This is Harsh!!!

Discussion in 'Malware Help (A Specialist Will Reply)' started by donnyf, Aug 6, 2008.

  1. donnyf

    donnyf Private E-2

    Hi - am not the most technologically gifted so would appreciate any help.

    My laptop has been infected and i'd love to get help to clean the little prick up.

    When i start the computer i am told automatiuc updates and virus software are off. I have tried to turn the updates on, right through to going into the services using the run line but everything is greyed out and i can't seem to solve it at all using the techniques i have found on the internet, such as updating registry etc.

    Also, i am running Kaspersky and it won't open to run. Everytime i try to start it, nothing happens.

    My web browser doesn't go to certain pages - again just hangs and am getting crazy pop ups that fortunately i haven't seen for an age. I am at my wit's end and any help would be greatly appreciated.

    Thanks,
    Don.
     
    donnyf, Aug 6, 2008
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Welcome to Major Geeks!

    Please follow the instructions in the below link and attach the requested logs when you finish these instructions. If something does not run, write down the info to explain to us later but keep on going. Do not assume that because one step does not work that they all will not.

    READ & RUN ME FIRST. Malware Removal Guide


    Note: If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can running steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

    Starting your computer in Safe mode
     
    TimW, Aug 7, 2008
    #2
  3. donnyf

    donnyf Private E-2

    Thanks Tim.

    I got kaspersky going again after uninstalling the sun updates and everything appears to be sweet. I now have the automatic updates working okay and Kaspersky is humming along.

    One thing, when i restart my computer i get a message saying the following dll module could not be loaded, usojtvqw.dll. what is the story here and hpw do i rectify this?

    Cheers,
    DOn.
     
    donnyf, Aug 8, 2008
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    It means that part of the malware was removed, but traces are left....so you should complete the instructions and attach the requested logs. :)
     
    TimW, Aug 8, 2008
    #4
  5. donnyf

    donnyf Private E-2

    Cheers Tim - couldn't Pm you as haven't done 50 posts or something along those lines.

    I have run the said programs and attached are the logs.

    Look forward to the prognosis,

    Don.
     

    Attached Files:

    donnyf, Aug 8, 2008
    #5
  6. donnyf

    donnyf Private E-2

    Final log.

    Have just restarted my machine and the dll module error did not come up.

    Does that mean I am clean?

    Don.
     

    Attached Files:

    donnyf, Aug 8, 2008
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    It means we are getting there.....

    Tell me what this is : C:\1234

    Please use add/remove programs to uninstall:
    J2SE Runtime Environment 5.0 Update 4"
    Java 2 Runtime Environment, SE v1.4.2_09

    Run thisDisable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

    Now download The Avenger by Swandog469, and save it to your Desktop.
    * Extract avenger.exe from the Zip file and save it to your desktop
    * Run avenger.exe by double-clicking on it.
    * Do not change any check box options!!
    * Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

    * Now click the Execute button.
    * Click Yes to the prompt to confirm you want to execute.
    * Click Yes to the Reboot now? question that will appear when Avenger finishes running.
    * Your PC should reboot, if not, reboot it yourself.
    * A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.


    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this and also attach the log from Avenger.
     
    TimW, Aug 9, 2008
    #7
  8. donnyf

    donnyf Private E-2

    That 1234.exe was comboxfix with a name change - i have deleted it.

    Have done as you requested and here are the relevant logs.

    Thanks for all your help, much appreciated.

    Don.
     

    Attached Files:

    donnyf, Aug 9, 2008
    #8
  9. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Should have just told me it was Combo....the last instructions would have removed it properly.

    If you are not having any other malware problems, it is time to do our final steps:
     
    TimW, Aug 9, 2008
    #9
  10. donnyf

    donnyf Private E-2

    Thank you kind sir.

    Machine is now humming along beautifully.

    Thanks for all your time and help.

    Don.
     
    donnyf, Aug 9, 2008
    #10
  11. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You are most welcome ...safe surfing. :)
     
    TimW, Aug 9, 2008
    #11

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds