1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

We have a Hijacked windows 7 laptop, HELP!

Discussion in 'Virus & Other Malware Removal' started by Bumbledor, Jan 28, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. Bumbledor

    Bumbledor Thread Starter

    Joined:
    Jan 31, 2006
    Messages:
    269
    Guys, im staying at the Veterans home, recovering from a medical condition. I work on the guys computers when they have problems.

    Today a guy called me, and I went to his room. He has a Toshiba laptop, running windows 7. His computer is hijacked. When ever we try to go to explorer, the only thing we can go to is a page that shows antivirus.net, a software sales page.
    The address in the address bar is "www.progressmb.com/shop?abc=cGd05jnl90dmum== " (without the " 's).

    Any Ideas how to get rid of the hijack ware? is there a cleaner program that I can run from a flash drive, or does Marvin have to wipe out his HD, format it a few times and reinstall the original software?

    I tried finding the task manager, like on XP to show me what is running, but I am not that familuar with windows 7 yet.

    He is running avast anti virus, but even that is now being show as infected.

    Any help appreacted.
     
  2. RedCar92

    RedCar92 Malware Trainee

    Joined:
    Jan 9, 2011
    Messages:
    387
    Hello Bumbledor and welcome to TSG.
    I'm RedCar92 and my name is Bill, I'll be glad to help you with your computer problems. I apologize for the delay.


    • Please observe these rules while we work:

    • Read the entire procedure
    • It is important to perform ALL actions in sequence.
    • If you don't know, stop and ask! Don't keep going on.
    • Please reply to this thread. Do not start a new topic.
    • Stick with me till you're given the all clear. Malware removal can be stressful but we will clean it.
    • Remember, absence of symptoms does not mean the infection is all gone.
    • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.


    Please be advised, as I am still in training, all my replies to you will be checked for accuracy by one of our experts to ensure that I am giving you the best possible advise, this will be a team effort.
    This may cause a delay, but I will do my best to keep it as short as possible.

    Please bear with me, I will post back to you as soon as I can.

    IMPORTANT NOTE : Please do not delete anything unless instructed to.
    DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

    Doing so could make your pc inoperative and could require a full reinstall of your OS, losing all your programs and data.

    Vista and Windows 7 users:

    These tools MUST be run from the executable. (.exe) every time you run them
    with Admin Rights (Right click, choose "Run as Administrator")


    Stay with this topic until I give you the all clean post.


    Thanks
    Bill
     
  3. Bumbledor

    Bumbledor Thread Starter

    Joined:
    Jan 31, 2006
    Messages:
    269
    Thanks for the reply.

    But I got it figured out, using what was available on the internet. The instructions said to look for a program called affm.exe or something like that. We did not find that.
    Instead we found some weird program named chlpdgflwd.exe or some weird combination of letters. (cannot remember the exact spelling as that was 3 days ago).

    In MSconfig, is under startup, it was the only item that did not show who it belonged to. So I found the temp file, erased it, and the Registry entry, both while in safe mode. Restarted the computer and its running fine now.
     
  4. RedCar92

    RedCar92 Malware Trainee

    Joined:
    Jan 9, 2011
    Messages:
    387
    Bumbledor, thanks for the reply and good luck. This thread will automatically close soon. If there are any more problems please post a new thread.
    Thanks for being and helping the Vets.
    Bill
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/977594

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice