need malware help

Discussion in 'Malware Help (A Specialist Will Reply)' started by mjo, May 3, 2011.

  1. mjo

    mjo Private E-2

    Hello,
    I'm in need of some help regarding some malware on my computer. I have gone through the malware removal process posted in the forum already with no luck so far. I am getting popups and my IE is freezing randomly. Also, when running Combofix.exe I get a BSOD or the computer just reboots even in safe mode. Also have gotten a few random BSODs. Logs are posted below any help you can give would be appreciated.
     
    mjo, May 3, 2011
    #1
  2. mjo

    mjo Private E-2

    here are the logs
     

    Attached Files:

    mjo, May 3, 2011
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    I'm not seeing any malware problems in your logs, but let's run another scan to be safe.

    Please run this >> TDSSkiller - How to run And then attach the log from TDSSKiller.


    Did you shutdown Kaspersky before trying to run ComboFix and did you have UAC disabled already?
     
    chaslang, May 3, 2011
    #3
  4. mjo

    mjo Private E-2

    Thanks for the suggestion.

    I actually downloaded TDSSKiller and tried to run it a few days ago and the PC crashed when I tried to run it. However, I did not see the directions on how to run the program until you posted the link yesterday. After reading the directions, i renamed the program and it ran just fine and found a rootkit virus. All seems to be running smooth now. I have posted the log. Is there anything else I should do now after cleaning the infection?

    Thanks again so much for your help!
     

    Attached Files:

    mjo, May 4, 2011
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.


    Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
    O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - (no file)
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
    After clicking Fix, exit HJT.



    Now download The Avenger by Swandog46, and save it to your Desktop.
    • Extract avenger.exe from the Zip file and save it to your desktop
    • Run avenger.exe by double-clicking on it.
    • Do not change any check box options!!
    • Copy everything in the Quote box below, and paste it into the Input script here: part of the window:
    • Now click the Execute button.
    • Click Yes to the prompt to confirm you want to execute.
    • Click Yes to the Reboot now? question that will appear when Avenger finishes running.
    • Your PC should reboot, if not, reboot it yourself.
    • A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:
    • C:\avenger.txt
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, May 6, 2011
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds