Please help me fix my computer!

Discussion in 'Malware Help (A Specialist Will Reply)' started by SanyoStar, May 12, 2013.

  1. SanyoStar

    SanyoStar Private E-2

    Hello there,

    I am Sanyostar and I'm having problems with my internet connection turning on and off periodically, like when I'm in skype call I'll temporarily lose connection and come back and I believe that the problem is a deep rooted trojan or even a no access trojan!

    I have run the run me and read me and followed the steps and here are my logs. Thank you very much for your time in advance and I appreciate any help!
     

    Attached Files:

    SanyoStar, May 12, 2013
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
    When it opens, press the Scan button
    Now click the Registry tab and locate these detections:


    • [RUN][SUSP PATH] HKCU\[...]\Run : Ynoksug (C:\Users\Owner\AppData\Roaming\Typo\yfim.exe) [x] -> FOUND
      [RUN][SUSP PATH] HKCU\[...]\Run : Luomuqoser (C:\Users\Owner\AppData\Roaming\Amro\uroqr.exe) [x] -> FOUND
      [RUN][SUSP PATH] HKUS\S-1-5-21-1834181982-1674935205-2880653790-1000[...]\Run : Ynoksug (C:\Users\Owner\AppData\Roaming\Typo\yfim.exe) [x] -> FOUND
      [RUN][SUSP PATH] HKUS\S-1-5-21-1834181982-1674935205-2880653790-1000[...]\Run : Luomuqoser (C:\Users\Owner\AppData\Roaming\Amro\uroqr.exe) [x] -> FOUND

    Place a checkmark each of these items, leave the others unchecked.
    Now press the Delete button.
    When it is finished, there will be a log on your desktop called: RKreport[2].txt
    Attach RKreport[2].txt to your next message. (How to attach)
    Do not reboot your computer yet.

    Now rerun Hitman and have it fix everything it found.

    Reboot and rescan with both RogueKiller and Hitman and attach those new logs as well.

    Be sure to tell me how things are running now.
     
    TimW, May 13, 2013
    #2
  3. SanyoStar

    SanyoStar Private E-2

    Hello Tim,

    Thanks for getting back to me so quickly! Much appreciated! I did what you asked by deleting those isolated detections and doing the Hitman scan after, and I have yet to see how my computer will run in the next few hours, so I'll update you as soon as I find any hitches!

    I was hoping to find more in the scans because I remember doing a scan a while ago and something like a no access trojan showed up, but not this time, which is unnerving but that's alright!

    Ah and lastly, I have the logs attached as well! Thanks again for the help!
     

    Attached Files:

    SanyoStar, May 13, 2013
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You still need to rerun Hitman and remove all those PUP's.
     
    TimW, May 14, 2013
    #4
  5. SanyoStar

    SanyoStar Private E-2

    Oh sorry about that, I must have read your instructions wrong, but I did go back and I had Hitman clear all the PUP's, so attached are the logs! I did have to it twice to clear them completely!
     

    Attached Files:

    SanyoStar, May 14, 2013
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Much better. What issues are you still having, if any?
     
    TimW, May 15, 2013
    #6
  7. SanyoStar

    SanyoStar Private E-2

    So far things seem much better, although I did experience a wee bit of disconnecting a day ago, but it was at the very end of the day and just once, so it must be something other then malware affecting that!

    If there are any more problems I experience I will let you know, though thanks for all the help, it is much appreciated and you helped my computer a lot! :)
     
    SanyoStar, May 16, 2013
    #7
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I had a communication from one of the other members stating:
    Let me know it you have any more issue. You might want to post the disconnect issue in the networking forum.

    If you are not having any other malware related problems, it is time to do our final steps:

    • Any programs we had you download and/or install can be removed at this time.
    • If we had you download and run ComboFix, here is how to uninstall it:
      • Press and hold the Windows key http://i1106.photobucket.com/albums/h363/debojyotidas/Windows_Logo_key.gif and then press the letter R on your keyboard.
      • This opens the Run dialog box.
      • Copy and paste the below text inside the text-field:
        • "%userprofile%\desktop\ComboFix" /uninstall

      • Now press ENTER
      • ComboFix will extract its files one last time and you should receive a notification that ComboFix has been uninstalled shortly after.

    • You can re-enable your Disk Emulation software at this time via DeFogger.
    • If we had you create or download a registry patch or "fix" script, these can be deleted at this time.
    • Go into the C:\MGtools folder and run the MGclean.bat file to remove additional traces of our tools.
    • Now we will toggle System Restore to remove any infected system restore points.

    • Lastly, here is a guide to protect you from future infections: How to Protect yourself from malware!
    • Be safe :)
     
    TimW, May 17, 2013
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds