some dweeb out there ****ed my computer

Discussion in 'Malware Help (A Specialist Will Reply)' started by mortpiedra, Nov 19, 2010.

  1. mortpiedra

    mortpiedra Private E-2

    hello xperts!
    the computer has become unbearably slow. i dont know exactly what has caused it (my wife must have clicked on somehting inappropriate rolleyes )
    went through your READ & RUN ME FIRST ( http://forums.majorgeeks.com/showthread.php?t=35407 ) with limited success!

    step/status:
    1. SUPERAntiSpyware: log attached (SUPERAntiSpyware Scan Log - 11-15-2010 - 00-07-49.log)
    2. MBAM: failed ( http://forums.majorgeeks.com/showthread.php?t=226844 )
    3. ComboFix: failed
    4. RootRepeal: failed (RootRepeal_crash_111910.132822.txt)
    5. MGtools: log attached (MGlogs.zip)

    please let me know what to do next.

    thank you,
    m
     

    Attached Files:

    mortpiedra, Nov 19, 2010
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Make sure that you tell me if you receive a success message about adding the above
    to the registry. If you do not get a success message, it definitely did not work.

    SystemLook

    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2
    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      :filefind
video_32sD.exe
MSlti32.exe
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this.

    How are things running?
     
    Kestrel13!, Nov 19, 2010
    #2
  3. mortpiedra

    mortpiedra Private E-2

    thanx 4 ur response!

    u wrote: Make sure that you tell me if you receive a success message about adding the aboveto the registry.

    answer: i did receive a success message

    steps/status:
    1. SystemLook: log attached
    2. C:\MGtools\GetLogs.bat: log attached

    u wrote: How are things running?
    answer: good but w/respect to the computer there seems to not be a major improvement

    greetings
    m
     

    Attached Files:

    mortpiedra, Nov 19, 2010
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You won't see a major improvement because you are lacking in RAM:
    Code:
    Gesamter realer Speicher    512,00 MB    
Verfügbarer realer Speicher    150,88 MB
    You should have at least twice that amount of RAM installed.

    Please Disable Spybot's TeaTimer --> Should have been done as per the R&R instructions!

    * Run Spybot and click Mode
    * Select Advanced Mode.
    * Then click Tools and select Resident.
    * Now in the right window pane, uncheck TeaTimer.
    * Also while this is open, in the left column now select IE Tweaks
    * and then in the right pane make sure all the Miscellaneous locks are unchecked.
    * Now quit Spybot!

    Now copy just the bold text below to notepad (Do not include any space above the word REGEDIT). Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Make sure that you tell me if you receive a success message about adding the above
    to the registry. If you do not get a success message, it definitely did not work.

    Now tell us exactly what issues you are still having.
     
    TimW, Nov 19, 2010
    #4
  5. mortpiedra

    mortpiedra Private E-2

    thanx 4ur response!

    u wrote: Make sure that you tell me if you receive a success message about adding the aboveto the registry.
    answer: i did receive a success message

    the xact problem is that the computer has gotten soooo unbearably slow ... comparing to problems other r having here i feel almost ashamed posting for such a piddely issue:-o ... and as u ritefully pointed out it was never exactly a flyin rocket but has up until recently been ok for surfing (for which it is xclusively used).

    what used to take 10sec now takes 2min.

    if u can help I appreciate ur assistance.

    greetings,
    m
     
    mortpiedra, Nov 20, 2010
    #5
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    To begin with, please disable Spybot's TeaTimer.

    How to disable Spybot's TeaTimer

    Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

    Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    After clicking Fix exit HJT.

    Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

    Make sure that you tell me if you receive a success message about adding the above
    to the registry. If you do not get a success message, it definitely did not work.

    Now uninstall SpyBot search and destroy and install a fresh version of it.

    Rename combofix to pigeon.com > reboot into safe mode and run it from there. Let us know what happens.

    Try this:

    Please click on Start and select Run then type or copy/paste

    Attach the log if you were successful in running Malware Bytes.

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this.
     
    Kestrel13!, Nov 20, 2010
    #6
  7. mortpiedra

    mortpiedra Private E-2

    hello mr malwarefighter

    i performed the following steps:
    1. disabled spybots (as per instructions http://forums.majorgeeks.com/showthread.php?t=103692&highlight=Teatimer)
    2. disabled antivir (i got only that)
    3. ran C:\MGtools\analyse.exe. i only found the 3 first lines in hjt (the others - O4 - HKLM\..\RunOnce: ... - were not there) and "fixed" them after closing the browser.
    4. added the re-edit:
    u wrote: Make sure that you tell me if you receive a success message about adding the aboveto the registry.
    answer: i did receive a success message

    5. next i un-installed spybot
    6. then i re-installed spybot
    7. rebooted in safe mode
    8. ran pigeon.com aka combofix and got a funny error message: "Swiss Army failed to initialize" then the system froze like b4 :(
    9. rebooted again in safe mode
    10. ran mbam /developer (since ur instruction was not clear i assumed i was supposed to try this as well in safe mode): it got stuck again (at the file system32/DivXc32.dll) :(
    11. rebooted in normal mode
    12. ran C:\MGtools\GetLogs.bat: log attached
    13. ran mbam /developer again: it got stuck again :( (http://forums.majorgeeks.com/showthread.php?t=226844)

    appreciate ur help! :cool
     

    Attached Files:

    Last edited: Nov 21, 2010
    mortpiedra, Nov 21, 2010
    #7
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I am not finding any malware in your logs. Tell me what issue, if any, you are still having. We may need to send you to the software forum for further assistance.
     
    TimW, Nov 21, 2010
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds