Mozilla crashing, comp freezing, etc.

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by ArsenicY, Aug 9, 2009.

  1. ArsenicY

    ArsenicY Private E-2

    Comp freezes constantly, at times while booting up. Mozilla crashes, will not open for longer than a second. Mcafee turns on while booting up, then turns itself off. SUPERantispyware will not work, neither does Combofix or Malwarebytes. Attempted to redownload SUPERantispyware, it won't even run the .exe install file. Computer is overall very slow. Logs attached for Rootrepeal and Hijackthis.
     

    Attached Files:

    ArsenicY, Aug 9, 2009
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I need the log from running C:\MGTools.exe --> C:\MGLogs.zip.

    But first, Please double-click the RootRepeal.exe previously downloaded.

    * Select File then Scan
    * On the Select Drives form select drive [ insert drive infected here ] by "ticking" the box for drive [insert drive here] and click OK
    * When the scan is complete - highlight each of the following file(s) (one at a time if more then one is listed) by left clicking it. Then use right mouse click and select the Wipe File option only for each file.
    C:\WINDOWS\system32\UACacskaxrrum.dat
    C:\WINDOWS\system32\uacinit.dll
    C:\WINDOWS\system32\UACmtorsulard.dll
    C:\WINDOWS\system32\UACnqpyvjmaly.db
    C:\WINDOWS\system32\UACqgoovblojb.dll
    C:\WINDOWS\system32\UACqpvaogpjba.dll
    C:\WINDOWS\system32\UACtojeyjuyjt.dll
    C:\WINDOWS\system32\UACtqmxwxwkje.dll
    C:\WINDOWS\Temp\UAC1718.tmp
    C:\WINDOWS\Temp\MSI4a545.LOG
    C:\WINDOWS\system32\drivers\UACxlrdmfynir.sys
    C:\Documents and Settings\ariella\Local Settings\temp\UACfe82.tmp
    * After Wiping all files, immediately reboot your pc!

    After reboot, download/install/update and run the scanning tools you couldn't run!
     
    TimW, Aug 11, 2009
    #2
  3. ArsenicY

    ArsenicY Private E-2

    Thank you! Alright, attached are logs for Malwarebytes. Not sure where the log for MGtools disappeared to, so I'll probably rerun that. I'm redownloading Combofix and SUPERantispyware right now.

    Oh yeah, I keep on getting popups from Mcafee informing me that it found and deleted HIJACKREADER.exe located in my C: drive.
     

    Attached Files:

    ArsenicY, Aug 14, 2009
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    If you ran the C:\MGTools.exe, the log is just where I told you it would be in my last post. I still need that and I would like you to try running both SAS and ComboFix and attaching those logs.
     
    TimW, Aug 16, 2009
    #4
  5. ArsenicY

    ArsenicY Private E-2

    I ran the scans fine, but I'm having some trouble again. My firewall is off and locked, even though I'm a computer administrator. A virus did pop up again, but I got rid of what I could find with SUPERantispyware and Malwarebytes. Should I run the rest of the scans again?
     

    Attached Files:

    ArsenicY, Aug 22, 2009
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    What part of my last message are you not getting? Let me repeat.

    I need the C:\MGLogs.zip ---> from running the C:\MGTools.exe. I can't make it any clearer than that.
     
    TimW, Aug 25, 2009
    #6
  7. ArsenicY

    ArsenicY Private E-2

    Okay, okay. I'm spacey and I forgot.
     

    Attached Files:

    ArsenicY, Aug 26, 2009
    #7
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    It is very difficult to assist you if you do not follow our instructions. You are running a very old version of MGTools.

    Now please download The Avenger by Swandog469, and save it to your Desktop.

    * Extract+ avenger.exe from the Zip file and save it to your desktop

    Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

    * Run avenger.exe by double-clicking on it.
    * -Do not change any check box options!!
    * Copy everything in the Quote box below, and paste it into the Input script here: part of the window:


    * Now click the Execute button.
    * Click Yes to the prompt to confirm you want to execute.
    * Click Yes to the Reboot now? question that will appear when Avenger finishes running.
    * Your PC should reboot, if not, reboot it yourself.
    * A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

    Now re-run RootRepeal and attach that log.

    Now download the latest version of MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one. Run the .exe file.

    Then attach the below logs:
    * C:\ComboFix.txt
    * C:\Avenger.txt
    * C:\MGlogs.zip
     
    TimW, Aug 29, 2009
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds