1 - He definitely has the Total PC Defender thing running, and it does its best to prevent Internet Explorer from launching, so downloading software to the machine is a problem. I've been using a flash drive to transfer files to it from another machine (although none of the anti-malware stuff I've run - malwarebytes, superANTIspyware, Spybot - S&D - has touched it). I'm positive that there's more malware on the system, but that's the most obvious right now.
2 - He had a very old, no-longer-supported version of McAfee installed, but I'm not even sure if it was still getting updated definitions. I tried to replace it with something more modern, but it wouldn't un-install. I hacked at it to prevent it from running, and that seems to be when the Total PC Defender reared its head. It had to have been on the machine prior because there was no online activity after stopping it.
3 - Tried running some things in Safe Mode with Networking, but for some reason couldn't connect wirelessly to do any downloads.
4 - I disabled nearly everything in Startup (not sure how I was lucky enough to run msconfig because it wouldn't load previously) and that seems to have helped give me more access to the machine, but obviously the malicious software is still there.
5 - I do have a ComboFix log which I can upload at any time.
Thanks for any help you can provide!
Edited by Orange Blossom, 05 March 2010 - 08:27 AM.
Move to AII. ~ OB