Multiple virus's

Discussion in 'Malware Help (A Specialist Will Reply)' started by Fussionzz97, May 17, 2012.

  1. Fussionzz97

    Fussionzz97 Private E-2

    It started out with a few Randomgibberish words .EXE in my temp folder everytime i visited my temp folder they moved instantly so i tryed to end there process but it wouldn't allow me i then thought of opening the virus in Notepad++ so it wouldnt move, i'd wait for the process to stop and instantly recycle it and delete it

    I had no problems after that. The next morning i wake up and to find c:\Windows\assembly\GAC_32\Desktop.ini Infected i did some searching found its a browser hijacker, redirector thingy i followed your tutorials on Majorgeeks and none of them worked I'm currently on Safe mode with networking i've done multiple scans with TDSS Killer, Malware Bytes, AVG 2012 They find nothing

    Insanely Appreciate some help! Thanks :)
     
    Fussionzz97, May 17, 2012
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!
    So are you saying that you actually attempted to run ALL of the below and none of them ran at all? What happen when you ran each one? Be sure to tell us exactly what happens.
    • SUPERAntiSpyware
    • Malwarebytes
    • ComboFix
    • RootRepeal
    • MGtools
     
    chaslang, May 17, 2012
    #2
  3. Fussionzz97

    Fussionzz97 Private E-2

    SUPERAntispyware - Only finds tracking cookies
    Malwarebytes - Finds nothing
    ComboFix - After dragging the CFscript.txt on it it loads and just cancels
    RootRepeal - Haven't tried
    MGtools - Haven't tried
     
    Fussionzz97, May 17, 2012
    #3
  4. Fussionzz97

    Fussionzz97 Private E-2

    RootRepeal doesn't support 64BIT (im on 64BIT)
     
    Fussionzz97, May 17, 2012
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You need to attach all the logs whether they find anything or not. It is how we verify proper versions are run. There is no CFScript.txt to drag on top of ComboFix in the READ & RUN ME. You are not following our instructions if you are doing this.

    Also if you have not run those other programs and if you have not attached the logs, you have not finished our instructions >> READ & RUN ME FIRST. Malware Removal Guide
     
    chaslang, May 17, 2012
    #5
  6. Fussionzz97

    Fussionzz97 Private E-2

    I Rescanned and found 1 trojen on each AVG and superantispyware
    but i am still having the problem

    i attached the logs
     

    Attached Files:

    Fussionzz97, May 18, 2012
    #6
  7. Fussionzz97

    Fussionzz97 Private E-2

    I rebooted and started up on normal mode and got a message saying the the threat at assembly/GAC_32/Desktop.ini has successfully been removed a minute later i get this warning (attachments)
     

    Attached Files:

    Fussionzz97, May 18, 2012
    #7
  8. Fussionzz97

    Fussionzz97 Private E-2

    Im now getting this after rebooting and AVG says its been removed it pops up 1 minute later
     

    Attached Files:

    Fussionzz97, May 18, 2012
    #8
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You need to finish running the READ & RUN ME as already requeseted multiple times. You have not attached the logs from ComboFix and MGtools and you did not answer my question about why you were trying to run ComboFix using a CFScript.txt file.
     
    chaslang, May 18, 2012
    #9
  10. Fussionzz97

    Fussionzz97 Private E-2

    Im sorry but i was not a member at the time and not completely knew what i was doing

    The combofix + CFScript http://forums.majorgeeks.com/showthread.php?t=252122

    After running it normally the bar would load after loading it would just close and nothing happen

    My computer got worse, firewall stopped working and my internet was crashing every 1 min and acting really slow, computer was acting weird I then reformated my computer everythings clean and all but i need to get some stuff off of my portable hardrive but im scared that theres infection on it how can i fully clean it out so its safe to start getting my things off of it
    Thanks
     
    Fussionzz97, May 19, 2012
    #10
  11. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Okay but that procedure was for the user posting in that thread. It was not for you or anyone else.

     
    chaslang, May 19, 2012
    #11

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds