IOBit Software
|
IOBit Software
|
|
|
||||||
| Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient. |
 |
|
|
Thread Tools | Display Modes |
|
#1
05-24-09, 20:22
|
|||
|
|||
multipule malware infections
AVG went off the wall detecting malicious files, same with spybot, however never got to complete a spybot scan. before it would finish the porgram would stop responding.
two messages would show up when i botted into windows: "RUNDLL error loading C:\WINDOWS\system32\sujegaru.dll the specified module could not be found" and "RUNDLL error loading c:\windows\system32\kolojebe.dll.dll the specified module could not be found" I followed the READ & RUN ME FIRST thread, and did everything except the super anti spyware scan. when i did it the first time my computer shut down and the blue screen came up. so i rebooted and tried again, and i got the blue screen again. the message was PAGE_FAULT_IN_NONPAGED_AREA and a stop: 0x00000050 number. anyway, i've posted all logs and .zips except for the super antispyware. thanks for your help, steve 
|
| Sponsored links |
|
|
|
#2
05-26-09, 14:10
|
||||
|
||||
|
Re: multipule malware infections
Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):
* Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it! If it is not on your Desktop, the below will not work. * Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly. * If ComboFix tells you it needs to update to a new version, make sure you allow it to update. * Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ): Code:
KILLALL:: Driver:: 1bdfc84 4c00c6 File:: C:\DL32.bat C:\-200741052 C:\WINDOWS\SYSTEM32\cobwzws C:\WINDOWS\SYSTEM32\dtmkzi C:\WINDOWS\SYSTEM32\iain C:\WINDOWS\SYSTEM32\iqeumsl C:\WINDOWS\SYSTEM32\legutomo C:\WINDOWS\SYSTEM32\tmp.log" C:\WINDOWS\SYSTEM32\tmp1.log C:\WINDOWS\SYSTEM32\wwpdvmqm C:\WINDOWS\SYSTEM32\DRIVERS\1bdfc84.sys C:\WINDOWS\SYSTEM32\DRIVERS\4c00c6.sys * At this point, you MUST EXIT ALL BROWSERS NOW before continuing! * You should have both the ComboFix.exe and CFScript.txt icons on your Desktop. If it asks you to overide the prvevious file with the same name, click YES. * Now use your mouse to drag CFscript.txt on top of ComboFix.exe  * Follow the prompts. * When it finishes, a log will be produced named c:\combofix.txt * I will ask for this log below Note: Do not mouseclick combofix's window while it is running. That may cause it to stall. Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). Then attach the below logs: * C:\ComboFix.txt * C:\MGlogs.zip You need more RAM!! Total Physical Memory 256.00 MB Available Physical Memory 78.77 MB
__________________
Major cake licker. YCLAHTW, BYCMHD!! Major Geeks on Facebook Major Geeks Newsletter
|
|
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| malware infections | nachito3 | Malware Removal | 3 | 05-14-08 22:03 |
| 5 malware programs (mainly Sality.o) 297 infections-quarantine only? | moni_mouse | Malware Removal | 1 | 10-11-07 10:16 |
| malware infections | aaronfr | Malware Removal | 8 | 03-04-07 14:34 |
| Please help - Trojans, malware infections!! | FaMaK | Malware Removal | 1 | 08-16-06 00:59 |
| trojan-downloader-conhook & other Malware Infections | SlackerAZ | Malware Removal | 15 | 07-29-06 17:03 |
Linear Mode
