Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think I have a virus but don't know what


  • This topic is locked This topic is locked
12 replies to this topic

#1 mixedcolors

mixedcolors

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:03:45 PM

Posted 26 October 2009 - 04:27 PM

I can't run my Malwarebytes' Anti-Malware scanner and I keep getting all these pop ups I've never had before. My computer is very slow now and is just acting odd.

I've been having so many problems in the past year with getting viruses sand trojans, I don't know what to do anymore but keep coming back here and having someone help me clean my computer out :/

But I uploaded the rootrepeal, and dds logs.

Attached Files



BC AdBot (Login to Remove)

 


#2 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:09:45 PM

Posted 27 October 2009 - 05:50 AM

Hi,

To run malwarebytes when you get the error code 2 during install, or mbam.exe gets deleted, please see here:

http://www.malwarebytes.org/forums/index.php?showtopic=29028
Once malwarebytes opens, click the "Update" tab, click "Check for Updates" in order to download the updates.
Then run the scan, let mbam quarantine/delete what it found and reboot afterwards.
After reboot, post the malwarebytes log together with a new DDS log.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 mixedcolors

mixedcolors
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:03:45 PM

Posted 27 October 2009 - 04:04 PM

I don't know what I'm doing but its not working. I tried it a couple of times but it won't open, It just keeps reinstalling. At one point the program opened but then closed after 2 seconds. :/

#4 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:09:45 PM

Posted 27 October 2009 - 04:41 PM

Hi,

* Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post the log from ComboFix in your next reply.

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix..This because Security Software may see some components ComboFix uses (prep.com for example) as suspicious and blocks the tool, or even deletes it. Please visit HERE if you don't know how.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#5 mixedcolors

mixedcolors
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:03:45 PM

Posted 27 October 2009 - 05:29 PM

Okay here is the log for combofix.

Attached Files


Edited by mixedcolors, 27 October 2009 - 05:30 PM.


#6 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:09:45 PM

Posted 27 October 2009 - 05:39 PM

Hi,

* Open notepad - don't use any other texteditor than notepad or the script will fail.
Copy/paste the text in the quotebox below into notepad:

File::
c:\windows\SYSTEM32\kuyubuza.dll
c:\windows\SYSTEM32\dewukobe.dll
c:\windows\SYSTEM32\pikedahu.dll
c:\windows\SYSTEM32\ravezula.dll
c:\windows\SYSTEM32\sezerabo.dll
c:\windows\SYSTEM32\mikiwoye.dll
c:\windows\SYSTEM32\fohomugu.dll
c:\windows\SYSTEM32\morezahe.dll.tmp
c:\windows\SYSTEM32\niniyifu.dll.tmp
c:\windows\SYSTEM32\fafereza.dll.tmp
c:\windows\SYSTEM32\vafedewe.dll
c:\windows\SYSTEM32\vapisoto.dll
c:\windows\SYSTEM32\gijotoda.dll
Collect::[8]
c:\windows\SYSTEM32\juzusiwe.dll
c:\windows\SYSTEM32\deyagehu.dll
c:\windows\SYSTEM32\seviruwa.dll
c:\windows\SYSTEM32\zelayira.dll
c:\windows\SYSTEM32\yekugomo.dll
c:\windows\SYSTEM32\segipusa.dll
c:\windows\SYSTEM32\rijedoha.dll
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e666d247-8b22-4983-a8bc-1556e0102219}]


Save this as txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

Posted Image

This will start ComboFix again.
Then, please visit this site:
http://www.bleepingcomputer.com/submit-malware.php?channel=8
Where it says: "Browse to the file you want to submit", use the Browse button to navigate to the following file: C:\Qoobox\Quarantine\[8]-Submit_date_time.zip (date_time will be replaced with the date and time when this file was created)
Then click the "Send File" button below in order to upload it.

After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#7 mixedcolors

mixedcolors
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:03:45 PM

Posted 27 October 2009 - 06:56 PM

Was a new Combofix log suppose to come up after it was done? all I got that popped up was a notepad log that said upload was successful, unless all I needed to do was go to that link and upload the file which I did.

#8 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:09:45 PM

Posted 28 October 2009 - 03:01 AM

Hi,

Yes, I was supposed to see a new Combofix log.
So please run Combofix again :(
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#9 mixedcolors

mixedcolors
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:03:45 PM

Posted 28 October 2009 - 05:02 PM

Okay here is the log.

Attached Files



#10 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:09:45 PM

Posted 29 October 2009 - 02:07 AM

Hi,

This looks OK again.

* Go to start > run and copy and paste next command in the field:

ComboFix /Uninstall

Make sure there's a space between Combofix and /
Then hit enter.

This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.

Let me know in your next reply how things are now.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#11 mixedcolors

mixedcolors
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:03:45 PM

Posted 29 October 2009 - 07:40 PM

Everything seems to be working again, I can run my malware scanner now, and I scanned it, nothing came up so whatever I had seems to be gone.

Thanks for all your help :(

#12 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:09:45 PM

Posted 30 October 2009 - 01:59 AM

Glad I could help. :(

Please read my Prevention page with lots of info and tips how to prevent this in the future.
And if you want to improve speed/system performance after malware removal, take a look here.
Extra note: Make sure your programs are up to date - because older versions may contain Security Leaks. To find out what programs need to be updated, please run the Secunia Software Inspector Scan.

Happy Surfing again!
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#13 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:09:45 PM

Posted 16 November 2009 - 05:46 AM

Since this issue appears resolved ... this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users