I've been trying to clean up a friends computer for about two weeks. The machine has CCleaner, SpyBot, Trendmico Titanium and Malwarebytes Pro on it.
The machine had "System Fix" on it as well as a rootkit. They appear to be gone, but there are still problems. Possibly additional malware or residual effects of the previous problems.
The system is a Windows 7 machine that was upgraded from Windows Vista. The startmenu is still not right even after running the "unhide" programs and other tools that are supposed to fix it. No matter what, pup.bitminer comes back. In Firefox, it keeps getting the proxy turned on to 127.0.0.1 to a high port which doesn't work. I'm guessing a piece of the malware for it is missing.
We have also run the Kaspersky TDSSKiller and it did find some stuff, but it is currently clean.
Also, MBAM sometimes doesn't find pup.bitminer in normal mode, but always finds it in safe mode. It does not remove it.
We have also run rkill too. It is currently showing clean.
In addition to the above, Trendmicro also reports the following items, and says they were removed. However they come back. In addition, this does not happen in Safe Mode, only in a normal boot up.
The .BZ and .BW change a lot also.
Files named 80000032.@ where "32" changes all the time, but the 32 is common. Some examples are c0.@, 64.@, cb.@, cf.@
Frequently after booting up normally, the computer locks up. Some things kinda work but for the most part it never recovers.
Please help me cleanup this laptop.
Edited by boopme, 14 January 2012 - 08:45 PM.