Possible W32 Beagle virus please help

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by aloninet, Oct 20, 2009.

  1. aloninet

    aloninet Private E-2

    Hello dear people,
    I have read, carefully, many posts, including post of other people complying about virus attack. I have read and executed the instruction in the "READ & RUN ME FIRST. Malware Removal Guide" and uploaded the logs.
    None of the antivirus program that you recommended was able to work. Including:
    1. SUPERAntiSpyware
    2. combofix.exe
    3. ESET Nod 32 (That I own that was on guard when the virus attack and fail
    miserably)
    4. Avast free home edition that I installed after uninstalling ESET NOD 32 ceased to function and run boat scan and found out what has hit my PC.

    These programs were functioning and I have run them and saved their logs (except CCleaner):
    1. CCleaner
    2. FindYkill
    3. Malwarebytes' Anti-Malware
    4. MGtools
    5. RootRepeal

    NOTS:
    1. Findykill link is dead. I downloaded it from the original site. The Icon is
    deferent. The installation was different from your tutorial guide. There was no
    other document when extracting the program. So it makes me puzzled
    whether I was doing the right thing. One last thing when scanning I forgot to
    put the disk on key and an empty CD in the CD drive.
    2. RootRepeal, When scanning my External hard disk took more than 5 (Five)
    days and was not even half through. So I gave up and unplug it and ran the
    scan again this time only the internal Disks.
    3. CClean - could not find how to save log.
    4. I have this problem since 10/8/2009 and I have done everything I know to
    win my computer back. I have faith in you. Please instruct me how to continue with the fight against this stubborn virus.

    Sincerely yours,
    Aloninet
     

    Attached Files:

    aloninet, Oct 20, 2009
    #1
  2. evilfantasy

    evilfantasy Malware Fighter

    Welcome to MajorGeeks!

    Please don't follow other instructions. Each computer is set up different and what works on one computer might just damage another. ;)

    Please see here: Warning about Porn, Keygens, Cracks, and other Illegal Software

    If there are any other cracks/warez/keygens on this computer please remove them now.



    Double click RootRepeal

    * Select File then Scan
    * On the Select Drives form select drive C by checking the box for drive C and click OK
    * When the scan is complete - highlight each of the following file(s) if any still exist since you have run MBAM and the new ComboFix in between (one at a time if more then one is listed) by left clicking it. Then use right mouse click and select the Wipe File option only for each file.


    • C:\Documents and Settings\Arie\Application Data\drivers\wfsintwq.sys
    • C:\Documents and Settings\Administrator\Application Data\m\flec006.exe
    • C:\Documents and Settings\Administrator\Application Data\hidires\flec003.exe
    • C:\Documents and Settings\Administrator\Application Data\drivers\winupgro.exe
    • C:\Documents and Settings\Administrator\Application Data\drivers\wfsintwq.sys
    • C:\WINDOWS\system32\wintems.exe
    • C:\WINDOWS\system32\mdelk.exe
    • C:\FindyKill\Tools\winupgro.exe

    * After Wiping all files, immediately restart your computer!

    Open Malwarebytes' Anti-Malware.

    * Click the Update tab.
    * Click Check for Updates
    * If an update is found, it will download and install.
    * Click the Scanner tab.
    * Select Perform Quick Scan, then click Scan.
    * The scan may take some time to finish,so please be patient.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Make sure that everything is checked, and click Remove Selected.
    * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
    * The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    * Copy & Paste the entire report in your next reply.

    Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



    Now try to download and run SUPERAntiSpyware

    SUPERAntiSpyware - running & getting a log


    Now try to download and run combofix.exe

    Please carefully follow the instructions in the below link to most effectively run ComboFix. PLEASE DO NOT stop and post the ComboFix log as suggested in the below procedure. We want you to finish ALL of our procedures and attach all logs at the end. If you have any problems running ComboFix, skip it and continue on but explain your problems when you come back to attach your logs.

    Also run a new MGtools scan and attach the new MGlogs.zip. Using MGtools


    Let me know if any of these would not run and what happened.

    Next post please attach:

    • Malwarebytes log
    • SUPERAntiSpyware log
    • ComboFix log
    • MGlogs.zip
     
    evilfantasy, Oct 22, 2009
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds