Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

m.exe on USB drives, Malware Bytes, HiJackthis not running


  • Please log in to reply
4 replies to this topic

#1 fbnewtz

fbnewtz

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 27 January 2009 - 08:29 PM

I am working on a clients computer and have run into a problem that is beyond my level of expertise.

The symptoms that I can find so far are as follows:

1. Whenever I try to go to a majority of sites that allow me to download spyware tools, forums related to spyware etc, I get redirects.
2. USB drive is immediately infected with m.exe. Didn't realize this and infected another laptop I have with the said virus. (I was able to remove this before it became a big problem).
3. Whenever I try to run most spyware tools, the tools will just close. Or not even open at all. Installation of most of these apps (SUPERAntiSpyware, MalwareBytes, Antivir, etc.)

Any help would be greatly appreciated. This is a major problem and I have limited access to it. I can only get access after 5pm central time, and only on this coming Thursday. I don't know if I should install logmein or another remote access tool to give me access to the computer while I am not here. Any tips on the quick resolution are appreciated.


Thanks,

Fred

UPDATE: Well, I was able to figure out that there is a hidden driver that was loaded. It had a 32 bit GUID for a name. After I removed it and reboot I am able to install software again. I have installed Antivir and am running SUPERAntiSpyware now. After that I will run Malware Bytes. Antivir just popped up and found vumer.dll and I quarantined it.

Edited by fbnewtz, 27 January 2009 - 09:14 PM.


BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:12:16 AM

Posted 28 January 2009 - 10:53 AM

Don't edit the post, instead just add a new post to the topic. That way it won't get lost to where no one will ever see it
Good luck
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 skyfri

skyfri

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:16 PM

Posted 28 January 2009 - 11:45 AM

Fred I have the same problem, where was this driver located?

#4 jwilson77

jwilson77

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 29 January 2009 - 12:14 PM

I am having an identical problem; any additional info you can share?

#5 fbnewtz

fbnewtz
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 14 March 2009 - 02:24 PM

I did a combination of MalwareBytes and combofix.exe. combofix.exe is the one that solved the problem. However, as most people know it is not a good idea to run combofix.exe without some assistance from someone on one of these boards.

Antivir also was able to detect and remove the m.exe virus. It really depends on the cocktail of trojans/virii/spyware you have loaded on your computer. The m.exe was just a small problem from my overall infection on that computer.


Thanks,
Fred




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users