windows or even Safe Mode.

You can then System Restore to before problems began, then run the scans again to make sure nothing made it back.

I would use MS Security Essentials for regular protection, running full scan after install/update.

 

[walshy11]

I acctually uninstalled Avast today, and replaced it with Avira, because Avira detects encrypted backdoors, so yeah.

 

[gregrocker]

Avira has a boot scan download to burn to CD on that list I linked.

Back up your files to quarantined external or DVD first.

As your restore points are gone, then if virus isn't causing probs you'll need http://www.sevenforums.com/tutorials/1538-sfc-scannow-command-system-file-checker.html and then possibly a http://www.sevenforums.com/tutorials/3413-repair-install.html?ltr=R

Check also Event Viewer>Admin view to see if repeat errors can be resolved by googling their text and ID#.

If these fail then I would clean reinstall after wiping HD: http://www.sevenforums.com/tutorials/91339-ssd-hdd-optimize-windows-reinstallation.html