Help with iamfamous.dll removal

Status
Not open for further replies.

bigsal2k9

Posts: 9   +0
hey all first post for me:)

well here's the problem ive just scanned my laptop and apparently using symantec anti virus i have got 'iamfamous.dll' and another by the name of 's-2-1-87-100004873-100022991-100021377-9969.com'

and for maybe the past week or so firefox hasnt been running properly and google has been redirecting me to completely random sites.

most updates for any software i have dont seem to be working, i think these 2 virus' are stopping them from connecting to their servers or w/e it is they connect to....

umm the iamfamous.dll is in the mozilla firefox components folder and the 9969.com is in the 'RECYCLER' folder

another big problem is that recently my laptop has been crashing at the windows log in screen once ive entered my password...

and another problem is that right click wont work on the start menu, but works elsewhere.

since this is pretty much my first virus' and im not really clued in on programming and what not i am pretty much sh****** my pants:)

if anyone has had the same problem or if anyone knows what to do please help!

if you are gunna help and please leave a guide on how to do it otherwise i will not have clue of whatever you said:p

thanks
 
..... i kinda already had symantec and a mate told me to install a new free one called avast, when i performed a new scan on this 1 it found 8 virus' and 1 is in the windows folder so i dont want to remove incase it screws my system up. and the other apparently does not exist....

so im about to take the steps in the link you sent me

thanks and will get back to u asap

that malware link takes me to the site but when i click download apparently firefox cannot connect to the malware server? is that the virus on my laptop doing that or is that a genuine problem?
 
ill give that a bash tomorw, i have been trying to get rid of this for about 4 hours now

and not too sure on how to boot in safe mode, im letting avast do a thorough virus scan overnight and then ill see if connecting the malware server has been solved.

thanks, but just cba faffin on with this anymore today
 
thanks and just curious, but if i was to system restore, would that fix the whole probelm?

however avast did find that the trojan i have has infected some of the system restore files and those have now been deleted..
 
You answered your own question. No!

Go to safe Mode networking and proceed. We will clean SR later.

Mike
 
wow thanks a million lol

i didnt expect anyone to care so much about 1 persons problems:)

you now have an admirer xd

nah just messin with u, my system is still being scanned but will give safemode a go first thing in the morning and will upload those text files asap

thanks

right ive completed all of the steps in the link you sent me for the preliminary removal..

ill add all the logs requested and hopefully we can do something from there

thanks.

and btw i found another problem, earlier i mentioned that 9669.com virus which has been quarantined by avast, now i cant access c drive as it says recycler then that virus file name does not exist....
 
OK good job.

The Recycler should go after all the below!

The MBAM found and remove many BAD items.

So another run indicated!

OK there were found/removed items in MBAM so we need to run again as the first run likely exposed things that were not even seen the first time.

So another run Quick Scan will likely find more. So UPDATE and run gain attach the new log.

Then do this...

Download SDFix to Desktop.

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

On Desktop run SDdFix It will run (install) then close.

Then reboot into Safe Mode

As the computer starts up, tap the F8 key several times.

On the Boot menu Choose Safe Mode.

Click thu all the prompts to get to desktop.

At Desktop
My Computer C: drive. Double-click to open.

Look for a folder called SD Fix. Double-click to enter SD Fix.

Double-click to RunThis.bat. Type Y to begin.

SD Fix does its job.

When prompted hit the enter key to restart the computer

Your computer will reboot.

On normal restart the Fixtool will run again and complete the removal process then say Finished,
Hit the Enter key to end the script and load your desktop icons.

Once the desktop is up, the SDFix report will open on screen and also be saved to the SDFix folder as Report.txt.
Attach the Report.txt file to your next post.
=========================================
Download ComboFix

NOTE: If you have had ComboFix more than a few days old delete and re-download.

Get it here: https://www.techspot.com/downloads/5587-combofix.html
Or here: http://subs.geekstogo.com/ComboFix.exe

Double click combofix.exe follow the prompts.

Install Recovery Console if connected to the Internet!

When finished, it will open a log.
Attach the log and a new HJT log in your next reply.

Note: Do not click combofix's window while its running. That may cause it to stall.

Mike
 
thanks mike, ill giv the MBAM another run and have just updated it, so when thats done ill save the log and do the rest u asked me to

cheers
 
OK I will be here another 15-20 minutes then I have meeting that may be until 3-4 hours but I will check in as soon as I get back.

Just get then sent.

Mike
 
ahhh mike big problem!!

after running the MBAM again, it found another infected file trojan which was boot.ini or sumthin along those lines

then i installed that next software u gave and restarted my laptop

now on my laptop is says "windows could not start because the following file is missing or corrupt:
<windows root>\system32\hal.dll

and i dont have a copy of windows anywhere..... so is there somewebsite i can get a copy of that file from then boot from floppy or sumthing?

what do i do?!?!?!?!
 
First this is recoverable so do not do anything drastic we can fix it!

Did you get to Combofix, and if so did you add the Recovery console?

We may need a windows cd even if you have to borrow one.

Also this is not the fault of MBAM but indicates you definitely had something that was large and in charge!

If you installed the recovery console then boot to it and skip down to At the prompt and continue from there down.

If you did not install the recovery console then do the below to get it!
On another computer..

Download RC.ISO (Bootable Recovery Consle) from Here:

http://www.thecomputerparamedic.com...

Now burn this ISO image to a CD
Once the CD is created, place it in the problem computer

Then reboot that CD in the CD-ROM drive.
Make sure the PC is set to boot from the CD as the primary boot device.

When the PC boots, it will boot from the CD...after the first several screens load, you will be given a choice to choose R for Recovery Console.

You will be asked to log in.

At the prompt
type
bootcfg /rebuild
Hit the Enter key
then
type
exit

This will reboot the computer hopefully into windows if not there can be other steps.

Mike
 
thanks mike, i paniced

luckily my dad is a bit of a computer wiz and he managed to fix it, took him several hours though and the virus is gone

thanks for all your help
 
Status
Not open for further replies.
Back