Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Recurring FakeAlert trojans with muzakego.dll


  • This topic is locked This topic is locked
3 replies to this topic

#1 lsellem

lsellem

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:33 PM

Posted 14 October 2009 - 12:30 PM

Hi everyone, please bear with me as it's my first time posting here. I have a user who has reported several McAfee alerts that FakeAlert trojans were deleted, each time a different .exe from his system32 folder (ZIGULAVO.EXE, pikuweve.exe, leyuwuyu.exe, retoseti.exe, bujojere.exe, golayahu.exe, faweziju.exe) being removed. I have noticed a muzakego listed in the startup list in MSCONFIG and disabled it, but upon reboot it showed up again. He has tried Spybot, but it would lock up, and I have tried hijack this and after trying to fix the muzakego listing, it would still be found. I am at my wit's end! I've attached my logs...

Attached Files



BC AdBot (Login to Remove)

 


#2 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:09:33 PM

Posted 15 October 2009 - 10:37 AM

Hello! :(
My name is Sam and I will be helping you.

In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.


From reading your comments it appears this isn't your computer. Can you clarify the relationship you have to the infected computer?
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#3 lsellem

lsellem
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:33 PM

Posted 15 October 2009 - 10:53 AM

I am the help desk at my office; the infected computer is a work computer in a branch office. Since I can't have a user down for a long time, I am considering sending him a spare and getting his laptop so that I can blow it away... Right now they are running McAfee VirusScan and Spybot in safe mode, just for fun...

#4 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:09:33 PM

Posted 16 October 2009 - 08:17 AM

Unfortunately I can't help you. There are over 800 posts here that are waiting for help, nearly all of them home users without the advantage of paid help desk personnel. This forum is here to support them.

That being said, from a quick look at your logs there is no rootkit present so this should be relatively easy to resolve. Spybot and Mcafee won't help you. Try Malwarebytes.

This thread will now be closed.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users