help w/ vyyqz.exe

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by djkdm, Aug 9, 2014.

  1. djkdm

    djkdm Private E-2

    so i ran all the steps along w/ the programs and listed instructions and i'm still having problems.

    cpu usage is still super high and this virus aka a program listed as "maskiseft visual studie 2010" under the windows task manager > processes.

    please advise on further action.

    also, the instructions said not to remove the infections and ignore on a couple programs, so like i said please advise on further aciton and thank you.
     

    Attached Files:

    djkdm, Aug 9, 2014
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    If you haven't already, rerun MBAM and have it remove all it found. Do the same for Hitman.

    Then rerun RogueKiller and have it remove these items:
    Code:
    ¤¤¤ Registry Entries : 14 ¤¤¤
[Suspicious.Path] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | {bc64701c-23fe-b962-6c70-e86c85da2c16} : "C:\ProgramData\Microsoft\{bc64701c-23fe-b962-6c70-e86c85da2c16}\{bc64701c-23fe-b962-6c70-e86c85da2c16}.exe"  -> FOUND
[Suspicious.Path] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Cyyrg : "C:\Windows\system32\config\systemprofile\AppData\Roaming\Ivytud\oxuzc.exe"  -> FOUND
[Suspicious.Path] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Locuofw : C:\Windows\System32\config\systemprofile\AppData\Roaming\Zuewarwa\ymgieqb.exe  -> FOUND
[Suspicious.Path] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Hegykiowukgavi : "C:\Windows\system32\config\systemprofile\AppData\Roaming\Yrrunyyf\pydeu.exe"  -> FOUND
[Suspicious.Path] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Wedyywucfuno : "C:\Windows\system32\config\systemprofile\AppData\Roaming\Ukkapoi\vonyo.exe"  -> FOUND
[Suspicious.Path] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Ussoyg : C:\Users\KDM\AppData\Roaming\Ipyzag\vyyqz.exe  -> FOUND
¤¤¤ Scheduled tasks : 5 ¤¤¤
[Suspicious.Path] Security Center Update - 1634006123.job -- C:\Users\KDM\AppData\Roaming\Ipyzag\vyyqz.exe -> FOUND
[Suspicious.Path] Security Center Update - 1686330710.job -- C:\Windows\system32\config\systemprofile\AppData\Roaming\Ivytud\oxuzc.exe -> FOUND
[Suspicious.Path] Security Center Update - 1816482452.job -- C:\Windows\system32\config\systemprofile\AppData\Roaming\Zuewarwa\ymgieqb.exe -> FOUND
[Suspicious.Path] Security Center Update - 2622147282.job -- C:\Windows\system32\config\systemprofile\AppData\Roaming\Yrrunyyf\pydeu.exe -> FOUND
[Suspicious.Path] Security Center Update - 338324472.job -- C:\Windows\system32\config\systemprofile\AppData\Roaming\Ukkapoi\vonyo.exe -> FOUND
    Reboot and rescan with both Hitman and RogueKiller and attach the new logs.
     
    TimW, Aug 9, 2014
    #2
  3. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Please attach the MGlogs.zip for TimW. You attached an individual file from inside the main zipped folder which is incorrect.
     
    Kestrel13!, Aug 9, 2014
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds